reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://reurl.cc/6e9zk5
Effective URL:
https://reurl.cc/6e9zk5
Submission: On June 17 via api (June 17th 2022, 12:04:38 pm UTC) from JP — Scanned from JP

Summary HTTP 449 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 73 IPs in 6 countries across 57 domains to perform 449 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 220180.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
15	143.204.86.83 143.204.86.83	16509 (AMAZON-02) (AMAZON-02)
33	2600:9000:206... 2600:9000:2066:8c00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2404:6800:400... 2404:6800:4004:813::200e	15169 (GOOGLE) (GOOGLE)
1 11	209.58.188.181 209.58.188.181	133752 (LEASEWEB-...) (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd.)
11	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21d... 2600:9000:21d2:9000:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.244 192.0.78.244	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:303... 2606:4700:3032::ac43:b27d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:6009	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
5	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
5	2406:2000:a4:... 2406:2000:a4:9fe::1	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
35	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 6	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
5	2600:9000:21d... 2600:9000:21d2:4c00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
2	180.222.102.159 180.222.102.159	24506 (YAHOO-TP2...) (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED)
1	2406:2000:e4:... 2406:2000:e4:1504::6000	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
7	52.197.44.129 52.197.44.129	16509 (AMAZON-02) (AMAZON-02)
13	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2404:6800:400... 2404:6800:4008:c13::9b	15169 (GOOGLE) (GOOGLE)
6	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
6 12	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
6 6	172.105.199.172 172.105.199.172	63949 (LINODE-AP...) (LINODE-AP Linode)
2	209.58.171.197 209.58.171.197	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
10	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
10	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
3 7	23.108.102.145 23.108.102.145	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
5	34.117.219.39 34.117.219.39	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
16 37	172.217.31.130 172.217.31.130	15169 (GOOGLE) (GOOGLE)
2	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
1	210.59.219.181 210.59.219.181	() ()
8	35.75.198.235 35.75.198.235	16509 (AMAZON-02) (AMAZON-02)
15	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
48	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
1	180.222.102.162 180.222.102.162	24506 (YAHOO-TP2...) (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED)
1	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:80b::2001	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4004:81f::2002	15169 (GOOGLE) (GOOGLE)
4 8	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
30	2404:6800:400... 2404:6800:4004:810::2001	15169 (GOOGLE) (GOOGLE)
6	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 6	23.10.15.201 23.10.15.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 11	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
3 5	23.44.53.47 23.44.53.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2404:6800:400... 2404:6800:4004:821::2006	15169 (GOOGLE) (GOOGLE)
6	216.58.220.130 216.58.220.130	15169 (GOOGLE) (GOOGLE)
1 1	104.45.178.220 104.45.178.220	() ()
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	31.220.27.155 31.220.27.155	() ()
2 2	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	150.95.47.242 150.95.47.242	7506 (INTERQ GM...) (INTERQ GMO Internet)
1 1	23.106.127.38 23.106.127.38	() ()
2 3	2a02:6b8::90 2a02:6b8::90	() ()
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	209.54.180.144 209.54.180.144	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2406:da18:929... 2406:da18:929:5a03:84c0:247d:fa50:b665	() ()
3 4	104.254.150.241 104.254.150.241	() ()
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	23.45.61.118 23.45.61.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1f18:612... 2600:1f18:612b:4264:95d7:83c7:b563:cce1	() ()
2 4	2001:df2:a300... 2001:df2:a300:bbbb::135	() ()
4 4	54.254.238.16 54.254.238.16	() ()
2 4	2606:4700:440... 2606:4700:4400::6812:230b	() ()
2 2	161.202.200.115 161.202.200.115	() ()
4 4	185.84.60.30 185.84.60.30	() ()
2	2606:4700::68... 2606:4700::6811:190e	() ()
8 8	2404:6800:400... 2404:6800:4004:820::200e	() ()
2	2404:6800:400... 2404:6800:4004:33::7	() ()
2	2404:6800:400... 2404:6800:4004:29::a	() ()
2	2404:6800:400... 2404:6800:4004:18::6	() ()
2	2404:6800:400... 2404:6800:4004:1f::a	() ()
449	73

5 35.185.130.121 (Taipei, Taiwan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.86.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-83.nrt12.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:2066:8c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:813::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 209.58.188.181 (Central, Hong Kong) 1 redirects

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21d2:9000:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.244 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b27d (United States)

ASN13335 (CLOUDFLARENET, US)

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2406:2000:a4:9fe::1 (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21d2:4c00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.222.102.159 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
PTR: media-router-flurry71.prod.media.vip.tp2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:e4:1504::6000 (Taiwan)

ASN56173 (YAHOO-SG3 internet content provider, SG)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.197.44.129 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c13::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.96.119.68 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.105.199.172 (Tokyo, Japan) 6 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.58.171.197 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4004:827::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.108.102.145 (Singapore) 3 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 172.217.31.130 (United States) 16 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.181 (None, )

ASN- ()

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.75.198.235 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.222.102.162 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
PTR: beap1.cbs.vip.tp2.yahoo.com

tp2.beap.gemini.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:80b::2001 (Australia)

ASN15169 (GOOGLE, US)

09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4004:81f::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2406:2600:4::b (Japan) 4 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2404:6800:4004:810::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.10.15.201 (Tokyo, Japan) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-201.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 8.39.36.141 (Los Angeles, United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.53.47 (Tokyo, Japan) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-47.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4004:821::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.45.178.220 (None, ) 1 redirects

ASN- ()

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (None, ) 1 redirects

ASN- ()

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.99.243 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.242 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.38 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (None, ) 2 redirects

ASN- ()

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.180.144 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a03:84c0:247d:fa50:b665 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.150.241 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.61.118 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:95d7:83c7:b563:cce1 (None, )

ASN- ()

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:df2:a300:bbbb::135 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.254.238.16 (None, ) 4 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:230b (None, ) 2 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 161.202.200.115 (None, ) 2 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.30 (None, ) 4 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:820::200e (None, ) 8 redirects

ASN- ()

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:33::7 (None, )

ASN- ()

r2---sn-oguesnde.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:29::a (None, )

ASN- ()

r5---sn-oguelnze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:18::6 (None, )

ASN- ()

r1---sn-oguelnle.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:1f::a (None, )

ASN- ()

r5---sn-ogul7ne6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com	876 KB
66	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 131430 fcm.holmesmind.com Failed c.holmesmind.com — Cisco Umbrella Rank: 99037 adcdn.holmesmind.com — Cisco Umbrella Rank: 133649 ad.holmesmind.com — Cisco Umbrella Rank: 87281 fp.holmesmind.com — Cisco Umbrella Rank: 129810 m.holmesmind.com — Cisco Umbrella Rank: 235070 ccm.holmesmind.com — Cisco Umbrella Rank: 307467	174 KB
62	doubleclick.net 16 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 125 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283	583 KB
39	2mdn.net 8 redirects s0.2mdn.net — Cisco Umbrella Rank: 265 gcdn.2mdn.net r2---sn-oguesnde.c.2mdn.net r5---sn-oguelnze.c.2mdn.net r1---sn-oguelnle.c.2mdn.net r5---sn-ogul7ne6.c.2mdn.net	2 MB
35	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 88598 db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net	25 KB
24	criteo.com 4 redirects bidder.criteo.com — Cisco Umbrella Rank: 739 gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507	20 KB
23	scupio.com img.scupio.com — Cisco Umbrella Rank: 65161 bw.scupio.com — Cisco Umbrella Rank: 125585 prebid.scupio.com Failed rec.scupio.com — Cisco Umbrella Rank: 126572	384 KB
20	aralego.com 4 redirects agent.aralego.com — Cisco Umbrella Rank: 257095 hb.aralego.com — Cisco Umbrella Rank: 13530 ads.aralego.com — Cisco Umbrella Rank: 31192 sync.aralego.com — Cisco Umbrella Rank: 2588	9 KB
18	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1193 eus.rubiconproject.com — Cisco Umbrella Rank: 601 token.rubiconproject.com — Cisco Umbrella Rank: 762 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 24651 pixel.rubiconproject.com	28 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 35046 gocm.c.appier.net — Cisco Umbrella Rank: 2561	3 KB
16	google.com www.google.com — Cisco Umbrella Rank: 9 adservice.google.com — Cisco Umbrella Rank: 92	5 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	231 KB
11	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 4553	177 KB
7	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 15592 adservice.google.co.jp — Cisco Umbrella Rank: 38796	2 KB
6	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17344	1 KB
6	yahoo.com 1 redirects ads.yap.yahoo.com — Cisco Umbrella Rank: 8448 geo.yahoo.com — Cisco Umbrella Rank: 1256 tp2.beap.gemini.yahoo.com — Cisco Umbrella Rank: 31386 ads.yahoo.com — Cisco Umbrella Rank: 1168 pr-bh.ybp.yahoo.com	6 KB
6	reurl.cc 1 redirects reurl.cc — Cisco Umbrella Rank: 220180 storage.reurl.cc	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	4 KB
4	adform.net 4 redirects c1.adform.net	2 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	turn.com 2 redirects ad.turn.com r.turn.com	2 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	yimg.com s.yimg.com — Cisco Umbrella Rank: 382	39 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 402	479 B
3	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	2 KB
3	yandex.ru 2 redirects an.yandex.ru	980 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	127 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	570 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 101127	11 KB
2	cloudflare.com cdnjs.cloudflare.com	63 KB
2	simpli.fi 2 redirects um.simpli.fi	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1069	522 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 384	946 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 652	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
2	lndata.com cm.lndata.com — Cisco Umbrella Rank: 172231	940 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 329	67 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 91	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	34 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	59 KB
1	tremorhub.com partners.tremorhub.com	183 B
1	linkedin.com px.ads.linkedin.com	574 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	457 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 131561	359 B
1	uuidksinc.net 1 redirects s.uuidksinc.net	288 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com	462 B
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 7695	515 B
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 555	5 KB
1	alphaloan.co blog.alphaloan.co	274 KB
1	gbyhn.com.tw img.gbyhn.com.tw	141 KB
1	racingcharger.tw img.racingcharger.tw	184 KB
1	creditcards.com.tw creditcards.com.tw	58 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3432	45 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5553	1 MB
1	re-news.tw storage.re-news.tw	5 KB
449	57

	Domain	Requested by
48	pagead2.googlesyndication.com	ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net reurl.cc tpc.googlesyndication.com www.googletagservices.com
37	cm.g.doubleclick.net	16 redirects googleads.g.doubleclick.net reurl.cc eus.rubiconproject.com
33	cdn.holmesmind.com	reurl.cc cdn.holmesmind.com ad.holmesmind.com
30	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net reurl.cc pagead2.googlesyndication.com
28	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
23	s0.2mdn.net	googleads.g.doubleclick.net reurl.cc s0.2mdn.net
15	img.scupio.com	reurl.cc img.scupio.com
13	static.criteo.net	cdn.holmesmind.com reurl.cc static.criteo.net img.scupio.com
12	ad2.apx.appier.net	6 redirects reurl.cc
11	cdn.aralego.net	reurl.cc agent.aralego.com ads.aralego.com
10	sync.aralego.com	ads.aralego.com reurl.cc img.scupio.com
10	www.google.com	reurl.cc tpc.googlesyndication.com googleads.g.doubleclick.net
10	bidder.criteo.com	img.scupio.com static.criteo.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net reurl.cc
9	securepubads.g.doubleclick.net	cdn.aralego.net securepubads.g.doubleclick.net
8	gcdn.2mdn.net	8 redirects
8	gum.criteo.com	4 redirects static.criteo.net
8	ccm.holmesmind.com	reurl.cc cdn.holmesmind.com
7	token.rubiconproject.com	5 redirects eus.rubiconproject.com
7	db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net	reurl.cc t.ssp.hinet.net cdn.holmesmind.com
7	ads.aralego.com	3 redirects agent.aralego.com ads.aralego.com
7	ad.holmesmind.com	cdn.holmesmind.com img.scupio.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net reurl.cc
6	mug.criteo.com	reurl.cc
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	adservice.google.co.jp	securepubads.g.doubleclick.net pagead2.googlesyndication.com
6	gocm.c.appier.net	6 redirects
6	prebid-asia.creativecdn.com	cdn.holmesmind.com img.scupio.com
6	c.holmesmind.com	1 redirects cdn.holmesmind.com reurl.cc img.scupio.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fp.holmesmind.com	cdn.holmesmind.com
5	adcdn.holmesmind.com	cdn.holmesmind.com
5	bw.scupio.com	img.scupio.com ajax.googleapis.com eus.rubiconproject.com
5	reurl.cc	1 redirects reurl.cc
4	c1.adform.net	4 redirects
4	pm.w55c.net	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	eus.rubiconproject.com	reurl.cc eus.rubiconproject.com
4	s.yimg.com	ad.sitemaji.com s.yimg.com reurl.cc
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	an.yandex.ru	2 redirects reurl.cc
3	www.googletagservices.com	googleads.g.doubleclick.net
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	www.google-analytics.com	reurl.cc www.google-analytics.com
3	ad.sitemaji.com	reurl.cc ad.sitemaji.com
2	r5---sn-ogul7ne6.c.2mdn.net	reurl.cc
2	r1---sn-oguelnle.c.2mdn.net	reurl.cc
2	r5---sn-oguelnze.c.2mdn.net	reurl.cc
2	r2---sn-oguesnde.c.2mdn.net	reurl.cc
2	cdnjs.cloudflare.com	s0.2mdn.net
2	um.simpli.fi	2 redirects
2	s.tribalfusion.com	googleads.g.doubleclick.net
2	a.tribalfusion.com	2 redirects
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	match.adsrvr.org	2 redirects
2	image6.pubmatic.com	2 redirects
2	x.bidswitch.net	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	rec.scupio.com	img.scupio.com
2	m.holmesmind.com	cdn.holmesmind.com
2	cm.lndata.com	cdn.holmesmind.com
2	hb.aralego.com	img.scupio.com
2	ads.yap.yahoo.com	s.yimg.com reurl.cc
2	ajax.googleapis.com	img.scupio.com
2	www.facebook.com	reurl.cc
2	connect.facebook.net	reurl.cc connect.facebook.net
2	cdn.jsdelivr.net	reurl.cc
1	partners.tremorhub.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.yahoo.com	eus.rubiconproject.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-apac.rubiconproject.com	1 redirects
1	ssbsync.smartadserver.com	1 redirects
1	sync.dsp.reemo-ad.jp	1 redirects
1	s.uuidksinc.net	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	s-cs.send.microad.jp	1 redirects
1	09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tp2.beap.gemini.yahoo.com	reurl.cc
1	www.google.co.jp	reurl.cc
1	prebid.scupio.com	img.scupio.com cdn.holmesmind.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.xx.fbcdn.net	www.facebook.com
1	geo.yahoo.com	reurl.cc
1	blog.alphaloan.co	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	agent.aralego.com	1 redirects
1	storage.re-news.tw	reurl.cc
1	storage.reurl.cc	reurl.cc
0	fcm.holmesmind.com Failed	cdn.holmesmind.com
449	100

This site contains links to these domains. Also see Links.

Domain
youtils.cc
re-news.tw
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2022-05-06` - `2022-08-04`	3 months	crt.sh
feebee.com.tw R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-26` - `2022-06-24`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-30` - `2022-10-27`	6 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
tls.automattic.com R3	`2022-05-18` - `2022-08-16`	3 months	crt.sh
*.gbyhn.com.tw E1	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.ssp.hinet.net	`2021-10-12` - `2022-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
m.yap.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-02` - `2022-08-03`	5 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-11` - `2022-08-10`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.t.ssp.hinet.net	`2022-04-14` - `2023-04-14`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2021-11-29` - `2022-12-07`	a year	crt.sh
*.beap.gemini.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-10` - `2022-11-02`	6 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh

This page contains 72 frames:

Primary Page: https://reurl.cc/6e9zk5
Frame ID: 4005E9C2CB90128FBF9BE769DE12648A
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 24E0945D078DD886FA60B7C470BD68C9
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: B8E3AB1F01FD7B5956C3E0EAABF63467
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 1298147B06A010914C3655547A2E548A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: DCD6F6848662E952DBE3B4DA4F19A49A
Requests: 13 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: C84EA0E803047CA3ECF247C1FC996178
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: AC45B25199F6D88104BFCBD47A42ED99
Requests: 23 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.62
Frame ID: DF8D1E244BE81E5EBBEC51F1E1A3F54C
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.62
Frame ID: B21F02AE50BCB50481A8D1BEAE319679
Requests: 16 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 317F8E497349A7A728F9DD6678081F58
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Frame ID: 3D40740E8783B4D5745DA6A4EE12891F
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Frame ID: F054008B3A46D7D6554F001E132C0407
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Frame ID: 8E322AFB44E080FD4F4314DDF1C5695B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 53A07968EBBCA6228A9EDCF014807076
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: FD060C4C4FA785564EF1FE95E28F1522
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: 1A756D994C3259CC46F326A37F2F6718
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 617D9C951F0644E760BD525536FC8346
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 79102099E5469849C362666FE7B53CF9
Requests: 18 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 742978C99E6B5D6B467EA8094FF7AB9F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: D267888C540E92FC7877EC14DF91ED8E
Requests: 21 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F6D8EA5D9486A288CE95470AEC3665E4
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 48CFFA25E753228348980924CD33A941
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Frame ID: AFCF248D6FE6E8531FDD4C81A48D338F
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Frame ID: FD6263183590DEB98F7FF119C8397F51
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 83925DBE4FB47F340C8EF5E648419858
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B5919A79DCC6E544B678E25A784597AC
Requests: 8 HTTP requests in this frame

Frame: https://09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 05D1C3C54BA8E6B55AB133FD568003BD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: B028689A5D1E706D9DA14A53D023532A
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: D4E56F7EC9D70118742B16F0186C9F91
Requests: 5 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 94E719E7232EAD21244AE9440BBD2354
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299
Frame ID: AFE61C30CFD24C7876E11F6D8EAC7063
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 5B85AB561E62F6D7A779DC391198A968
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 1970DE56399635348373A1375B5DBC9E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: D66E26DA4B0DDFA2660C4199406CC309
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: D13E62F65B3056AA7E2568B31FC716AB
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
Frame ID: 1031EC576516AAC0476899087FE06182
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 593BA9D120526752CAFE898A905CB8CF
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: CB0A16D5AA836CF91BA875E00C9D4A78
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
Frame ID: CADACDBB6FE62A1BC52DBAD5B029D298
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 63C07DDAD3C340A28D8C16983E84BFBF
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B695671E98D1B9520027ED5FEE4C515D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B61F707D707CEC11398749F58825C231
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: BE20E3B49C9595367C97454ABC30CC2F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2C1C2C5F35ACBBB7C315DA4429A48255
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B9F69519360519AB52653F1C930C81B4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FC512E7911BA4A5B62102601EA5A3DFC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYhYj7pwEwAQ&v=APEucNX85WEfRG6WkcqvVkf84FyBWY62b--gWJulkDTbjfuXtRCLKiUDTX9DdxRd0vQ9nBRm1u5CNr-N9f6jM8tPwsSXK__rXg
Frame ID: 67D27F742DF38E1B358934F38D9AA89A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAaWjKsIWbaIu1COr1FccjtkGW_dTSDiXBpHHAWRuTGOZin9Q4VT5wM-RV1iS88fIC8tc0A8JGKX60ZxwSlSHdfgCwUiRTgGvJcL5-MdOct0gSrrL5lfz9_RSwADMjPnH53YpyL4SvSnoIK3SzIuEm0W73hQ&dbm_d=AKAmf-DUp8RsbJQqCnF1XNFfywP5FgDDDbcwWfSnOT3G2mOxgC6z51088j0FwPC1FQV2RTmb2b0ufp9mgyX3Tb6aH6OS2GRSpWYFXlZ5VWRBQIOiAwSC2RXYHZ-wVjEHJOmgbntezbcRXeN1hzXRy8it7QF1Xcu8dvxpHtVTY1YQHNWM1xcj9QiFvcx_6342HXZJ98q3Y0r0WvQMJJFE_LmIRYDYNZwlhk63XP41NW8SZ8ddLqVGckgHc2A8mGtKurLA11Sx5euoaQlOzDWSapOZXejCPrFyL18b84eg0mUyUx9P8trosowcKaopDxwfyC6ARRwg3ixvQ4PF66Q_yAjGIiW-nHbZdDyiaq6qXFEum20SNFEuS47dWEEGCzJ_P99hW1hs3M-eCVRJuQ38pLipkUu0ZnxQqoIGj_1cQZ3rJrCi6VShlIB2_KEFcm_5ysko_pM6Nm8KT7ERnibGMaQ9bSb35kUSa5C0nwAql0kzmU8Msy697G_OMSQUcbCFTonZEhfRHir6AL6lbIpTFpN5Z4pEz8krckl5mHPNENYUObRzh_6ErePdQSGS9GjxCJEZK9twiCyjQAfjpfY-pjyHXj5CM_VoxLMEBmuG6YZ_m5ZITsQcW4PuOWsPtHmKiUvTpHTP_E_hJa7ogNhBEy3BDEpNvXAlLD-qCW3JmC5yT84vzBKx5upW2entejYo6W23DBy7c9--DE7K0s9-LshyFFM-Vb2wx9zTMFVCwEwqLJMBbKHSeIGVK2ESFP3cLh9MX0693B8vyRLkekSd8M3s7ozfjTmrcIZXzHcP84RRc2KG8qOfwpkinmRXHhufhUIlI9mnQCd-QdFN53xJUW6XTfVJaPxIAmOxkv_tHPsVdIwHOGdzgfM0cUEJ_cMDltUwEXkwTEQz5iU-CyQnvKXisLEqv6LFkWxnL741ZYQ3R7u2SmtmyOqrcXfR03s9foT1s75JCb_6oRcXmc-krlH3FvipzZ6p-lPCVwm2d0xzQ2-hAP60Ynwv4mP3LbPPM-wZzgRa5jr2lVDWRbxMIbHkGGnH_UJob66OZCdWG0wBmQroavwxx-YGiUVMqSugfPn85kfArBofq7fwjHzEXYmf8ETdr92xcMTN1a_sgkLDSotePArIV49YZAEHEYx7VvU5pohsyghhjXt40exvrjQCvrEqIdWoGnVDosW_3QmRxl11IBX_0_LNV07N-Oi7Iu5xh1Zypl5074jXo5x4vp_NFoqmzPY0L9Mhqf1dj_Chiy7QZIX65JY-e2h-WWET4jUu6-_5PtnvGhbR4-WdkrBZpEga_dTzFzljIJ3dFoVt8O5uN4viUAXOWrmyx6GyWfkK-MQJiMOF8p9iyDrsfJ4l_EBUe8eJThDHCW2_GbUPvH2gqNa-on4Sr7_cFM61EDVclYU7BgkWIQIX_fKk4EMndkhW5QopVaTk82RFSfDTw69D4ZrB8tZzaFRxMQiNb9PpKeuZKCNkgkV_yn4qn3Pw5-GA_djikn026fuX3oPTnVCpS408-cj16nUUB1LXgDsa-a6AG6xoG4cr6Jo9Zg5arPAQsXxLBSaeQMF0I-Zxe60lNT0DYLJ2tgoZ49oSO0FbnZ-ww-FkP7r21glUUerShO2ZzqruHHjmOS70HrzdNSwWZAqRO9ow4rTBqTkyJyDICWKSjtWxIMu2HPNPr0znrN0IgbFsN9B9FL6d13FBTpsnFC_gDgKzAxo8bg1S-mUM_IDuJfXtcQHheMg4hCSf5ePydTjXtMl-Jtb1YwNUEa_BQSA_c-KOhRV9LEHErQPNQLZYNZ7RLeE4JNyiOVKvmCGB-p3khcq9UcEhicsfBAd0MZIafoN2CrqEegbgPogI3s6Q7X0h7c20-EAl5bMaRcM6xa6dPbgkAnN-bOFZpsZHnCuFE9TEL9haO6oNYNAjxhKzx0wekPAkZlH1GLj1uJz-oDjW5rA4tzZ-wI5IND7zPbgROlsXy_2hSoiQHjOqTP87jtQBupWp3hIDqy5qoyYGFsi3Eb9CmTx-gAgjN6KHHaaDEPprjcIJMbzdfHiyF_uBcUxng6VWmIdQdKoNVUpM-QU7EKXgdfQ23K7Ah7C2LW7nbtnp8u50N0yMFcgVq9V0w-YjNpTkIoYee0Lu-p4b9_vsePpgSUy_k2-tyGifTuslaKmKaVEWsrw7AIlpZWUXWwB2VqGSH5BlXtbO3ANgoS4JRqkGAilY3SrUB_E6izG8vH-cwpuWXvjqOZB9lAMkQeB5AFWq4IgTQPGjXAKpGpvoD8PJpcPebob_hkWp8lzNdy2evA13mhNInAzmNeYR9yPGusxyaaI8QBg0SspSQwnCq3mP6QIJ9dvudPU6P62-VXwFbqDQhF7O8i1Uehh0F_SGkLT6IUBwtvUJtGTdlry61d7VfQhYUHsmX9f9gym0WWMjvy8-ui3RPkKzBNmMoNncS4fZ1rfwIjhQ8si2o6HlzgbxW74wLgxBtaVI-byxEtRDLu6YdhM-gZmeCJdcTEFozS6urf6A25zVqTc84Z5SefbUhnPhuKMSPpt2SHPcLeFNoJo2SsTUSRAQFv-87mzrD_QsUoeDKFKf5Sgy3Ngq8RO-GuCKQn6pA_p2jpC_gdR6g0sGr68ddsIcrZ4JoO0G7FnVo0cppQxf3J4lGIDFhaIa6XhYiaaQZPY5ncbR8FGTJpJuua0ZSrd1KSbVnnMMvW920YbRFgcrXTTJ-wzO7D347_RBYbnv7WdDgtn5LQED76DfqFqZpRh9-SJmKoSk8-ZT2HgYOkkzsYBpPitNsOJXUNbhUJ09N5mktIH9uZnm3fpqVCpeyVU65LR7mLNsvnUyRZ0TyRJ4oysFZHO5yDuZ85Hb-e0HpfZ2NBB1zW_I5oRHuT_eu8e0uaKI7cc7pFTOKccRXk3b3RpzBnn3-IowTYyGevoM2vm08GgwYIw-SeAtBe365GXKIHST8G720QcgTxY8DO_4_berMNwWwntTHSyWmvEFq4MLF5Q49fiLmCfQ6Zy_qUwiVZdqy9JzOqIDeNWv9XaGqP-_Z19XsQ&cid=CAASEuRoIVuxBihmOVKvPeKG8URRvw&rfl=5%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240
Frame ID: CE074676028AD353601124E8F72B08EA
Requests: 14 HTTP requests in this frame

Frame: https://61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 24D71EA9480CFD07EDB6C20F2F709070
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
Frame ID: 6C0D016EDF308060257A2CCDF8FF4A3C
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E37242344969C481D1D4477E2723D7A
Requests: 9 HTTP requests in this frame

Frame: https://bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 3718D01BCB8B02599E8FCD0548B07321
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
Frame ID: 41644CEC23CCC4E76A0FF03DDD29FE52
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88A302AA8FEF19A20D497BFFBD8D087D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7F6F98D11959F34F7217F6210B3823A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80668DEE142C86FBEBECF98B6D66B52E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNWPZLo42MRdZFInCIm0O5EzQGdbR5jSYRUxcZ7IrULd5eHDXyJp1qQBkNsqpf7dqk2Ed-Kp_BuVxtOaR5kkhK7mkaaShQ
Frame ID: BA47A6E70838ABDA1EA0A4FB864196DB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 194353C8A28DF4E28394E50C4FFB2911
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F525E0EDD37F11B92B426E22211D0E00
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNXLalEBVl0uGwiIMuc9LYxiEmTkelrISQr4gml9PyQ5tiK3adyCVp0r1TnE2ur-F5MzIWddAhSml2_fhmF78PEqDNC1fA
Frame ID: C3D770AC67D9F7C263B011B1DF0E261D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDE423D36EF99C8B3BCDDC9C7EB74E05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5DF700F30BAF257EA17E229F30DD5B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EBC2373D1EAE1E760E575DB485C87D7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C126F5771870F75E8113CEC89858CF6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 927C12441EE25DB1F4109CBD05504B93
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1515C18B16EF11FDD80AE61C687B0396
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
Frame ID: 18422E25C66384EC5AFC088EB8288451
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
Frame ID: E76EFD40F5148E784CC920D87BD28EF1
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 54D220888AD89F0252D115290223DD9A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1764BE5E0C261C6B4F31855C8050B3C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A71D890A67CB8C320A5E5ECA91BDA59
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 325AAE89A6849C8D5C75F08B9C4B0745
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

http://reurl.cc/6e9zk5 HTTP 301
https://reurl.cc/6e9zk5 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

449
Requests

85 %
HTTPS

43 %
IPv6

57
Domains

100
Subdomains

73
IPs

6
Countries

6499 kB
Transfer

11113 kB
Size

69
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://youtils.cc/big5gb
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/62ac3baf046fbcdeb316da93

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/2381

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/275924

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/28226

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/39028

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/24570

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/password/zh-Hants
Title: 密碼序號產生器

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://reurl.cc/6e9zk5 HTTP 301
https://reurl.cc/6e9zk5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk

Request Chain 36

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 62

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 74

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 75

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 118

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEAto_0KGDrmdUL416ioHCPM&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEBV3BP00-NvIIcLlU2PGQBI&google_cver=1

Request Chain 150

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 154

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 155

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

Request Chain 201

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 202

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

Request Chain 230

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=a8bPnHxubkxJcmV4STNyODR2cHVoM0xoT0hLM2tzVHNOSnBXb2dHQXNsbXZTdUZubUtKbnJLT2w0azJnMDVzTUNGanUyWXN2OWoyUDluTG4vb1QvakVCeHV4NHowcGtaN3YyeS9HUlEzWTJSVnhXWkRqMmxBVUZXa0Y0cmMzSXZJdDhiekpOMURjMENzZTZwemFBN0JSaUZEdG1oMGVZNzZ1c3RlcEZQc1VHVWJCc2Y0TE9sYnVaeEYwQ2lBdzJCWEhHSmxDRXJGNTZwcDVhQ01HdGRwYjlDYk9CdWFCUW5aTXFleFVDYXY5QVViMGtVMnlHN3YyYk9HNWNmZHAxTE4xQ3RXZU41SWRSNGJGRk91dE5HT09FSHc0Zz09fA&cppv=2

Request Chain 231

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=L3KPPHxqZmxBNDNPZHFXR0xydTZ0QUh3eUdSWjN5eWJIQkY2UU5rNFZOK1d0TGhlNzVMQ3FlRkIyL3IzTFZuUDNpeHk5S2FHYXQ3MEpMVGh0K00wL1pkVVNKS2VhSi8yeTJvRDFWYWdZTmpHNTF6TVlHRGRiRStHaUR3Mng2Z1U3ZE01Z091anhNVUpFSTRhYVpiaFdJSGdjWTA4OUtHRVBiUklPMGV5SEREWnBtZ1NRVFRoRWRzSjVZN21xMjd4dEFaS1JldysvR3Z4R0gxQmpqTEpKQWQ4aVRuUWJpdE54ZTlxSkkweUZ5TGNGd0N5TW8yVGVhZXg5SkpMZHFxZVJEcm1UQWFLZ1l1WUdGMHluZXBha0ZkN0hDVzZDUitlbHovbzl2N1BJdGx1aU9ocz18&cppv=2

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0VBMjAyMjA2MTcyMDA0MzUzOTY4Ng%3d%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0

Request Chain 237

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 240

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1NBMjAyMjA2MTcyMDA0MzU3NjEwMjA%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0

Request Chain 241

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 268

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 269

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&C=1

Request Chain 270

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yqxt1BOb..hQYQDyvN7wWgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&google_hm=2

Request Chain 302

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=1&google_push=ARnp8GDr3UnKl6c_HwxaNL5TuvGClfpypCxNyQDHZvcGlqOEDNNOMgTeZx5kQEoEpcIRatlcr5XPm5xt6OTY7vFWxQNxrQZWpdlz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ2YTc1M2UtMmY2MC00NmIyLTgyYTUtOTYwNDY0YjJiYmU3&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=1&google_push=ARnp8GDr3UnKl6c_HwxaNL5TuvGClfpypCxNyQDHZvcGlqOEDNNOMgTeZx5kQEoEpcIRatlcr5XPm5xt6OTY7vFWxQNxrQZWpdlz

Request Chain 303

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEIn75mSjSlZcBcd5lLSCuSc&google_cver=1&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEIn75mSjSlZcBcd5lLSCuSc&google_cver=1&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5&google_hm=E9OXyF28T4SXzzmEdlJ78A==

Request Chain 304

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPSs0NacyamnDiIglizGBlA&c_param1=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a

Request Chain 305

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKQdidsDbkSzQ47JvdpoGvA&google_cver=1&google_push=ARnp8GAQx_l36pqbLFeTD6lPeagT316FXbSQjOL0lLKRMk7RZaxjvHZcLfE9PFX9-7YyHkzcMzGfMNmPPmvG4MXAuK7M3_sIVo9n HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKQdidsDbkSzQ47JvdpoGvA&google_cver=1&google_push=ARnp8GAQx_l36pqbLFeTD6lPeagT316FXbSQjOL0lLKRMk7RZaxjvHZcLfE9PFX9-7YyHkzcMzGfMNmPPmvG4MXAuK7M3_sIVo9n&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1TUA99L6TFq1WZFoPon0SA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAQx_l36pqbLFeTD6lPeagT316FXbSQjOL0lLKRMk7RZaxjvHZcLfE9PFX9-7YyHkzcMzGfMNmPPmvG4MXAuK7M3_sIVo9n

Request Chain 306

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEJWTmFvt3odMRmdmnuOsj8U&google_cver=1&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7jOeDJwD5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7jOeDJwD5

Request Chain 307

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHv5mFFH-oa86pceFtSVIj8&google_cver=1&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2mP9s5NlywsDfyZM-WyT6Y6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2mP9s5NlywsDfyZM-WyT6Y6&google_hm=MTM1ODgzMjQyNDc3MDczNzM4Mg%3D%3D

Request Chain 308

https://an.yandex.ru/mapuid/google/CAESEOCoWaXniXKy2ack6-ibLF0?ext-param=ARnp8GAGTEGcRylDUzkbzekyzPso1d4n0dE3sGGL-rkEBhbZ_b6jxsPvNLXP_zsL6f9ru1gyMnQ33jFNe_spVPwA8UAx1oRAXUbKGw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEOCoWaXniXKy2ack6-ibLF0?redir-setuniq=1&ext-param=ARnp8GAGTEGcRylDUzkbzekyzPso1d4n0dE3sGGL-rkEBhbZ_b6jxsPvNLXP_zsL6f9ru1gyMnQ33jFNe_spVPwA8UAx1oRAXUbKGw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOCoWaXniXKy2ack6-ibLF0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 313

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IELC51-11-8USR HTTP 302
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IELC51-11-8USR

Request Chain 336

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJRUxDNTEtMTEtOFVTUg==

Request Chain 337

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oAUD_9IYSyyywAcauYTMVw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oAUD_9IYSyyywAcauYTMVw

Request Chain 338

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IELC51-11-8USR

Request Chain 339

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dfd58ca5-2bf0-4dbc-ab27-5e3caf35d789&gdpr=0&gdpr_consent=&expires=30

Request Chain 340

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOHIzRLorQfFI0HHtXV4Xbg&google_cver=1

Request Chain 341

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IELC51-11-8USR&sigv=1&esig=2~36092e18319634b1d859e460c5215082579c7ff9

Request Chain 342

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/tHDbYq3mz3cKV5n5X18AQcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9008171602180435445

Request Chain 343

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJjZTFjNGU2NWU5MzU0YmMyNDcwMGE3ZTEwNGE3MzE2M2QwMzk4ZQ

Request Chain 345

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQpPHGyoFodTjINY-MoqFY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELQpPHGyoFodTjINY-MoqFY%26google_cver%3D1

Request Chain 346

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4NDQ2OTg4NDIzNDc0OTY3

Request Chain 347

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEblMUuqFsP9Htyd0dtavpY&google_cver=1

Request Chain 348

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2NmMWU3ZjktZjY0OS0yNDExLWUwNjktOWRmODgxNTE0MTFl

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELQMW32ItQ7R_ITsjmIKHp0&google_cver=1

Request Chain 351

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDczM2EyMmQtYzE4ZC00MjNjLTkwMGYtYWExNmRkOTQ0N2My

Request Chain 352

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEOBsGC1W4YbVGDwqBOApZz4&google_cver=1

Request Chain 368

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1&google_push=ARnp8GAGYz3Icof-7PaOgmVDUbkkhAjhx2xImZoWG1grSt5hS9u7iDiQCZwDcRPbUIIwcD0WcCca7SAOi9gc0QNPxI9JFuyVRUO- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkzNDg5ODA2MjQ3NTIwNDA1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1

Request Chain 369

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5GcYHEPpxqfpf9e4tkRcGKle8nNzOdusLEr2N9HQ6xOAVzsGkRleCeX HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5GcYHEPpxqfpf9e4tkRcGKle8nNzOdusLEr2N9HQ6xOAVzsGkRleCeX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NldiU05oZlgxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5GcYHEPpxqfpf9e4tkRcGKle8nNzOdusLEr2N9HQ6xOAVzsGkRleCeX

Request Chain 370

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 371

https://um.simpli.fi/gp_match?google_gid=CAESEBeWdrAEIMmH4UutEDBibNQ&google_cver=1&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG3jC4QwzDxrkJl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CDF1BBFD22C141CBA9189A2126525508&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG3jC4QwzDxrkJl

Request Chain 372

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFCh-kuof10LBceYhYuY-aI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFCh-kuof10LBceYhYuY-aI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNTc1NjM2NTY2MjY2NjQxNw&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFCh-kuof10LBceYhYuY-aI

Request Chain 385

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1&google_push=ARnp8GDlN1zgWENcZqX42g1n36_PammGTSfXuzA8mJ5UrrzZXymXBYVw_eYdhs0TGXzZsO0NaOh9pH-XfRE-7Ii8I-XjYjsCP7FB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMzMjAxODM2MDU3ODgwNzI1OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1

Request Chain 386

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYaNNsI4ctQVkKulSWdVd8SFfQ7Gp_hD2bqwCgtk402uk_sN311Z7Jw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYaNNsI4ctQVkKulSWdVd8SFfQ7Gp_hD2bqwCgtk402uk_sN311Z7Jw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVFLemxCaUsxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYaNNsI4ctQVkKulSWdVd8SFfQ7Gp_hD2bqwCgtk402uk_sN311Z7Jw

Request Chain 387

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 388

https://um.simpli.fi/gp_match?google_gid=CAESEBeWdrAEIMmH4UutEDBibNQ&google_cver=1&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F30sCvXWZLBtY5W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DC0F567862FF4D2C95A4A10117B587E2&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F30sCvXWZLBtY5W

Request Chain 389

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2KSjlcqybZ-ujY8F6NwLyG HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2KSjlcqybZ-ujY8F6NwLyG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk5NDcwNTUwNDg5MzAzNDA5MQ&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2KSjlcqybZ-ujY8F6NwLyG

Request Chain 412

https://gcdn.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4749E3FFE9BA2D77812CF4DAF203FB709D4D1B6D.7D40E0E286DD06E75AD484501DA16412F53045EB/key/cms1/mh/Xk/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoe7n7s/ms/onc/mt/1653281612/mv/u/mvi/4?file=file.mp4 HTTP 302
https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2DEBD430076EC72FB0C570137347894933BFDA81.0B0F9B33ADEF1ACAE89D826CC8615D319C425985/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4

Request Chain 413

https://gcdn.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/05DAC327F3A3A41791BB2733A9B1F59427C61B.748C27E1341A458D43C54FBF2B421DACA8443290/key/cms1/mh/q7/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoe7n7y/ms/onc/mt/1653281612/mv/u/mvi/2?file=file.mp4 HTTP 302
https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3876E934BF0014BB746091DB1646B6B3D0BADA45.4C929A9A6B1E1F14A40AD6DCF7B86CD5E4AD2ACE/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4

Request Chain 414

https://gcdn.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/85283D3988625C0B4153108F64CEEDD1BFD8B646.41FE5F6A0070325B4C2708E2470C3C52E6040E22/key/cms1/mh/ka/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoldn7e/ms/onc/mt/1653281612/mv/u/mvi/4?file=file.mp4 HTTP 302
https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/37FCB49420DD5EC8AF1D55A0FED18264405365E1.4CCF4910DF6060FF0D3122213791CBC4D225070A/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4

Request Chain 415

https://gcdn.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,ratebypass,source/signature/06A5CAD4A36C1C1F71EE5C15A25BAB7022170C7A.7DED6BE3C99EA8B65BDA14124B169F577DD478C2/key/cms1/cms_redirect/yes/mh/05/mip/158.140.129.75/mm/28/mn/sn-htgx20capj-npos/ms/nvh/mt/1653281680/mv/u/mvi/1/pcm2cms/yes/pl/24/file/file.mp4 HTTP 302
https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2D7FBB17FD6978AA25FF9827A15CC2FF3F33B58E.79C0A91566176F5885984A69760EBC05993EF14C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4

Request Chain 433

https://gcdn.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/4749E3FFE9BA2D77812CF4DAF203FB709D4D1B6D.7D40E0E286DD06E75AD484501DA16412F53045EB/key/cms1/mh/Xk/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoe7n7s/ms/onc/mt/1653281612/mv/u/mvi/4?file=file.mp4 HTTP 302
https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/02A203FE59E58DE3F5CD2BA93821CB6D915E8BF7.8119A5BFD9AA472F77D9433533858A2273A9F083/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4

Request Chain 435

https://gcdn.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/05DAC327F3A3A41791BB2733A9B1F59427C61B.748C27E1341A458D43C54FBF2B421DACA8443290/key/cms1/mh/q7/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoe7n7y/ms/onc/mt/1653281612/mv/u/mvi/2?file=file.mp4 HTTP 302
https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/5A1E019AE8BA1F8208BC3299C64C0916E03D14DB.074661022D9B6810BEA99F80904D24BED75BD947/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4

Request Chain 436

https://gcdn.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/85283D3988625C0B4153108F64CEEDD1BFD8B646.41FE5F6A0070325B4C2708E2470C3C52E6040E22/key/cms1/mh/ka/pl/24/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/158.140.129.75/mm/42/mn/sn-npoldn7e/ms/onc/mt/1653281612/mv/u/mvi/4?file=file.mp4 HTTP 302
https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DBEF8A01FA814A636BB7849D3059B854C7C4AFD.2AEF52677BA0BC9B8F0F9A7AA9C385D054F8E685/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4

Request Chain 437

https://gcdn.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,ratebypass,source/signature/06A5CAD4A36C1C1F71EE5C15A25BAB7022170C7A.7DED6BE3C99EA8B65BDA14124B169F577DD478C2/key/cms1/cms_redirect/yes/mh/05/mip/158.140.129.75/mm/28/mn/sn-htgx20capj-npos/ms/nvh/mt/1653281680/mv/u/mvi/1/pcm2cms/yes/pl/24/file/file.mp4 HTTP 302
https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/10CB84412B6972C8E75209AF2427D93412D94CF4.3451959685861C640BAC78FEBF2FB2DCE5E7983C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4

Request Chain 443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=6Zbf-HxzUXhVdGtyb2lxZHhpaEsxT3czNUw2bXRZcVBhMmZNdXY2SVl6T3NBRTMyUjVYSXI0UzUxazBCeDF1b1dHYnpHeldCd0dYWkJ0ME5sQkV0SFNocWZ2RHl1L09xdVdvcjkrVEVHeWIwNXV5V2tyRlk4U1lYWkM2aVM2bzlNeFhZVi9pT0lmZktIYTVZb2JjdG5GY1hUVCtLdW1FbkR6Um8rMW5FRHh3Q3VXYWZ4WXVhNGlQRkgrbkNpVjlBVUhYUmpMd29qUUhOMk1CeEswbHlUWFlpS1RkNHk4ZDYzNlp3dHhlSWZqSjB4ekxESnJSQXFFM0lIOU1UZEVkWG8rYWxWMGVyWVVER05JUCtXdDBOTkdmQktCU2k5emE0eU4yS1VxVjBXMFhucThlZz18&cppv=2

Request Chain 446

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xU45ZnxKajNZOTFTMy9jU2h3R25FZS9SRVI3Z2puTjBicHcwUFlqUzkvaGJyV0h6TElPUHRaZFJLQk5HcTNUenhmcjFGeGFlWndMOWtibEFBM2xWd1dxdnp2UnZkbWs4ZUVoMk1OL0x1dDZkV0VmTkVxeW01Rjh4S0pTcEN6cXM3N1BFbUgralVsQWxUVUFVT0VRVmJJcWJJSVBlRTIrQ3RrMzFLNjdxUkpUZjk3dGRxdmpPOTEzQ2dVQUc1TS8xSG9yR1FmT21FTTU2WTA2UjMvN1NVTnNmQWZaSnJnVkFuUnI5dUV4OE55dTgxVHhLZlNseEZrc2tvcHV4dkFCWll2YlFiRDNlQkdhSGRlOG5VaFRNQjVLVmJiUT09fA&cppv=2

449 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 6e9zk5 Show response
reurl.cc/
Redirect Chain

http://reurl.cc/6e9zk5
https://reurl.cc/6e9zk5

7 KB
2 KB

161ms
53ms

Document
text/html

35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b8154ef2bad9c16951f463ab4cd5dfd7c19f13e1698f9691fb67a1258acbfda7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Fri, 17 Jun 2022 12:04:32 GMT
Location: https://reurl.cc/6e9zk5
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 26ms
11ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3120479
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19123-FRA, cache-cdg20773-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25ix0l3M00zcMnXA2rP5ma620SmFqo6P%2Fd9Y522PxVUt2ivfktIiNopVywQDTvpgRT3SMalRxlVcgpCOVpvbv%2Bvpyco8bS8eEeymt1pJiRExGzs0HD3unYDHcNEeIrfhkwuuAUC0XbyVe3q3Xdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71cba5fb2fd834ab-NRT

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 3 KB
1 KB 20ms
4ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 05:30:11 GMT
via: 1.1 google
last-modified: Thu, 05 May 2022 00:38:33 GMT
age: 23662
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public,max-age=28800
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1091

GET
H2 200 pixel.js Show response
reurl.cc/javascripts/ 470 B
559 B 53ms
49ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/6e9zk5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Sun, 08 Aug 2021 17:07:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"61100f5a-1d6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 17 Jun 2023 12:04:33 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.6.11/dist/ 91 KB
35 KB 27ms
13ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.11/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2445005
x-jsd-version: 2.6.11
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA, cache-tyo11923-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jet05UgbMD7VHZi6e%2Fv7%2B3jarKwOAg%2BsVRFhNzDf5lV7PgZum63EjmQ7YEd4t9Gw50b34l25AgIqFm3NSkGiZ6gJx7YPKDe0EaNIYcXR6kSIqgwzHKAAgrPswIh18lVER4pFeiLSSuuL63ih4Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71cba5fb2fd934ab-NRT

GET
H2 200 renews.js Show response
reurl.cc/javascripts/ 698 B
561 B 55ms
50ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/6e9zk5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 00:38:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"62731c89-2ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 17 Jun 2023 12:04:33 GMT

GET
H2 200 ysm_reurl.js Show response
ad.sitemaji.com/ 17 KB
6 KB 12ms
4ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_reurl.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 04:37:03 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 26850
etag: W/"5d0b49e9-4488"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
expires: Sat, 18 Jun 2022 04:37:03 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 73 KB
23 KB 14ms
4ms Script
application/javascript 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 36636efc3cf08e080d1af975d786696ced3faa0a26698e342273a59c7fb6fce5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:08 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 03:40:27 GMT
server: nginx/1.12.1
age: 266
etag: W/"62aaa62b-125a0"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: gOB9Riw7K5xuswY4EtoeWBCd6e8Jbn2s0x0XYwYkHknqB9B-SbLRmQ==
expires: Fri, 17 Jun 2022 12:15:07 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
7 KB 15ms
5ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 5
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: y14yjp6I1my7hPAYnQGh20Jr871rJ0W1eexuBeBSRjQyg7Ilt1aXvA==

GET
H2 200 ga2.js Show response
reurl.cc/javascripts/ 618 B
588 B 54ms
51ms Script
application/javascript 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/javascripts/ga2.js?v=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/6e9zk5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 12:16:16 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"623c6110-26a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Sat, 17 Jun 2023 12:04:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 10ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: 4DDENPsakLmdJPVmCJcNyes8lkeh53RKhlqiIQJ3UhWcwwDAVJBLAS6zmCa6cTQmcSsaMQG8e4mEHo4Lk4ax2g==
x-fb-trip-id: 382461245
x-frame-options: DENY
date: Fri, 17 Jun 2022 12:04:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 feeds Show response
storage.re-news.tw/ 5 KB
5 KB 53ms
44ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 49208d22ed999fd361d3061398d38da0b539ea359a74ed244750fabc39b9aa0a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
etag: W/"1513-ePa5i/lNK7qya01Ry9s8d00hsAs"
x-powered-by: Express
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5395

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 24E0 15 KB
9 KB 167ms
159ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0f282af981881505ec9471152e045651794ba2caf933fdeb6be3301bc08e26f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Fri, 17 Jun 2022 12:04:33 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: oMyrJNRszqUkgyg41htPhXhPU/JuraMj5qDHyMMKxULiwJ1IDDxdIKSTVNmzwupmMV7TSYcqnDlJs9l4YGRY0w==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
3ms Script
text/javascript 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3558
date: Fri, 17 Jun 2022 11:05:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 17 Jun 2022 13:05:15 GMT

GET
H2 200 reurl_passback.js Show response
ad.sitemaji.com/native/ Frame B8E3 15 KB
5 KB 5ms
4ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 10:40:14 GMT
via: 1.1 google
last-modified: Thu, 29 Aug 2019 10:21:02 GMT
server: nginx/1.12.1 (Ubuntu)
age: 5059
etag: W/"5d67a70e-3bbe"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5256
expires: Sat, 18 Jun 2022 10:40:14 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-hk/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk

42 KB
43 KB

20ms
11ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:34:53 GMT
server: cloudflare
etag: "6204dc3d-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBQ8DHR5Fr2kF%2BGUDwnHopXsHswyPQyVYonnKG9YUZcDPC64BrVeloBjtEgblwnYY4T7F6ZfrVPsX39B7Qlm8y43JUU%2BeqrZAqITSD6LUGXVh6Nlo%2Fg9DQqrZXUNEcT%2B9TCsRggHeJkmmbyFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71cba5fd69d6af7b-NRT

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/apac-hk/sdk
Connection: close
Content-length: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 1298 3 KB
3 KB 4ms
4ms Document
text/html 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 27
content-length: 3044
content-type: text/html
date: Fri, 17 Jun 2022 12:04:07 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
x-amz-cf-id: QL7h3DUqu2opWy1mXYmeMyNAga7SHEiML6pyZ_UZkEqbM2EKuY_FZg==
x-amz-cf-pop: NRT12-C5
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ 662 B
1004 B 5ms
4ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 55
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:39 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 662
x-amz-cf-id: Ip1FtigeI1H1Ul7xJXnGIwHgHQXJB42iGO4MnDQSKUe9jAnmuITuow==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame DCD6 6 KB
6 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 27
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: BhBsz64CRMetLqh7G6lYqM3Xvj2ef5tl-Sz56XoF7n2HHLqN3ANNGQ==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame C84E 6 KB
6 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 27
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: K6MJxdj3F2IO2nbowkKtLOx6cEWm8d2eRrKJJzUMMl9WeD3CnPZpBA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame AC45 6 KB
6 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 27
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: mhHQQhKwnf6HL7tCb6ctK4GtirmWxQVrlDfAqsasOfTfwCpW98KQ-w==

GET
H2 200 file.png
static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/ 1 MB
1 MB 16ms
4ms Image
image/png 2600:9000:21d2:9000:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/8d2acb_fdb46ac5354548829f23a46cc4d4a954~mv2.jpeg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:9000:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.19.9.1 /
Resource Hash: 42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 10:34:07 GMT
via: 1.1 ccbc34c31d1270b000318b6f37ee028e.cloudfront.net (CloudFront)
server: openresty/1.19.9.1
age: 5426
wix-tracer: 2AhVxCoHv3gq5NC9LIYig9W1VVw
etag: "cd5e1f4e0d0b2c0eef1efd5f48483c26"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-amz-cf-pop: NRT12-C4
timing-allow-origin: *
content-length: 1235774
x-amz-cf-id: wHqYAERJ_MNxTL0rdOj6HYZJBFarZO8Ok0jT_k2bN-fZc-U3KXcKeA==
x-seen-by: image-manipulator-86657bdb68-sv5hw

GET
H2 200 1653215412-S__67641348.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/05/ 45 KB
45 KB 11ms
3ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg?fit=767%2C555&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

3c5dd02cd4b4e5889f6b3efe5faccfbae53695ff00ba9c6df48a41e03a018348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-nc: HIT nrt 3
date: Fri, 17 Jun 2022 12:04:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Jun 2022 08:07:27 GMT
server: nginx
etag: "7822d5847d87d010"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2022/05/1653215412-S__67641348.jpg>; rel="canonical"
content-length: 45930
expires: Sun, 16 Jun 2024 20:07:27 GMT

GET
H2 200 2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2022/01/ 57 KB
58 KB 131ms
117ms Image
image/webp 192.0.78.244
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2022/01/2022-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.244 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
x-ac: 3.nrt _atomic_bur
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 58804
x-nc: HIT bur 1
last-modified: Thu, 03 Feb 2022 15:18:40 GMT
server: nginx
etag: "94c8191a1b717f18"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sun, 04 Feb 2024 03:18:40 GMT

GET
H2 200 2022051801313495.jpg
img.racingcharger.tw/wp-content/uploads/ 184 KB
184 KB 24ms
11ms Image
image/jpeg 2606:4700:3032::ac43:b27d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2022051801313495.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b27d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
cf-cache-status: HIT
last-modified: Wed, 18 May 2022 01:31:41 GMT
server: cloudflare
age: 25357
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc3DcCLO21YaoXvqbZXffdKvcCb%2FmbpzkzVMh6zBTNE3s%2Ffdj1xYYQUaW%2BU%2BQvQwqxfFAuQoj2429%2F9pqu4x9T3KL40gq%2BMrHMDP9SGNnE3FM6fA2xbr6XDw0nmPv9MemKAOxfVOFzg3KCoBuZCgl9pcaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=28800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71cba5fc2815f8cb-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 187919

GET
H2 200 1655420824-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg
img.gbyhn.com.tw/2022/06/ 141 KB
141 KB 22ms
9ms Image
image/jpeg 2606:4700:3034::6815:6009
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.gbyhn.com.tw/2022/06/1655420824-5f4c8c1d4970a526c7dd0e03447ef085-840x525.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e9505934fb894a88dbea3297bd5273091adf2aa3d4c42d7b6552a18707c21a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 143942
last-modified: Thu, 16 Jun 2022 23:07:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cDCg4cyluHQb8Rdt7%2FPEZlAUapCpV8KB1xJBnhxMF1V5YPlc%2Fvo9Azwno3u1gr8OhA%2Fr9YEteRdPnoNDVpS7bUbBDlttySnYjCMqXnYvK4BHQ7tD3za9XJpo75Xo6hCgXIRJ1Rpg8ZPgVblEpsj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 71cba5fc2d23af81-NRT
expires: Thu, 23 Jun 2022 23:09:01 GMT

GET
H2 200 %E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png
blog.alphaloan.co/wp-content/uploads/2022/06/ 274 KB
274 KB 174ms
162ms Image
image/png 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2022/06/%E4%BF%A1%E8%B2%B8%E6%A1%88%E4%BE%8B69.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
x-ac: 3.nrt _atomic_bur
last-modified: Tue, 07 Jun 2022 02:54:43 GMT
server: nginx
etag: "629ebdf3-4474e"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 280398
expires: Fri, 24 Jun 2022 12:04:33 GMT

GET
H2 200 17229.json Show response
img.scupio.com/js/config/ 461 B
851 B 15ms
6ms XHR
application/json 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 4733409211a7a3d3d490f107d6e5b846263c9a8697a10b288f49230422b41860

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:03:59 GMT
via: 1.1 fd95d915cb5f672e4b8b3613a0dde9ea.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 02:20:45 GMT
server: nginx/1.12.1
age: 48
etag: "62abe4fd-1cd"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 461
x-amz-cf-id: RTc3CVWqu4aSFsuREKJAudXnlxBmBuG4PxnN3rPBvIhaP5be1nDCcg==
expires: Fri, 17 Jun 2022 15:03:45 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 141ms
33ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.9898416031917672
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 17 Jun 2022 12:04:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame DF8D 83 KB
22 KB 3ms
3ms Document
text/html 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.62
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2372
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Jun 2022 11:25:01 GMT
etag: W/"62a7f749-14b4a"
expires: Sun, 17 Jul 2022 11:25:01 GMT
last-modified: Tue, 14 Jun 2022 02:49:45 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
x-amz-cf-id: G_iXexUYLDuWwssuKwFoFzMpVr0ZkVu8A7kz5QeXth4Sd1x5w-qblw==
x-amz-cf-pop: NRT12-C2
x-cache: Hit from cloudfront

GET
H2 200 17253.json Show response
img.scupio.com/js/config/ 461 B
851 B 7ms
6ms XHR
application/json 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5b5c859910a0da0b091abe462b45e0d31b6a54a4c73b3097bb2de2f3ebc4ba10

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:30 GMT
via: 1.1 fd95d915cb5f672e4b8b3613a0dde9ea.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 02:20:45 GMT
server: nginx/1.12.1
age: 34
etag: "62abe4fd-1cd"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 461
x-amz-cf-id: N973sGZqwJMEk_HsHJH15aSTHViffG30xv0mGZRrRbT4ax_mLclARQ==
expires: Fri, 17 Jun 2022 15:03:59 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
711 B 138ms
35ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.5726186479746596
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 17 Jun 2022 12:04:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://reurl.cc
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame B21F 83 KB
22 KB 4ms
4ms Document
text/html 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.62
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2372
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Jun 2022 11:25:01 GMT
etag: W/"62a7f749-14b4a"
expires: Sun, 17 Jul 2022 11:25:01 GMT
last-modified: Tue, 14 Jun 2022 02:49:45 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
x-amz-cf-id: emdCw1xivDZPpdpf4f8mUIWI0vt29CzxHkax3LYjUz77KZair6hn8A==
x-amz-cf-pop: NRT12-C2
x-cache: Hit from cloudfront

GET
H3 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 27 KB
7 KB 15ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5c440613a194e8288b8d776510dd081ad1a50b0006d8ba756a6be9dd4a6390c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7289
x-xss-protection: 0
pragma: public
x-fb-debug: fnkY1avL/r7d3l2Kig4ywCGAmMdHcRo94/nnzLJ8kjKnDg0XzzAKXT7pZ4rZ+iUbFf7s1G+qO9s41M6o12kwrg==
x-frame-options: DENY
date: Fri, 17 Jun 2022 12:04:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame B8E3 78 KB
30 KB 25ms
6ms Script
application/javascript 2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 11:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: CRSABD3F72BQX5ZN
x-amz-id-2: XT9zkvtQ+rx98L3Jmv/HdJqmFfp3xzG2JuWi+qtdbC/bj3PbSuw+1hTngoicGjooOeZ8zRPpklY=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Feb 2022 12:02:57 GMT
server: ATS
etag: "7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes

GET cm.php
fcm.holmesmind.com/ Frame 317F 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 1298 4 KB
2 KB 102ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:33 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame 1298
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

138ms
132ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame DCD6 575 B
643 B 19ms
6ms Script
text/html 2600:9000:21d2:4c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13798
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:4c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:00 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 93
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: 2JVSXdbEyrgSZfJJCJgTxodayAcW4uKfrZXWbH8PO7CpcmP3xmhF_g==
via: 1.1 64deaa7770e2273b39002266d56d8170.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 84ms
41ms XHR
text/plain 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2003589031&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2F6e9zk5&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1832543596&gjid=1679137788&cid=220517886.1655467473&tid=UA-102456694-1&_gid=776816040.1655467473&_r=1&_slc=1&z=1838861102

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
4ms Image
image/gif 2404:6800:4004:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2003589031&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2F6e9zk5&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=&el=&ev=1&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=220517886.1655467473&tid=UA-102456694-1&_gid=776816040.1655467473&z=24246174

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:813::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 16:28:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame C84E 471 B
604 B 7ms
6ms Script
text/html 2600:9000:21d2:4c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12679
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:4c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2347e2113a0c6d4f115bcbeb6ae2982be9b2299fb0e333933dd5d7530d63b71e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:00 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 93
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: AX_YIlGYNAf_ySjkjkH9qEd4YEOFZR1XOYYkrx-DEOaOS0Wlvg4UtA==
via: 1.1 64deaa7770e2273b39002266d56d8170.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame DF8D 95 KB
34 KB 49ms
3ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 03:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 03:46:01 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame DF8D 236 KB
83 KB 4ms
3ms Script
application/javascript 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:07 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 04:15:06 GMT
server: nginx/1.12.1
age: 267
etag: W/"625f88ca-3b04e"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: whTsyV6uLCxJIs1l9qbVRUlBALVRVEYzvovfh7klNLwptrriaBJeWQ==
expires: Sun, 17 Jul 2022 12:00:06 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame B21F 95 KB
33 KB 49ms
5ms Script
text/javascript 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 03:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 03:46:01 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame B21F 236 KB
83 KB 5ms
5ms Script
application/javascript 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:07 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 04:15:06 GMT
server: nginx/1.12.1
age: 267
etag: W/"625f88ca-3b04e"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: eikuVECnCA10UyKkjGP1YJPJAL8kc2XzwdSnLs-2kRPpasFhQ-Ev3w==
expires: Sun, 17 Jul 2022 12:00:06 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame AC45 721 B
669 B 7ms
7ms Script
text/html 2600:9000:21d2:4c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12678
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:4c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 65270abb587a4a940d5e95391923a39c85fe155383bdada55710eba9084f0c24

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:22 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 11
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: mPprXsYJ2GLliVsReA1_R3_2bMAwIJT6qqaLQr1abDNEms2Gn4PEew==
via: 1.1 64deaa7770e2273b39002266d56d8170.cloudfront.net (CloudFront)

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 7ms
3ms Image
image/gif 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2F6e9zk5&rl=&if=false&ts=1655467473420&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=28&fbp=fb.1.1655467473419.1223160288&it=1655467473324&coo=false&exp=p0&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 17 Jun 2022 12:04:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame B8E3 5 KB
3 KB 137ms
67ms Script
application/javascript 180.222.102.159
YAHOO-TP2 YAHOO! ...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2F6e9zk5&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

180.222.102.159 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),

Reverse DNS

media-router-flurry71.prod.media.vip.tp2.yahoo.com

Software

ATS /

Resource Hash

061a5e2b08a32f5a4c6c606e45ba856a5b2a3a6bef6cca6840550e1060f03844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ Frame B8E3 43 B
446 B 216ms
73ms Image
image/gif 2406:2000:e4:1504::6000
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:e4:1504::6000 , Taiwan, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:33 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43

GET
H2 200 Hq7X--n9goh.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,ja_JP/ Frame 24E0 18 KB
5 KB 11ms
3ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,ja_JP/Hq7X--n9goh.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e96d23570a21ae41a9fe619cd1040aebcdab437456cf7fbd47c86fcdc9614b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2bmBhxmDrDmveHCpMiWjOg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 4714
x-fb-rlafr: 0
x-fb-debug: aFcQGo7nct/4mWiLY9mptCEnmEaz+2+Ce4UjH0a7h4LQzYlWep8ZiLAEOXTFxxpz05lw6Kftj9ndTcuec9j3ZA==
x-fb-trip-id: 382461245
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 07 Jun 2023 23:53:05 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame DCD6 2 KB
1001 B 43ms
30ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13798&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=27&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c9444dddb6467e00274771d88673b14e702b2f749bf0209cdd83ed18eb430603

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame DCD6 3 KB
3 KB 7ms
4ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 5
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: no6LjFs1gQsOkKzchy20mtxKOg7sz79S6xagOAusdtFHrAssa8IJMg==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame DCD6 3 KB
3 KB 7ms
5ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 46
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:04 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 7LJ0uA_D1FsTT1R-XjozzklWotOjATKsKmgMocsbVMOJlvIYELn0-g==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame C84E 2 KB
968 B 40ms
30ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=686&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 39ae4d787c5e587cedc5dc98a77e90351d52446f9b645cdceb0b29fee53d16ad

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame AC45 2 KB
1 KB 26ms
19ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=288&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dc21bc7732e89c80dfa432623176dc1cb299ecb028334cd2ad386da0c7e43bcc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame AC45 3 KB
3 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 5
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: cI8pkDFoaCtn53KsBuGKyUXyX1azLshG90dVQhBZMer9dh29Al21_w==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame AC45 119 KB
39 KB 14ms
4ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:33 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame AC45 2 KB
3 KB 5ms
4ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 16
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:18 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: eyvZEnZKqYJmpbMlmbjIacC2-CpL8mn9iXguQNu6IIWtMmrZug37fQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame AC45 3 KB
3 KB 6ms
4ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 46
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:04 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: TtRKxoHWEiHk2CwBOa79DO-sAP2c3TG-sQ7I4pufv4OqErkany9zFg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame AC45 3 KB
3 KB 6ms
2ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 28
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:06 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: L4DP9mVYOQcxm8TRp83NaCM9cBE_OxAzjDQiKCPg6_ANfLZ-hjBB7A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 110ms
35ms XHR
text/plain 2404:6800:4008:c13::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-102456694-1&cid=220517886.1655467473&jid=1832543596&gjid=1679137788&_gid=776816040.1655467473&_u=IEBAAEAAAAAAAC~&z=198756614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Jun 2022 12:04:33 GMT
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DCD6 0
170 B 277ms
90ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:33 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DCD6
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

116ms
115ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame DF8D 108 B
480 B 4ms
3ms XHR
application/json 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.62
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Jun 2022 12:01:32 GMT
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jun 2022 19:15:01 GMT
server: nginx/1.12.1
age: 186
etag: "62ab8135-6c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 108
x-amz-cf-id: d1ZN6ZWdRHdm1_SOd4bTpM5UWTLoffQI-PZG5UACKDZpDkYx2oNQTg==
expires: Fri, 17 Jun 2022 15:01:27 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame B21F 108 B
479 B 3ms
3ms XHR
application/json 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.62
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Jun 2022 12:01:32 GMT
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jun 2022 19:15:01 GMT
server: nginx/1.12.1
age: 186
etag: "62ab8135-6c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 108
x-amz-cf-id: MM5ryF8-gAj-2DqyG9QCUeYF50aRXS3Pg8QQ_jUsk2r2jTsXRnjgmw==
expires: Fri, 17 Jun 2022 15:01:27 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 1298 37 B
409 B 35ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

964c1bcbb15822149986951a68b9d6af016341f66acf7c5257d422f1f4eb6645

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame DF8D 0
323 B 292ms
149ms XHR
text/plain 209.58.171.197
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=984c7769-ed9e-411f-bdbc-ce874a23f84e&host=img.scupio.com&u=https%3A%2F%2Freurl.cc%2F6e9zk5&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=c09d0f59-8dbf-4dbb-bdc0-0078f5f42325&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.58.171.197 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 17 Jun 2022 12:04:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST prebid.aspx
prebid.scupio.com/recweb/ Frame DF8D 0
0

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame DF8D 0
218 B 33ms
33ms XHR
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1655467473472&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DF8D 0
215 B 17ms
3ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=41117837243

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DF8D 0
176 B 188ms
91ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 17 Jun 2022 12:04:33 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame AC45 0
170 B 185ms
92ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:33 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AC45 0
210 B 9ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=15730633818

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame AC45 0
209 B 9ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=71446985781

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame AC45
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

103ms
102ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame AC45
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

126ms
125ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame AC45 10 KB
10 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12678&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=288&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 36
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:58 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: D7zT10eIaSg0nDt30P9h1iwEstRmduYLiNzAIY_znhxyVwhVxkNesQ==

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame B21F 0
323 B 292ms
150ms XHR
text/plain 209.58.171.197
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=984c7769-ed9e-411f-bdbc-ce874a23f84e&host=img.scupio.com&u=https%3A%2F%2Freurl.cc%2F6e9zk5&xr=1&ao=https%3A%2F%2Freurl.cc&ucfUid=bf7f8d64-3781-42ed-92f0-15abc85c5bbe&w=970&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.58.171.197 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 17 Jun 2022 12:04:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B21F 0
215 B 5ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=43478374392

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame B21F 0
176 B 171ms
91ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 17 Jun 2022 12:04:33 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST prebid.aspx
prebid.scupio.com/recweb/ Frame B21F 0
0

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame B21F 0
218 B 28ms
28ms XHR
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1655467473490&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame DCD6 10 KB
10 KB 5ms
5ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13798&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=27&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 36
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:58 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: aS6RyI_DnSJYCGRvyxav1fBRSmibu2Mq9AP7qq7YEOh8pxutW0ZJcA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame C84E 10 KB
10 KB 5ms
5ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12679&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=686&o=1&d=1&b=2&ts=1&ii=3&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 36
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:58 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: fkF5J9Xf2SpXlOQbLWL70rADxBrxx5pgQPlP8cyHZZd54Jb2B_sU7w==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 96ms
45ms Image
image/gif 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=220517886.1655467473&jid=1832543596&_u=IEBAAEAAAAAAAC~&z=1561422949

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 97ms
46ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-102456694-1&cid=220517886.1655467473&jid=1832543596&_u=IEBAAEAAAAAAAC~&z=1561422949

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 1298 30 B
278 B 37ms
37ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
884 B 23ms
16ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3954
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vsN6457Kw40Ox4HFmqU3LdG%2BvDnX5%2Bs7yww0SV7qO380yMGCxqsfKpcwNhqOPPAW4YhRL1Mx4scw4nvtYYFkidd1dnws79HysHhTVc%2F2pk33%2Br%2FQAPeg7rs9CzsOTTNl9t56%2BOEEd59U741lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 71cba5fe18bd80f3-NRT
cf-bgj: minify

GET
H/1.1 204
No Content ad_request Show response
ads.aralego.com/ 0
839 B 331ms
192ms XHR
text/plain 23.108.102.145
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2F6e9zk5&adid=ad-BE7EA7D3B2339BD4077327D9D4B2DA62&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.21526337965885212
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
campaign-id: 10
sourceapp: 123456789
nonce: 473b1a16-b4ef-43ad-9591-fcf3aefa82a7
skadnetwork-id: testad.skadnetwork
x-height: 90
x-adstyle: banner
signature: MEQCIEQlmZRNfYzKBSE8QnhLTIHZZZWCFgZpRqRxHss65KoFAiAJgJKjdrWdkLUOCCjuEx2RmFS7daRzSVZRVZ8RyMyUXg==
connection: close
x-width: 970
itunesitem: 880047117
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
timestamp: 1594406341
link_type: app
x-adtype: html
access-control-allow-credentials: true
version: 2.0

GET
H2 200 M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131 Show response
s.yimg.com/ys/ Frame B8E3 3 KB
1 KB 6ms
5ms Script
text/javascript 2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ys/M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131?cb=ygscb

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:08:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1382177
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
x-amz-request-id: 0887JQSWMWPYXMDX
x-amz-id-2: Abm2ze1AxlgsP/muCMlGi+mymrvH01L+BmS+x55brw7g3DIB0PK+dT2vb8vzO2HkciJp7B4fkCo=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 18 Jun 2019 03:46:27 GMT
server: ATS
etag: "71bcbde4506c0d80a1c7b96307b1c563-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, stale-while-revalidate=30, max-age=2592000
accept-ranges: bytes

POST
H2 204 events
bidder.criteo.com/csm/ Frame AC45 0
209 B 3ms
2ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:32 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame AC45 43 B
365 B 3ms
3ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:33 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame AC45 43 B
365 B 3ms
3ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:33 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame AC45 0
209 B 3ms
3ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 3D40 0
82 B 57ms
42ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame DCD6 4 KB
2 KB 33ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:33 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame F054 0
249 B 53ms
41ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame C84E 4 KB
2 KB 32ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:33 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 8E32 0
82 B 46ms
43ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:33 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame AC45 4 KB
2 KB 32ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:33 GMT

GET
H2 200 1652878236626-2070.jpg
s.yimg.com/lo/api/res/1.2/CiVsBvnZK7HsPlmUp0M8VQ--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/ads/ Frame B8E3 5 KB
5 KB 8ms
4ms Image
image/jpeg 2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/lo/api/res/1.2/CiVsBvnZK7HsPlmUp0M8VQ--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/ads/1652878236626-2070.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

8a01d484dea4d228b7ce9914acc6e04cd3ec3c877fb5bc7f542d11e62b6d5bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 08:30:50 GMT
x-content-type-options: nosniff
age: 185626
cld_latency: 1
edge-cache-tag: 248997267447071907741556351676870248173,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 4609
x-xss-protection: 1; mode=block
cld_by: cache-iad-kjyo7100163-IAD
x-served-by: cache-iad-kjyo7100163-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Jun 2022 11:04:36 GMT
server: ATS
x-timer: S1655281851.952000,VS0,VE1
etag: "d790db60b049276f82e5fb1cffa929c7"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-tag: 248997267447071907741556351676870248173,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits: 1

GET
H3 200 kiarrow.jpg
ad.sitemaji.com/static/ Frame B8E3 211 B
231 B 7ms
5ms Image
image/jpeg 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sitemaji.com/static/kiarrow.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 02:39:07 GMT
via: 1.1 google
last-modified: Thu, 20 Jun 2019 08:55:05 GMT
server: nginx/1.12.1 (Ubuntu)
age: 33926
etag: "5d0b49e9-d3"
content-type: image/jpeg
cache-control: max-age=86400,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
expires: Sat, 18 Jun 2022 02:39:07 GMT

GET
H2 200 gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame B8E3 3 KB
4 KB 6ms
4ms Image
image/png 2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/adbuilder/gemini.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 31 May 2022 12:12:34 GMT
x-content-type-options: nosniff
age: 1468320
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 3328
x-amz-id-2: jei7uu+avGf49eGP1Y0L+s5Zhyun4uHUUztpv9sVpArv9lOpkEwg9Xb4/u0NefDPZkUXC3J5Ytc=
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 02 Mar 2019 01:45:46 GMT
server: ATS
etag: "99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: B7WD0VQPD0M3PCGH
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
accept-ranges: bytes
content-type: image/png

GET
DATA 200
OK truncated
/ Frame B8E3 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame DCD6 36 B
401 B 35ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame C84E 36 B
401 B 34ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame AC45 36 B
401 B 34ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame DCD6 30 B
271 B 35ms
35ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame C84E 30 B
271 B 35ms
35ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame AC45 30 B
271 B 35ms
35ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame DCD6 0
187 B 39ms
37ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame DCD6 0
80 B 243ms
32ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=50ef57

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame C84E 0
79 B 243ms
33ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame C84E 0
187 B 36ms
36ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame AC45 0
79 B 235ms
32ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame AC45 0
187 B 36ms
36ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 53A0 6 KB
7 KB 6ms
6ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 6
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: o5qEg5LSF7bRxHFd4OwSC8MudglYTZ9FhTzIHwVhiS75foEYi4FQrg==

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame FD06 6 KB
7 KB 4ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 10:10:49 GMT
server: AmazonS3
age: 6
etag: "439e160b698f1ec2efb45c3b6cd6b265"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6552
x-amz-cf-id: mhbsS2B_X_h3e6pHG0WHcHBCl2IZANh0_02BNxO3rC7IArL5rzrn6w==

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 1A75
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

42 KB
43 KB

12ms
12ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:44:20 GMT
server: cloudflare
etag: "6204de74-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYI8ChKScFldZa7%2FxUNvCmusirF0Q7eAZ5lYYfTvZsQdHmf%2FL760v43OC42f7pq4NEFBODV1AV%2FwoK0Pr6fkKei1K9QZ6NgYWKNDQkO317p7taUqtcjPYKdrnU9bLLFRR5JKSrZM%2BvwB%2FuEdvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71cba60378bc80f3-NRT

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection: close
content-length: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 617D 3 KB
3 KB 6ms
6ms Document
text/html 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 28
content-length: 3044
content-type: text/html
date: Fri, 17 Jun 2022 12:04:07 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
x-amz-cf-id: Aq1pZ8fHARxH2DMGFi50ikzE9JjGXi7_vw_KsX0dCCTMRqIEfrm3Pg==
x-amz-cf-pop: NRT12-C5
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame 53A0 662 B
1004 B 6ms
5ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 56
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:39 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 662
x-amz-cf-id: If6iN_zrNuyLt577pR7-DrBj92FlMwBisQDoVQOZQaD8cJm0V_frkA==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 7910 6 KB
6 KB 5ms
4ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 28
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: PK_4SdIbEW4_AEsMZyKGms_8BUswuwtQ2HBEhmYSdIa5BQ6qrlHrRQ==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 7429 3 KB
3 KB 4ms
4ms Document
text/html 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 28
content-length: 3044
content-type: text/html
date: Fri, 17 Jun 2022 12:04:07 GMT
etag: "b585383190cc538c34a520974872d918"
last-modified: Thu, 24 Mar 2022 11:21:34 GMT
server: AmazonS3
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
x-amz-cf-id: fdAHw792Xj-hpgnKUkUY16LgHlotKVO0yraNOgW7FQEca5_f4oBKnQ==
x-amz-cf-pop: NRT12-C5
x-amz-version-id: bA4BdajsGoQu4oL_HyEzRCsNuHmwq3bx
x-cache: Hit from cloudfront

GET
H2 200 edmp_init.js Show response
cdn.holmesmind.com/js/ Frame FD06 662 B
1004 B 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: AmazonS3
age: 56
etag: "f58f8a90686f8ffb3325107e8a788b71"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:39 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 662
x-amz-cf-id: KSyNmlJ9DrEoBX5nZmxRa0bAZd5wWVa2Y7tGEvVJ5pjCa64hWr0I3w==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame D267 6 KB
6 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: TffX4.BvLss5nGbaNkDOhki_IqknqyWa
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 03:26:21 GMT
server: AmazonS3
age: 28
etag: "8de5f5c245a6377bb4dc88fbf8c0c6f5"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 6093
x-amz-cf-id: 10PBi6L0m-7vpoY7-9RmGQKZWgQUCHqxHxHXacyrlF3ye3tADyZ7FQ==

GET cm.php
fcm.holmesmind.com/ Frame F6D8 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 617D 4 KB
2 KB 32ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:34 GMT

GET
H3 200 cm
c.holmesmind.com/ Frame 617D 0
15 B 917ms
917ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 617D 35 B
470 B 587ms
146ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2

200

google
m.holmesmind.com/ml/ Frame 617D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEAto_0KGDrmdUL416ioHCPM&google_cver=1

0
134 B

89ms
88ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEAto_0KGDrmdUL416ioHCPM&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
x-guploader-uploadid: ADPycdv59MFcE826SNR-yM21JOvU8UMFMz41R1BUynhPwQ1zdYloHFnD1Bl1ImjfrqMjv0cVoQ5jQGr5dousKiaiHjl3FvwF3JCD
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Fri, 17 Jun 2022 13:04:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEAto_0KGDrmdUL416ioHCPM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 7910 668 B
660 B 6ms
5ms Script
text/html 2600:9000:21d2:4c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13801
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:4c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:28 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 66
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: ronpYfbnJUkW8ncPvvrXr0b0Y1qNGI7qLdoICZ-KlKoV09iGxSrPCw==
via: 1.1 64deaa7770e2273b39002266d56d8170.cloudfront.net (CloudFront)

GET
H3 200 cm
c.holmesmind.com/ Frame 7429 0
15 B 435ms
434ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET cm.php
fcm.holmesmind.com/ Frame 48CF 0
0

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7429 4 KB
2 KB 33ms
31ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:34 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 7429 35 B
470 B 590ms
149ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2

200

google
m.holmesmind.com/ml/ Frame 7429
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEBV3BP00-NvIIcLlU2PGQBI&google_cver=1

0
478 B

90ms
83ms

Image
image/png

35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEBV3BP00-NvIIcLlU2PGQBI&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
x-guploader-uploadid: ADPycds2WNeNbDtsrvEvXFDFDu0GDHsh7LmLbPeK7vjtt1kZMm2GcFi7fwG85C3G0dOAQ5IMt_uE4UX_M1g-2RapWJVqcStsKdMG
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation: 1519198601160228
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
content-type: image/png
expires: Fri, 17 Jun 2022 13:04:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://m.holmesmind.com/ml/google?cf_uid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&uu_m=undefined&google_gid=CAESEBV3BP00-NvIIcLlU2PGQBI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame D267 760 B
681 B 5ms
5ms Script
text/html 2600:9000:21d2:4c00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=13752
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:4c00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:01:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
age: 195
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: re8gL53gIBmovVTZIvc3NWVwoGE8IuuOLcY_R6v2eS2gerCS9rRslg==
via: 1.1 64deaa7770e2273b39002266d56d8170.cloudfront.net (CloudFront)

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 7910 2 KB
1 KB 33ms
32ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13801&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=75&o=1&d=1&b=2&ts=1&ii=2&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8affb5eb694f03265a9b5426bff2402aeabd8f116085c47403570b121e295c65

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 7910 3 KB
3 KB 8ms
6ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 6
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: p_4Zfh170gaMmZZrCpmmr7V7z6kF-aHGXOQQ-K1jR_w-y6ujC2RwvA==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 7910 119 KB
39 KB 5ms
4ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:34 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 7910 2 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 17
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:18 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: qFAc7-cs-71LdR6q-jKX93DO53KTDpScHg0RWzRPVROJhi2G0k08WQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 7910 3 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 47
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:04 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: 4IY5vTv0FUC-r7LwFU8T0iX02eA2EBNcYYdVEZFtgg8DGw622U32xA==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame D267 3 KB
1 KB 89ms
88ms Script
text/html 52.197.44.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13752&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=902&o=1&d=1&b=2&ts=1&ii=2&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.44.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-44-129.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: dcb5009ba61768a2dbeffb1f453c36ddb6097ef6e00f36aaedd0fbc15f79d73f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame D267 3 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: AmazonS3
age: 6
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:29 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: deawI1pe9YOKfFR_rB52GUcXYSAQf7mskAuSRLy1NTpPLLM78rqI3g==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame D267 119 KB
39 KB 6ms
5ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-1dc01"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:34 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame D267 2 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:12 GMT
server: AmazonS3
age: 17
etag: "e8f33fcb581483ced4a09b3c8e7550e4"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:18 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2443
x-amz-cf-id: CLBviCV7ovtmU06Y_JAqB7YgjORSpo5YgdpPIQbSGY7ljw9GDFyeRg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame D267 4 KB
5 KB 8ms
7ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: AmazonS3
age: 49
etag: "c3b948e5a48dd0ec20c265d6d8da7add"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:46 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 4530
x-amz-cf-id: KLL0eZQ4pjVDDCBdQLiPBqvXSqw26XmkfbFNotK5XcG5XtiuM8tCxQ==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame D267 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: AmazonS3
age: 47
etag: "548ed610a8571343fb3022f543174735"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:04 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 3177
x-amz-cf-id: fGkWKfDxVtPR9-IacAfCw-dFNanuj2_jz-WxlbsoREgaNJ75yVtSUw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame D267 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 15 Oct 2021 07:41:44 GMT
server: AmazonS3
age: 29
etag: "adc35fd9401ac04bdb2a47c466e46174"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:04:06 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 2568
x-amz-cf-id: iIeyZG69p8_9fiF42ONp4SjwY3fH625G_5xK5vP4yCq2K6dnoMhLmg==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7910 0
170 B 92ms
92ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 7910
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

106ms
106ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7910 0
209 B 2ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=16784165622

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame D267 0
170 B 91ms
91ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame D267 2 KB
2 KB 3140ms
3066ms XHR
text/html 210.59.219.181

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.0883510015136535
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41dee7918ec0c10c933205c5dd706162888a561a83b02766f167c2a16644a21b

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
cache-control: private
access-control-allow-credentials: true
content-length: 1355

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D267
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

110ms
110ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame D267
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg

2 B
19 B

41ms
40ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nt1C8GzNCyS_edE50W2sYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 7910 43 B
365 B 3ms
3ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 7910 43 B
365 B 6ms
6ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:34 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 7910 0
209 B 2ms
2ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame D267 0
209 B 3ms
2ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=123&profileId=184&cb=99807644371

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 617D 36 B
408 B 35ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D267 43 B
365 B 9ms
8ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame D267 43 B
365 B 3ms
2ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Jun 2023 12:04:34 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame D267 0
209 B 2ms
1ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 12:04:33 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 7429 36 B
408 B 35ms
34ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 7910 10 KB
10 KB 3ms
3ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13801&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=75&o=1&d=1&b=2&ts=1&ii=2&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 37
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:58 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Lvweek3FTU2PWBZHfOulUS2CafbV-aCTYQa9CUbE-M3H9VaFOesH8Q==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 53A0 0
214 B 162ms
155ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 53A0 0
214 B 164ms
157ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D45583%26Tags%3D2364
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 53A0 0
214 B 160ms
154ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D45581%26Tags%3D2364
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 53A0 0
215 B 154ms
147ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 617D 30 B
278 B 36ms
35ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 7429 30 B
278 B 37ms
36ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame D267 10 KB
10 KB 10ms
10ms Script
application/javascript 2600:9000:2066:8c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13752&rf=https%3A%2F%2Freurl.cc%2F6e9zk5&n=902&o=1&d=1&b=2&ts=1&ii=2&FPCK=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&initver=210830P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:8c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 3324cffdbe64c84e117777de2182476c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 37
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 17 Jun 2022 12:03:58 GMT
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: Xb6f7qs8ULs0TYabkJnmtTKk90jQcS635UWjSmBdgeUFpbZnU1btSw==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame FD06 0
214 B 173ms
170ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D44584%26Tags%3D2006%2C2005%2C2004%2C2003
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame FD06 0
214 B 168ms
167ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D45581%26Tags%3D2364
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame FD06 0
214 B 175ms
174ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D45583%26Tags%3D2364
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame FD06 0
214 B 174ms
174ms Image
text/html 35.75.198.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D479937-1zYryQVWer2ety184OWrKmIDPZmAgQph%26SID%3D44161%26Tags%3D2010%2C2009%2C2005%2C2004%2C2003%2C2002
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.198.235 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-198-235.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 1A75 975 B
855 B 13ms
13ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3955
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHzXM2vcm%2BJGb%2FSYNhWiEWc9f%2FnIT8Wcs0Q3%2Fv8aR2K0VokALSKA5Lwv0OKIE93qXx0L8WIDwmfMDnzKdNuE6Gzs5%2FeEkK%2FL6PLPT1r4T2Smarlt%2F%2FX1giE0GkdDKrGCK0AA1%2Br%2FkrSOMBQiRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 71cba60388dc80f3-NRT
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 1A75 46 B
486 B 235ms
68ms XHR
text/html 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6ae681d708d3258a1b7861438d111f43cea16e578d3019fb5145bb702860268a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 1A75 559 B
1 KB 303ms
165ms XHR
text/html 23.108.102.145
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2F6e9zk5&adid=ad-772836EB4BD79D3B0B3BA843D8A2AE49&w=970&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.026935656359529325&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=970%2C90%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: df84f7be123672ec0dc04b526561de9c771fc6850852da99cc9cd1c78d0830c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
x-width: 970
x-height: 90
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: e2111d40-72ee-3f93-b182-01c9a85719b5
connection: close
access-control-allow-credentials: true
content-length: 559
x-adstyle: banner
x-adtype: html

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame AFCF 0
37 B 50ms
44ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 7910 4 KB
2 KB 33ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:34 GMT

GET
H3 200 landing.php Show response
fp.holmesmind.com/ Frame FD62 0
37 B 46ms
46ms Document
text/html 34.117.219.39
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&CFFPCKUUID=1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm&url=https%3A%2F%2Freurl.cc%2F6e9zk5&maindomain=reurl.cc
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-headers: x-requested-with,content-type
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx/1.20.0
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D267 4 KB
2 KB 35ms
32ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
last-modified: Wed, 23 Feb 2022 08:43:40 GMT
server: nginx
etag: W/"6215f3bc-11a3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Fri, 17 Jun 2022 12:14:34 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 7910 36 B
401 B 41ms
40ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8392 714 B
835 B 9ms
9ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
age: 1314
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71cba6050aff80f3-NRT
content-encoding: br
content-type: text/html
date: Fri, 17 Jun 2022 12:04:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuzbTaE0e1GqfDaJSHVl9RKUWZ55OwaHVQ4emrY6FStRxWZNQaUeHJne09SdJ79RyvM2WDJU7BSgryD3mgMbQPy7qcUaDEucjIVqkrpAODlb7SxWvii9weRfkKsgrn38nrkPzulT5Z6HJghjHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame 1A75 35 B
384 B 167ms
63ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8392 81 KB
28 KB 114ms
71ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27914
x-xss-protection: 0
server: sffe
etag: "1247 / 732 of 1000 / last-modified: 1655464010"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Jun 2022 12:04:34 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B591 116 KB
39 KB 95ms
53ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8879a25d7ba59d83faf14d6c39e25f1342c8b639465f08d5f7e4ced786e0a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39743
x-xss-protection: 0
server: cafe
etag: 7153955919973418414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:34 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 617D 0
194 B 39ms
39ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame 617D 0
79 B 32ms
32ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=cf

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame 7429 0
79 B 32ms
32ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=cf

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 7429 0
194 B 37ms
36ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=479937-1zYryQVWer2ety184OWrKmIDPZmAgQph&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 mbcsc
tp2.beap.gemini.yahoo.com/ Frame B8E3 0
1 KB 105ms
35ms Image
text/plain 180.222.102.162
YAHOO-TP2 YAHOO! ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tp2.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=eSZyBKIGIS.mYiBocE6YbD3uTDUknWtzQ4fikmQkvrMpbi7JVrJ3coxFc_PpKGBIS6TaQTDwIrKxbomNr7BU5Fgc8Xy4Pycm91kxAMCWSkZr9uZ8Vkur3GyuYrsv8r2yfGJn9pctrT5nUuu6Gf6rONZYWOxCi3WhNCJUM1YFkj957YafHHefS1AIeAZQYWnzuGaxFI9f3XQMZ_3u54eR6.oT3StVf1OL.un0hI6ZW9QiYjfriK4Z3bZirLP9n7.CGGJATbc6E3y3G1PeFEbZiy0NoOM5mIrZiwDEvTtwwYyW6xyrODvSt42zqH4.gbgab2q0KnITAXgFj4_imMveScJi2yNtLV2BLN3EJhVfNlkWz6lw8l07UuGyndVowXkE3N8dkcE0yYJQEj5FnhlDkd9YeGz0FSmekhPqJVCfgMPi8v5xh1GGt4hFdUoJt1dqreenOgOdRS5oiYY7fiX77RMK12DTcZAYbOblgUuxjAQzW9_kjidw7A--&ap=pp%3Dm%2Cpi%3D0

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

180.222.102.162 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),

Reverse DNS

beap1.cbs.vip.tp2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:34 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only";
x-frame-options: SAMEORIGIN
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 beacon.do
ads.yap.yahoo.com/nonSDK/beacon/v1/ Frame B8E3 0
0 35ms
35ms Image
application/json 180.222.102.159
YAHOO-TP2 YAHOO! ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yap.yahoo.com/nonSDK/beacon/v1/beacon.do?id=G9Kr9r3xaII7xr-SaogLqwtkMimJsuzj5fO-xGwDw64vXc-sZbzmgi3-_JmjBzSDX7MgybyT1XYEDPBv6ut9J3263jxTA4kTFW1PZ-8P9hD1OkZQBv28dlBLyKzBbjuRcTUuG5MqJxSK9RL8Ue-6PYDvMgvcDX4mS_RlXjUb2exhx7n8-B1PXOGj5rFsCOBJMWpOCEdAKHG1IK8ZWXfwUaDX7H6Lc-0vzePxDIo6o-Zgp1AK_4RwePr3GsX3I8R9vw7dKW0IIH1qIEPh56BR9Ifp4yr5i0IVjjrIXSBe7DO3W6fyvAKqOGlmjTvmqS7U
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.222.102.159 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS: media-router-flurry71.prod.media.vip.tp2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8392 368 KB
125 KB 42ms
2ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 09:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Jun 2023 09:15:41 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/ Frame B591 341 KB
120 KB 163ms
121ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7d5c4f8503ed1c61e33520ded1c6af24c8081374d27d99ea30069da2169029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122983
x-xss-protection: 0
server: cafe
etag: 1589116854973251048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 8392 107 B
792 B 83ms
44ms Script
application/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8392 107 B
549 B 86ms
39ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8392 307 B
157 B 70ms
70ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1113247215987441&correlator=1082750471432980&eid=31065642%2C44742767%2C42531606&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655467474969&lmt=1644386353&dlt=1655467474743&idt=205&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=qiuvzkrz4grn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=983511273.1655467475&ga_sid=1655467475&ga_hid=1184679366&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5bd86173a60386373d8f421e527bfbeaa642d84eb76aaec700e01a66e50dc7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 05D1 6 KB
4 KB 187ms
44ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:35 GMT
expires: Sat, 17 Jun 2023 12:04:35 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame B028
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

42 KB
43 KB

12ms
12ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4929
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:44:20 GMT
server: cloudflare
etag: "6204de74-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qkk%2Ft4IZxTRE6UF%2BzGvU85D1UKMRr%2ByUMgDkgoCzMIHytayxsp%2BZ7Y%2F0yoBlBbeOTK3VOylgthEv3cpzef5XcJsMMTODXRC9pYXc71wLOygwHOdPY0OZ4I9yJt10i5l%2BhDKhalhf%2BWhfHLdOcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71cba6081fc880f3-NRT

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame D4E5
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk

42 KB
43 KB

13ms
12ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4929
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43274
last-modified: Thu, 10 Feb 2022 09:44:20 GMT
server: cloudflare
etag: "6204de74-a90a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZEvUl1K%2FSnkZyDnwf6U2EA%2FJUGZnCEtHqjy0MYWzRn1z%2FTtq76VClhcu%2BfWqaLEX9MSnHpZCKWJNF%2FOKVAKpcr8lvR%2FCemWC5TuHUXhmJyp7i%2Fx44W9F3NgVHtl5T9Q2xi6GxUYO3P86pLF2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 71cba608785180f3-NRT

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection: close
content-length: 0

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 7910 0
187 B 38ms
38ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame 7910 0
79 B 34ms
34ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=50ef57

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 pixel
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/ Frame D267 0
79 B 35ms
35ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net/pixel?bd=db0e948d-5aae-475c-af12-be6907d633b9&t=50ef57

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame D267 0
187 B 35ms
35ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM&mp=db0e948d-5aae-475c-af12-be6907d633b9

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 94E7 4 KB
2 KB 4ms
4ms Script
application/javascript 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
age: 245
etag: W/"607cf957-11ab"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: Ma7pSdHsVlfd9nyUrGouq8zTd_H1sTSFyzM9kYoW93ZtLd5d2_nx6g==
expires: Fri, 17 Jun 2022 15:00:30 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame DF8D 1 KB
2 KB 144ms
37ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8981274806220501
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0674094c9bc9f20ecae340fc60248b65c3e7e60537c7b89abe3e4b150bda7d9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 894

GET
DATA 200
OK truncated
/ Frame DF8D 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8392 14 KB
10 KB 89ms
52ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8107b409a85294861156b187b0b1dffa2bd065215e572cd4ea855218dcc3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10584
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame DF8D 87 KB
28 KB 5ms
5ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:35 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B591 383 B
464 B 37ms
37ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c31a23592de4c0f90f33a0fbe516035b151d27e12821404a75bf5e6ca2c1851d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame B591 107 B
122 B 85ms
46ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B591 107 B
122 B 88ms
45ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFE6 20 KB
10 KB 333ms
285ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acd723c8b4be139d4d9c0110a5f9848aa87d1795c432811eff542260c7dbd865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 10046
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbyscupio.js Show response
img.scupio.com/js/ Frame 5B85 4 KB
2 KB 4ms
3ms Script
application/javascript 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 03:30:31 GMT
server: nginx/1.12.1
age: 245
etag: W/"607cf957-11ab"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: NRT12-C2
x-amz-cf-id: mNKTlkCiMtG7vGxEuXV298PDfFG2uScjXrlflsQC4oeprNLWSWwLLg==
expires: Fri, 17 Jun 2022 15:00:30 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame B21F 1 KB
2 KB 143ms
36ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7787702844471016
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ebb5b843e4213db60048b5d338120b97aa988f15eca48d95c36f1b78f88be193

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 17 Jun 2022 12:04:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 894

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame B21F 87 KB
28 KB 5ms
5ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:35 GMT

GET
H2 200 300x250.png
img.scupio.com/img/2011_gym/ Frame 94E7 47 KB
48 KB 4ms
3ms Image
image/png 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/300x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 11:26:26 GMT
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
age: 2290
etag: "607cf99c-bcf6"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 48374
x-amz-cf-id: DAfrYijU2VkhfMxNH7qQN8cV43WqiGMqGeuJA1czqf4zlzLXmFE2LA==
expires: Sat, 17 Jun 2023 11:26:25 GMT

GET
DATA 200
OK truncated
/ Frame B21F 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1970 15 KB
6 KB 35ms
9ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6153
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:34 GMT
server-processing-duration-in-ticks: 1647
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame DF8D 87 KB
28 KB 36ms
11ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:35 GMT

GET
H2 200 970x250.png
img.scupio.com/img/2011_gym/ Frame 5B85 86 KB
86 KB 16ms
15ms Image
image/png 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.scupio.com/img/2011_gym/970x250.png
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 11:23:08 GMT
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
last-modified: Mon, 19 Apr 2021 03:31:40 GMT
server: nginx/1.12.1
age: 3566
etag: "607cf99c-156c7"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C2
accept-ranges: bytes
content-length: 87751
x-amz-cf-id: slcp_YXpY_dol5M6Z1KDPWG0R1t_Gz33HvD3GJsOmftswJQxwxE1mw==
expires: Sat, 17 Jun 2023 11:05:09 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B028 975 B
849 B 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3956
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sm%2BukcIE2355XMkYUhdgSgQsvUmTzmsSAdTXQOOfq4JWixvLmhFUlxknBScW5a8kJ%2B5eJx88o8A0z37r6L6Pfq3KEhgFCrmk7npVcwgj%2F%2BQ2oru%2BtBVB1HOCCxX%2Fwz1AeW6gC2kNxD1vbUKMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 71cba608481d80f3-NRT
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame B028 46 B
486 B 199ms
89ms XHR
text/html 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?ucfUid=e2111d40-72ee-3f93-b182-01c9a85719b5&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6ae681d708d3258a1b7861438d111f43cea16e578d3019fb5145bb702860268a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame B028 552 B
1 KB 330ms
184ms XHR
text/html 23.108.102.145
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2F6e9zk5&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9184020114302114&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=e2111d40-72ee-3f93-b182-01c9a85719b5&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
x-width: 300
x-height: 250
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: e2111d40-72ee-3f93-b182-01c9a85719b5
connection: close
access-control-allow-credentials: true
content-length: 552
x-adstyle: banner
x-adtype: html

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D66E 15 KB
6 KB 7ms
7ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6153
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:35 GMT
server-processing-duration-in-ticks: 1505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B21F 87 KB
28 KB 10ms
9ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Jun 2022 12:04:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8392 17 KB
7 KB 134ms
90ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:35 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1970
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=a8bPnHxubkxJcmV4STNyODR2cHVoM0xoT0hLM2tzVHNOSnBXb2dHQXNsbXZTdUZubUtKbnJLT2w0azJnMDVzTUNGanUyWXN2OWoyUDluTG4vb1QvakVCeHV4NHowcGtaN3YyeS9HUlEzWTJSVnhXWkRqMmxBVUZXa0Y0cm...

441 B
639 B

17ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=a8bPnHxubkxJcmV4STNyODR2cHVoM0xoT0hLM2tzVHNOSnBXb2dHQXNsbXZTdUZubUtKbnJLT2w0azJnMDVzTUNGanUyWXN2OWoyUDluTG4vb1QvakVCeHV4NHowcGtaN3YyeS9HUlEzWTJSVnhXWkRqMmxBVUZXa0Y0cmMzSXZJdDhiekpOMURjMENzZTZwemFBN0JSaUZEdG1oMGVZNzZ1c3RlcEZQc1VHVWJCc2Y0TE9sYnVaeEYwQ2lBdzJCWEhHSmxDRXJGNTZwcDVhQ01HdGRwYjlDYk9CdWFCUW5aTXFleFVDYXY5QVViMGtVMnlHN3YyYk9HNWNmZHAxTE4xQ3RXZU41SWRSNGJGRk91dE5HT09FSHc0Zz09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

d28994b64f1a0612d0076a2557f92a8bcd7d534818fbbb392738eb0689c2298a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3885
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:34 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=a8bPnHxubkxJcmV4STNyODR2cHVoM0xoT0hLM2tzVHNOSnBXb2dHQXNsbXZTdUZubUtKbnJLT2w0azJnMDVzTUNGanUyWXN2OWoyUDluTG4vb1QvakVCeHV4NHowcGtaN3YyeS9HUlEzWTJSVnhXWkRqMmxBVUZXa0Y0cmMzSXZJdDhiekpOMURjMENzZTZwemFBN0JSaUZEdG1oMGVZNzZ1c3RlcEZQc1VHVWJCc2Y0TE9sYnVaeEYwQ2lBdzJCWEhHSmxDRXJGNTZwcDVhQ01HdGRwYjlDYk9CdWFCUW5aTXFleFVDYXY5QVViMGtVMnlHN3YyYk9HNWNmZHAxTE4xQ3RXZU41SWRSNGJGRk91dE5HT09FSHc0Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1202
content-length: 541
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame D66E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=L3KPPHxqZmxBNDNPZHFXR0xydTZ0QUh3eUdSWjN5eWJIQkY2UU5rNFZOK1d0TGhlNzVMQ3FlRkIyL3IzTFZuUDNpeHk5S2FHYXQ3MEpMVGh0K00wL1pkVVNKS2VhSi8yeTJvRDFWYWdZTmpHNTF6TVlHRGRiRStHaUR3Mn...

428 B
633 B

16ms
4ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=L3KPPHxqZmxBNDNPZHFXR0xydTZ0QUh3eUdSWjN5eWJIQkY2UU5rNFZOK1d0TGhlNzVMQ3FlRkIyL3IzTFZuUDNpeHk5S2FHYXQ3MEpMVGh0K00wL1pkVVNKS2VhSi8yeTJvRDFWYWdZTmpHNTF6TVlHRGRiRStHaUR3Mng2Z1U3ZE01Z091anhNVUpFSTRhYVpiaFdJSGdjWTA4OUtHRVBiUklPMGV5SEREWnBtZ1NRVFRoRWRzSjVZN21xMjd4dEFaS1JldysvR3Z4R0gxQmpqTEpKQWQ4aVRuUWJpdE54ZTlxSkkweUZ5TGNGd0N5TW8yVGVhZXg5SkpMZHFxZVJEcm1UQWFLZ1l1WUdGMHluZXBha0ZkN0hDVzZDUitlbHovbzl2N1BJdGx1aU9ocz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

24e802020fff34325efbf88a06cf2477023479d11def137b70b2a3472dbf37d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3983
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:35 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=L3KPPHxqZmxBNDNPZHFXR0xydTZ0QUh3eUdSWjN5eWJIQkY2UU5rNFZOK1d0TGhlNzVMQ3FlRkIyL3IzTFZuUDNpeHk5S2FHYXQ3MEpMVGh0K00wL1pkVVNKS2VhSi8yeTJvRDFWYWdZTmpHNTF6TVlHRGRiRStHaUR3Mng2Z1U3ZE01Z091anhNVUpFSTRhYVpiaFdJSGdjWTA4OUtHRVBiUklPMGV5SEREWnBtZ1NRVFRoRWRzSjVZN21xMjd4dEFaS1JldysvR3Z4R0gxQmpqTEpKQWQ4aVRuUWJpdE54ZTlxSkkweUZ5TGNGd0N5TW8yVGVhZXg5SkpMZHFxZVJEcm1UQWFLZ1l1WUdGMHluZXBha0ZkN0hDVzZDUitlbHovbzl2N1BJdGx1aU9ocz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1152
content-length: 567
expires: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D4E5 975 B
849 B 9ms
9ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3956
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv633qk6ohZX5vSETrwj06vkJ4E9JXEetOZhKYoJ9%2FgaQH%2FBy%2F8d7k6c8grxeTW%2BU6%2FalmqWZP1OhKEPccozpJaFtlDDcnE01jmUnGdjdJe0alXvh1wIAhvsZ76mmCn9OMVUvGs3F9TqcfbZDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 71cba608a89b80f3-NRT
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame D4E5 46 B
486 B 161ms
55ms XHR
text/html 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?ucfUid=e2111d40-72ee-3f93-b182-01c9a85719b5&lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6ae681d708d3258a1b7861438d111f43cea16e578d3019fb5145bb702860268a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://reurl.cc
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D4E5 555 B
1 KB 332ms
184ms XHR
text/html 23.108.102.145
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2F6e9zk5&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.952850694706002&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ucfUid=e2111d40-72ee-3f93-b182-01c9a85719b5&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.102.145 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
x-width: 300
x-height: 250
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: e2111d40-72ee-3f93-b182-01c9a85719b5
connection: close
access-control-allow-credentials: true
content-length: 555
x-adstyle: banner
x-adtype: html

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame D13E 1 KB
1 KB 3ms
3ms Document
text/html 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1260
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Jun 2022 11:43:35 GMT
etag: W/"583295c9-4dc"
expires: Fri, 24 Jun 2022 11:43:35 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
x-amz-cf-id: bqbxGbpuRabNGyk8fgVFG4gBvBEGkpmUS6WXE3K9WQDivFWFCAorqg==
x-amz-cf-pop: NRT12-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 1031
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0VBMjAyMjA2MTcyMDA0MzUzOTY4Ng%3d%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0

0
551 B

649ms
33ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 593B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
410 B

19ms
10ms

Document
text/html

23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:35 GMT
etag: "40014-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 17 Jun 2022 12:04:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame 1031 35 B
266 B 182ms
62ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CEA2022061720043539686
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame CB0A 1 KB
1 KB 3ms
3ms Document
text/html 143.204.86.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-83.nrt12.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.62
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 1260
cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 17 Jun 2022 11:43:35 GMT
etag: W/"583295c9-4dc"
expires: Fri, 24 Jun 2022 11:43:35 GMT
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 f92013124d5bf39059d54d83f591b87a.cloudfront.net (CloudFront)
x-amz-cf-id: IT--ZqbSihWo_gxvigTQULwiPHDYJOOtoq3cxKaCQFuFusjyUh7Ogw==
x-amz-cf-pop: NRT12-C2
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame CADA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1NBMjAyMjA2MTcyMDA0MzU3NjEwMjA%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0

0
551 B

35ms
34ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: HTTP/1.1
Server: 210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJ2HTySfp5WDB_S2ZW0hjnU&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 63C0
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
410 B

11ms
7ms

Document
text/html

23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Fri, 17 Jun 2022 12:04:35 GMT
etag: "40014-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 17 Jun 2022 12:04:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame CADA 35 B
266 B 159ms
55ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CSA20220617200435761020
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.62
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B695 13 KB
5 KB 51ms
6ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B61F 783 B
534 B 94ms
48ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3d999f79b235f3f12d4e98214e3f04f42dba5444601d6562b231c9b59a9b003

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5VXdrrFS9ocv2TmxuhxB_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-5VXdrrFS9ocv2TmxuhxB_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Fri, 17 Jun 2022 12:04:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame BE20 714 B
838 B 13ms
13ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
age: 1315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71cba60c9e7580f3-NRT
content-encoding: br
content-type: text/html
date: Fri, 17 Jun 2022 12:04:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBLeDcZIcUF%2BrsLC5s34Xu8qg89VpPYFcKfh2yz4CB2VbKWV0lUvLNvWDwPdyScVfWsV%2B7KVRulcjz1UKSdwZXI3IyHQsnNfVjhVu3JmOadkfPgs6fbbyRvn6GT1RPKGqildJpqYuWeVai5z3A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame B028 35 B
384 B 161ms
55ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:35 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 2C1C 714 B
841 B 11ms
11ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
age: 1315
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 71cba60cae7780f3-NRT
content-encoding: br
content-type: text/html
date: Fri, 17 Jun 2022 12:04:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPkqMeY3k%2BxC7Fj5L9quHs%2B54G2a0gJ6Vyp0A5gJWtWadp50Hv3hCOC0ZG8x%2BB454TJ1QOP30pi661Rri9lEG%2BjOULk7POXa%2BkKSUifCtbjernTR8isxlRaMrk9EtU2jUyznciOyV1ClDdRpTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ Frame D4E5 35 B
384 B 989ms
875ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:36 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B9F6 116 KB
39 KB 59ms
59ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8879a25d7ba59d83faf14d6c39e25f1342c8b639465f08d5f7e4ced786e0a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39743
x-xss-protection: 0
server: cafe
etag: 7153955919973418414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FC51 116 KB
39 KB 106ms
106ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff7687c91db12eafae28d0dc4766fea210e82baed0307b2c0779ef203ec06876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39746
x-xss-protection: 0
server: cafe
etag: 15138162670200816008
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:35 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/ Frame B9F6 341 KB
120 KB 109ms
108ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7d5c4f8503ed1c61e33520ded1c6af24c8081374d27d99ea30069da2169029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122983
x-xss-protection: 0
server: cafe
etag: 1589116854973251048
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/ Frame FC51 338 KB
119 KB 104ms
104ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

385d9695c056b74da974c61046be6b619185ae2a0b170b8f55d3357f052d44e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121827
x-xss-protection: 0
server: cafe
etag: 8151192734870086186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 67D2 448 B
269 B 92ms
48ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYhYj7pwEwAQ&v=APEucNX85WEfRG6WkcqvVkf84FyBWY62b--gWJulkDTbjfuXtRCLKiUDTX9DdxRd0vQ9nBRm1u5CNr-N9f6jM8tPwsSXK__rXg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 248
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CE07 58 KB
27 KB 142ms
100ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAaWjKsIWbaIu1COr1FccjtkGW_dTSDiXBpHHAWRuTGOZin9Q4VT5wM-RV1iS88fIC8tc0A8JGKX60ZxwSlSHdfgCwUiRTgGvJcL5-MdOct0gSrrL5lfz9_RSwADMjPnH53YpyL4SvSnoIK3SzIuEm0W73hQ&dbm_d=AKAmf-DUp8RsbJQqCnF1XNFfywP5FgDDDbcwWfSnOT3G2mOxgC6z51088j0FwPC1FQV2RTmb2b0ufp9mgyX3Tb6aH6OS2GRSpWYFXlZ5VWRBQIOiAwSC2RXYHZ-wVjEHJOmgbntezbcRXeN1hzXRy8it7QF1Xcu8dvxpHtVTY1YQHNWM1xcj9QiFvcx_6342HXZJ98q3Y0r0WvQMJJFE_LmIRYDYNZwlhk63XP41NW8SZ8ddLqVGckgHc2A8mGtKurLA11Sx5euoaQlOzDWSapOZXejCPrFyL18b84eg0mUyUx9P8trosowcKaopDxwfyC6ARRwg3ixvQ4PF66Q_yAjGIiW-nHbZdDyiaq6qXFEum20SNFEuS47dWEEGCzJ_P99hW1hs3M-eCVRJuQ38pLipkUu0ZnxQqoIGj_1cQZ3rJrCi6VShlIB2_KEFcm_5ysko_pM6Nm8KT7ERnibGMaQ9bSb35kUSa5C0nwAql0kzmU8Msy697G_OMSQUcbCFTonZEhfRHir6AL6lbIpTFpN5Z4pEz8krckl5mHPNENYUObRzh_6ErePdQSGS9GjxCJEZK9twiCyjQAfjpfY-pjyHXj5CM_VoxLMEBmuG6YZ_m5ZITsQcW4PuOWsPtHmKiUvTpHTP_E_hJa7ogNhBEy3BDEpNvXAlLD-qCW3JmC5yT84vzBKx5upW2entejYo6W23DBy7c9--DE7K0s9-LshyFFM-Vb2wx9zTMFVCwEwqLJMBbKHSeIGVK2ESFP3cLh9MX0693B8vyRLkekSd8M3s7ozfjTmrcIZXzHcP84RRc2KG8qOfwpkinmRXHhufhUIlI9mnQCd-QdFN53xJUW6XTfVJaPxIAmOxkv_tHPsVdIwHOGdzgfM0cUEJ_cMDltUwEXkwTEQz5iU-CyQnvKXisLEqv6LFkWxnL741ZYQ3R7u2SmtmyOqrcXfR03s9foT1s75JCb_6oRcXmc-krlH3FvipzZ6p-lPCVwm2d0xzQ2-hAP60Ynwv4mP3LbPPM-wZzgRa5jr2lVDWRbxMIbHkGGnH_UJob66OZCdWG0wBmQroavwxx-YGiUVMqSugfPn85kfArBofq7fwjHzEXYmf8ETdr92xcMTN1a_sgkLDSotePArIV49YZAEHEYx7VvU5pohsyghhjXt40exvrjQCvrEqIdWoGnVDosW_3QmRxl11IBX_0_LNV07N-Oi7Iu5xh1Zypl5074jXo5x4vp_NFoqmzPY0L9Mhqf1dj_Chiy7QZIX65JY-e2h-WWET4jUu6-_5PtnvGhbR4-WdkrBZpEga_dTzFzljIJ3dFoVt8O5uN4viUAXOWrmyx6GyWfkK-MQJiMOF8p9iyDrsfJ4l_EBUe8eJThDHCW2_GbUPvH2gqNa-on4Sr7_cFM61EDVclYU7BgkWIQIX_fKk4EMndkhW5QopVaTk82RFSfDTw69D4ZrB8tZzaFRxMQiNb9PpKeuZKCNkgkV_yn4qn3Pw5-GA_djikn026fuX3oPTnVCpS408-cj16nUUB1LXgDsa-a6AG6xoG4cr6Jo9Zg5arPAQsXxLBSaeQMF0I-Zxe60lNT0DYLJ2tgoZ49oSO0FbnZ-ww-FkP7r21glUUerShO2ZzqruHHjmOS70HrzdNSwWZAqRO9ow4rTBqTkyJyDICWKSjtWxIMu2HPNPr0znrN0IgbFsN9B9FL6d13FBTpsnFC_gDgKzAxo8bg1S-mUM_IDuJfXtcQHheMg4hCSf5ePydTjXtMl-Jtb1YwNUEa_BQSA_c-KOhRV9LEHErQPNQLZYNZ7RLeE4JNyiOVKvmCGB-p3khcq9UcEhicsfBAd0MZIafoN2CrqEegbgPogI3s6Q7X0h7c20-EAl5bMaRcM6xa6dPbgkAnN-bOFZpsZHnCuFE9TEL9haO6oNYNAjxhKzx0wekPAkZlH1GLj1uJz-oDjW5rA4tzZ-wI5IND7zPbgROlsXy_2hSoiQHjOqTP87jtQBupWp3hIDqy5qoyYGFsi3Eb9CmTx-gAgjN6KHHaaDEPprjcIJMbzdfHiyF_uBcUxng6VWmIdQdKoNVUpM-QU7EKXgdfQ23K7Ah7C2LW7nbtnp8u50N0yMFcgVq9V0w-YjNpTkIoYee0Lu-p4b9_vsePpgSUy_k2-tyGifTuslaKmKaVEWsrw7AIlpZWUXWwB2VqGSH5BlXtbO3ANgoS4JRqkGAilY3SrUB_E6izG8vH-cwpuWXvjqOZB9lAMkQeB5AFWq4IgTQPGjXAKpGpvoD8PJpcPebob_hkWp8lzNdy2evA13mhNInAzmNeYR9yPGusxyaaI8QBg0SspSQwnCq3mP6QIJ9dvudPU6P62-VXwFbqDQhF7O8i1Uehh0F_SGkLT6IUBwtvUJtGTdlry61d7VfQhYUHsmX9f9gym0WWMjvy8-ui3RPkKzBNmMoNncS4fZ1rfwIjhQ8si2o6HlzgbxW74wLgxBtaVI-byxEtRDLu6YdhM-gZmeCJdcTEFozS6urf6A25zVqTc84Z5SefbUhnPhuKMSPpt2SHPcLeFNoJo2SsTUSRAQFv-87mzrD_QsUoeDKFKf5Sgy3Ngq8RO-GuCKQn6pA_p2jpC_gdR6g0sGr68ddsIcrZ4JoO0G7FnVo0cppQxf3J4lGIDFhaIa6XhYiaaQZPY5ncbR8FGTJpJuua0ZSrd1KSbVnnMMvW920YbRFgcrXTTJ-wzO7D347_RBYbnv7WdDgtn5LQED76DfqFqZpRh9-SJmKoSk8-ZT2HgYOkkzsYBpPitNsOJXUNbhUJ09N5mktIH9uZnm3fpqVCpeyVU65LR7mLNsvnUyRZ0TyRJ4oysFZHO5yDuZ85Hb-e0HpfZ2NBB1zW_I5oRHuT_eu8e0uaKI7cc7pFTOKccRXk3b3RpzBnn3-IowTYyGevoM2vm08GgwYIw-SeAtBe365GXKIHST8G720QcgTxY8DO_4_berMNwWwntTHSyWmvEFq4MLF5Q49fiLmCfQ6Zy_qUwiVZdqy9JzOqIDeNWv9XaGqP-_Z19XsQ&cid=CAASEuRoIVuxBihmOVKvPeKG8URRvw&rfl=5%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b8094313fc511d0f733614f3e1b3b7fd3db093f4cd0c4ca2bf52f3087a73f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27661
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame CE07 3 KB
1 KB 3ms
2ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:02:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE07 137 KB
43 KB 46ms
40ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame CE07 17 KB
7 KB 5ms
4ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:00:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CE07 0
0 41ms
39ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvS3epBswfJqtMhq-Ky_0_fD8AG2vUh-82j80w9chB1R0Mbp6mKoMdpQ1RG5nVZpZonnC0TfUKLNWEZEPXwMUqnkHQxw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=90&slotname=2784%2F12678&adk=3326638708&adf=1605851713&pi=t.ma~as.2784%2F12678&w=970&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467474910&bpp=14&bdt=415&idt=285&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&correlator=3991300433824&frm=23&ife=1&pv=2&ga_vid=220517886.1655467473&ga_sid=1655467475&ga_hid=670443119&ga_fc=1&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=984&biw=1600&bih=1200&isw=970&ish=90&ifk=1338535055&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761044%2C31065741%2C31067768%2C31067487&oid=2&pvsid=1707102116517937&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.uiesahcvftda&fsb=1&dtd=299
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE07 42 B
63 B 41ms
39ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cdn0nki6B8G445Griy42XvDzHdk_1yOjadqw6FhEC74MSEKJJZAQmg_5YldhMik66pwg9gws42rA5AqGvMZAt9VQYtvKKJgqD5anszP3bbdwsLZWQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2C1C 81 KB
27 KB 69ms
68ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27914
x-xss-protection: 0
server: sffe
etag: "1247 / 394 of 1000 / last-modified: 1655464010"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BE20 81 KB
27 KB 107ms
106ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

f7770fdfba7cddd3afef2938b438f1f4b61b97a0f61a8a43a101a44a149fdbd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27914
x-xss-protection: 0
server: sffe
etag: "1247 / 294 of 1000 / last-modified: 1655464038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 63C0 31 KB
10 KB 4ms
3ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=61286
content-type: text/html; charset=UTF-8
content-length: 9456
expires: Sat, 18 Jun 2022 05:06:02 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 593B 31 KB
10 KB 6ms
6ms Script
text/html 23.10.15.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-15-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=61286
content-type: text/html; charset=UTF-8
content-length: 9456
expires: Sat, 18 Jun 2022 05:06:02 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 63C0 284 B
934 B 635ms
111ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/jpg

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B61F 0
0 61ms
61ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=1113247215987441&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 593B 284 B
934 B 628ms
112ms Image
image/jpg 8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/jpg

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame B695 36 KB
14 KB 9ms
7ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 67D2
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

45ms
44ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYhYj7pwEwAQ&v=APEucNX85WEfRG6WkcqvVkf84FyBWY62b--gWJulkDTbjfuXtRCLKiUDTX9DdxRd0vQ9nBRm1u5CNr-N9f6jM8tPwsSXK__rXg

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
strict-transport-security: max-age=31536000
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&C=1

43 B
781 B

202ms
202ms

Image
image/gif

23.44.53.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYhYj7pwEwAQ&v=APEucNX85WEfRG6WkcqvVkf84FyBWY62b--gWJulkDTbjfuXtRCLKiUDTX9DdxRd0vQ9nBRm1u5CNr-N9f6jM8tPwsSXK__rXg
Protocol: HTTP/1.1
Server: 23.44.53.47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 17 Jun 2022 12:04:36 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 67D2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yqxt1BOb..hQYQDyvN7wWgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&google_hm=2

43 B
781 B

64ms
64ms

Image
image/gif

23.44.53.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQhbHeuQIYhYj7pwEwAQ&v=APEucNX85WEfRG6WkcqvVkf84FyBWY62b--gWJulkDTbjfuXtRCLKiUDTX9DdxRd0vQ9nBRm1u5CNr-N9f6jM8tPwsSXK__rXg
Protocol: HTTP/1.1
Server: 23.44.53.47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 17 Jun 2022 12:04:36 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAuZ7oEITne1b5IlFeEn5I&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2C1C 368 KB
125 KB 3ms
2ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 09:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Jun 2023 09:15:41 GMT

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BE20 368 KB
125 KB 8ms
8ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 06:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 17 Jun 2023 06:05:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame CE07 27 KB
10 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAaWjKsIWbaIu1COr1FccjtkGW_dTSDiXBpHHAWRuTGOZin9Q4VT5wM-RV1iS88fIC8tc0A8JGKX60ZxwSlSHdfgCwUiRTgGvJcL5-MdOct0gSrrL5lfz9_RSwADMjPnH53YpyL4SvSnoIK3SzIuEm0W73hQ&dbm_d=AKAmf-DUp8RsbJQqCnF1XNFfywP5FgDDDbcwWfSnOT3G2mOxgC6z51088j0FwPC1FQV2RTmb2b0ufp9mgyX3Tb6aH6OS2GRSpWYFXlZ5VWRBQIOiAwSC2RXYHZ-wVjEHJOmgbntezbcRXeN1hzXRy8it7QF1Xcu8dvxpHtVTY1YQHNWM1xcj9QiFvcx_6342HXZJ98q3Y0r0WvQMJJFE_LmIRYDYNZwlhk63XP41NW8SZ8ddLqVGckgHc2A8mGtKurLA11Sx5euoaQlOzDWSapOZXejCPrFyL18b84eg0mUyUx9P8trosowcKaopDxwfyC6ARRwg3ixvQ4PF66Q_yAjGIiW-nHbZdDyiaq6qXFEum20SNFEuS47dWEEGCzJ_P99hW1hs3M-eCVRJuQ38pLipkUu0ZnxQqoIGj_1cQZ3rJrCi6VShlIB2_KEFcm_5ysko_pM6Nm8KT7ERnibGMaQ9bSb35kUSa5C0nwAql0kzmU8Msy697G_OMSQUcbCFTonZEhfRHir6AL6lbIpTFpN5Z4pEz8krckl5mHPNENYUObRzh_6ErePdQSGS9GjxCJEZK9twiCyjQAfjpfY-pjyHXj5CM_VoxLMEBmuG6YZ_m5ZITsQcW4PuOWsPtHmKiUvTpHTP_E_hJa7ogNhBEy3BDEpNvXAlLD-qCW3JmC5yT84vzBKx5upW2entejYo6W23DBy7c9--DE7K0s9-LshyFFM-Vb2wx9zTMFVCwEwqLJMBbKHSeIGVK2ESFP3cLh9MX0693B8vyRLkekSd8M3s7ozfjTmrcIZXzHcP84RRc2KG8qOfwpkinmRXHhufhUIlI9mnQCd-QdFN53xJUW6XTfVJaPxIAmOxkv_tHPsVdIwHOGdzgfM0cUEJ_cMDltUwEXkwTEQz5iU-CyQnvKXisLEqv6LFkWxnL741ZYQ3R7u2SmtmyOqrcXfR03s9foT1s75JCb_6oRcXmc-krlH3FvipzZ6p-lPCVwm2d0xzQ2-hAP60Ynwv4mP3LbPPM-wZzgRa5jr2lVDWRbxMIbHkGGnH_UJob66OZCdWG0wBmQroavwxx-YGiUVMqSugfPn85kfArBofq7fwjHzEXYmf8ETdr92xcMTN1a_sgkLDSotePArIV49YZAEHEYx7VvU5pohsyghhjXt40exvrjQCvrEqIdWoGnVDosW_3QmRxl11IBX_0_LNV07N-Oi7Iu5xh1Zypl5074jXo5x4vp_NFoqmzPY0L9Mhqf1dj_Chiy7QZIX65JY-e2h-WWET4jUu6-_5PtnvGhbR4-WdkrBZpEga_dTzFzljIJ3dFoVt8O5uN4viUAXOWrmyx6GyWfkK-MQJiMOF8p9iyDrsfJ4l_EBUe8eJThDHCW2_GbUPvH2gqNa-on4Sr7_cFM61EDVclYU7BgkWIQIX_fKk4EMndkhW5QopVaTk82RFSfDTw69D4ZrB8tZzaFRxMQiNb9PpKeuZKCNkgkV_yn4qn3Pw5-GA_djikn026fuX3oPTnVCpS408-cj16nUUB1LXgDsa-a6AG6xoG4cr6Jo9Zg5arPAQsXxLBSaeQMF0I-Zxe60lNT0DYLJ2tgoZ49oSO0FbnZ-ww-FkP7r21glUUerShO2ZzqruHHjmOS70HrzdNSwWZAqRO9ow4rTBqTkyJyDICWKSjtWxIMu2HPNPr0znrN0IgbFsN9B9FL6d13FBTpsnFC_gDgKzAxo8bg1S-mUM_IDuJfXtcQHheMg4hCSf5ePydTjXtMl-Jtb1YwNUEa_BQSA_c-KOhRV9LEHErQPNQLZYNZ7RLeE4JNyiOVKvmCGB-p3khcq9UcEhicsfBAd0MZIafoN2CrqEegbgPogI3s6Q7X0h7c20-EAl5bMaRcM6xa6dPbgkAnN-bOFZpsZHnCuFE9TEL9haO6oNYNAjxhKzx0wekPAkZlH1GLj1uJz-oDjW5rA4tzZ-wI5IND7zPbgROlsXy_2hSoiQHjOqTP87jtQBupWp3hIDqy5qoyYGFsi3Eb9CmTx-gAgjN6KHHaaDEPprjcIJMbzdfHiyF_uBcUxng6VWmIdQdKoNVUpM-QU7EKXgdfQ23K7Ah7C2LW7nbtnp8u50N0yMFcgVq9V0w-YjNpTkIoYee0Lu-p4b9_vsePpgSUy_k2-tyGifTuslaKmKaVEWsrw7AIlpZWUXWwB2VqGSH5BlXtbO3ANgoS4JRqkGAilY3SrUB_E6izG8vH-cwpuWXvjqOZB9lAMkQeB5AFWq4IgTQPGjXAKpGpvoD8PJpcPebob_hkWp8lzNdy2evA13mhNInAzmNeYR9yPGusxyaaI8QBg0SspSQwnCq3mP6QIJ9dvudPU6P62-VXwFbqDQhF7O8i1Uehh0F_SGkLT6IUBwtvUJtGTdlry61d7VfQhYUHsmX9f9gym0WWMjvy8-ui3RPkKzBNmMoNncS4fZ1rfwIjhQ8si2o6HlzgbxW74wLgxBtaVI-byxEtRDLu6YdhM-gZmeCJdcTEFozS6urf6A25zVqTc84Z5SefbUhnPhuKMSPpt2SHPcLeFNoJo2SsTUSRAQFv-87mzrD_QsUoeDKFKf5Sgy3Ngq8RO-GuCKQn6pA_p2jpC_gdR6g0sGr68ddsIcrZ4JoO0G7FnVo0cppQxf3J4lGIDFhaIa6XhYiaaQZPY5ncbR8FGTJpJuua0ZSrd1KSbVnnMMvW920YbRFgcrXTTJ-wzO7D347_RBYbnv7WdDgtn5LQED76DfqFqZpRh9-SJmKoSk8-ZT2HgYOkkzsYBpPitNsOJXUNbhUJ09N5mktIH9uZnm3fpqVCpeyVU65LR7mLNsvnUyRZ0TyRJ4oysFZHO5yDuZ85Hb-e0HpfZ2NBB1zW_I5oRHuT_eu8e0uaKI7cc7pFTOKccRXk3b3RpzBnn3-IowTYyGevoM2vm08GgwYIw-SeAtBe365GXKIHST8G720QcgTxY8DO_4_berMNwWwntTHSyWmvEFq4MLF5Q49fiLmCfQ6Zy_qUwiVZdqy9JzOqIDeNWv9XaGqP-_Z19XsQ&cid=CAASEuRoIVuxBihmOVKvPeKG8URRvw&rfl=5%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10546
x-xss-protection: 0
server: cafe
etag: 1672864604874404814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:01:37 GMT

GET
H2 200 10504279255622861084
s0.2mdn.net/simgad/ Frame CE07 21 KB
22 KB 71ms
21ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10504279255622861084

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d878bb28a008c1ada5aa1fcfff91ab39a6e54dda5f51359ee93bbb70373a614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 14:39:24 GMT
x-content-type-options: nosniff
age: 163512
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21555
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 14:01:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 14:39:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame CE07 8 KB
3 KB 8ms
7ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:03:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE07 0
110 B 351ms
46ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGZRSzyQqcAF0rHx6FHM-snyU80pne94dKAkmaLl1obn3YMjlULiNwwLgfM3--2k3l0m6HNNRgrXtp449tquGUlJLX1DIGucIwPjdnzLIGJLttJT8umfBWHEcx9zX3f1rqMYkpsM_vzQass-2tF4TtRNCxFur34WwkcWavcSe2ayxzXdhY7QR5Pwr7ug6MBzpuRQdQsS52QUb02nAq6ieWtYtI1v_kLs3EcoVYcD-GmHPbJUd0biT9rrZBGm6OhOXr9aiJd1S8Q9z01tuqnvT68iUiNWnUmjVl79hLYzLsea3loMk6DTzbxMyF7B_Jpuhs2IkvDm87c_vuoWDTHhzlGLsolaAIwzau1Bh8xecaomMq_fc62NizUEN-dwaqig5mFObPsVGPt8w4jQy1GGm8eSlTVSu3fSZSdw19OOR2xLvVNp0LZ_Z7TP-TLqS-xKMR2I_N3fUffoqfx7_-xXTI-I1WPEpQH8kGgi0DhEfAImgJytSLJC7s5lOG4cqN-Y8UmPJVfp-FbnGm8iwG93nsbQ94zP-cKHPvWR6TPHSp-L8MKZ0-n4PpvAln7eFeFolhFMTY7fJE47-s2rbjm8FwnpDvNALAa5NoTgVQuzOB_XmfIShGLkt3j5WVkwcHAP3446YH2zQB6IuMY1i1BX4gsgRmrHl6eoEtyuQPpE4PgBUN1lczWRuBy0eWEIGWqlPRY0nvRcKEFPecDmTEF3dHlyG3OoKW-tcwl_Fg6ldbSMKesz0wJLYNkQK_locyCUWI0GHc0M3f5aPorx3HZhaneD07TFMxCxtEO9uv8kwIh2KdA0A2ZetUywaQsF287fCDg0bPPu3BzxUExpLqmEmokHdphlBKE5C_Pi5cnd-p-YCLr_AG9Km54ZtPYoaOrMDqLg-BAJdSHt7oAHJIxaakqkdDTdiuk_KOiClrn9GUFoqwBruv6GaWhOM8myUsbp7J2B4pkObZG0CSGxpNrn0yhYlrZjRuErv-03ghEdc5_CECJjgP7QnpQn3AA-aFYYSBS5OJX3ArAoanmr3wrfLAuSA2l-gr4d26SkgYDTaEnWtoTUvLOqOML5xjnmeMzPCbrBqBupuKGnUxqNPE6zLeerEl83EZMnvPIpCzi1iEpCHT7WOWlomK92YtTo5Fy4Gmv9m_9q9skb5_xKJde4NbnQ_iFtwWT7rn53drq3Xusfq1vVNrDx0d-38&sai=AMfl-YRtOmhdNa9H7RCn2hRG-Vs4p4-ImK66R0X6AzRUQeCgbWGfCSUCF6EMcxZei_9cxDwfy9fPw1RF-2ccv2FceyOp-psaVbvokYhXRiwROnPJ8G5p9lUAeuEpPdVJrO7yxSPNTfXbxZ_PnFipvUezqU6iLytseg&sig=Cg0ArKJSzC82T0LmgpnXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220615.65659&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CE07 41 KB
15 KB 12ms
8ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 05:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 05:56:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame 2C1C 107 B
122 B 51ms
51ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2C1C 107 B
122 B 87ms
87ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2C1C 307 B
155 B 72ms
71ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2875112424369557&correlator=4115547979132993&eid=31067915%2C42531606%2C31064018%2C31062930&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655467476219&lmt=1644386353&dlt=1655467475986&idt=215&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=881z444112dy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=73320388.1655467476&ga_sid=1655467476&ga_hid=1619854371&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3748b3ffe5660261265a12bbc9c8ebfd6c4c1e43eff0a776585ac2f0f292f325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 24D7 6 KB
3 KB 349ms
258ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Sat, 17 Jun 2023 12:04:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FC51 12 B
53 B 44ms
44ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame FC51 107 B
122 B 41ms
40ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FC51 107 B
122 B 43ms
43ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C0D 17 KB
9 KB 308ms
291ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3bc17141284652ab2fb52acd8b0bb19b9f668d373962766e513a13f318c2d8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9305
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3E37 1 KB
749 B 116ms
99ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 41662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 00:30:14 GMT
etag: 48472445140208031
expires: Sat, 18 Jun 2022 00:30:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE07 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ccb8b9a6ee44b87ed26be736139cba8fd2d712f29dc8004c41a66e55fc206fb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame BE20 107 B
122 B 45ms
45ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BE20 107 B
122 B 39ms
39ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BE20 307 B
157 B 76ms
75ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1625855169176914&correlator=1827750268621421&eid=31067914%2C31068076%2C31068093&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&ecs=20220617&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1655467476353&lmt=1644386353&dlt=1655467475993&idt=332&biw=-12245933&bih=-12245933&adxs=-12245933&adys=-12245933&ucis=25r0q2y2zto4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=771050827.1655467476&ga_sid=1655467476&ga_hid=999875630&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

d64ff733921537a418d16ed3b3a7b440e972b5b308440f4c48a424b31da6af98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3718 6 KB
3 KB 79ms
40ms Document
text/html 2404:6800:4004:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Sat, 17 Jun 2023 12:04:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B695 0
9 B 3ms
2ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LDHD_A
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CE07 0
575 B 169ms
45ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B9F6 12 B
53 B 56ms
44ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ Frame B9F6 107 B
122 B 44ms
42ms Script
application/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B9F6 107 B
122 B 45ms
44ms Script
application/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=reurl.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4164 17 KB
9 KB 265ms
265ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

260cef14eab28592e790873b2ed34232251236c3f86d583b7b03cd3465fe8f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 9362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 88A3 22 KB
8 KB 6ms
5ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 282208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:41:08 GMT
expires: Wed, 14 Jun 2023 05:41:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 88A3 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BE20 14 KB
10 KB 54ms
54ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5af40032d30af7eed15f0e63e1df9f71de8da66f1a4cc01e06efcfc5edf1bf40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10580
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2C1C 14 KB
10 KB 52ms
51ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3221ccc7c661c74f08b522d88575f767d1507e58ed094340c7fbc7f4a284e84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10622
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ2YTc1M2UtMmY2MC00NmIyLTgyYTUtOTYwNDY0YjJiYmU3&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=1&google_push=ARnp8GDr...

170 B
188 B

53ms
52ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ2YTc1M2UtMmY2MC00NmIyLTgyYTUtOTYwNDY0YjJiYmU3&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=1&google_push=ARnp8GDr3UnKl6c_HwxaNL5TuvGClfpypCxNyQDHZvcGlqOEDNNOMgTeZx5kQEoEpcIRatlcr5XPm5xt6OTY7vFWxQNxrQZWpdlz

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTQ2YTc1M2UtMmY2MC00NmIyLTgyYTUtOTYwNDY0YjJiYmU3&google_gid=CAESEPGx3fhUcIm8zV3Nskpqqfo&google_cver=1&google_push=ARnp8GDr3UnKl6c_HwxaNL5TuvGClfpypCxNyQDHZvcGlqOEDNNOMgTeZx5kQEoEpcIRatlcr5XPm5xt6OTY7vFWxQNxrQZWpdlz
date: Fri, 17 Jun 2022 12:04:37 GMT
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEIn75mSjSlZcBcd5lLSCuSc&google_cver=1&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEIn75mSjSlZcBcd5lLSCuSc&google_cver=1&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqR...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5&google_hm=E9OXyF28T4SXzz...

170 B
188 B

46ms
46ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5&google_hm=E9OXyF28T4SXzzmEdlJ78A==

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5&google_hm=E9OXyF28T4SXzzmEdlJ78A==
Date: Fri, 17 Jun 2022 12:04:36 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPSs0NacyamnDiIglizGBlA&c_param1=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a

170 B
188 B

43ms
42ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ARnp8GDXGtrbiDrR8wSffyus83OMfEJz_wopz1nTxnlLt_J-x3QUAdBdex2bZhRmF8bJqHcIJM5U-xjWj0_4rewuUNBccgWAIW6a
date: Fri, 17 Jun 2022 12:04:37 GMT
server: nginx/1.19.0
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1TUA99L6TFq1WZFoPon0SA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

45ms
45ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1TUA99L6TFq1WZFoPon0SA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAQx_l36pqbLFeTD6lPeagT316FXbSQjOL0lLKRMk7RZaxjvHZcLfE9PFX9-7YyHkzcMzGfMNmPPmvG4MXAuK7M3_sIVo9n

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1TUA99L6TFq1WZFoPon0SA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GAQx_l36pqbLFeTD6lPeagT316FXbSQjOL0lLKRMk7RZaxjvHZcLfE9PFX9-7YyHkzcMzGfMNmPPmvG4MXAuK7M3_sIVo9n
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEJWTmFvt3odMRmdmnuOsj8U&google_cver=1&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7jOeDJwD5

170 B
188 B

43ms
43ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7jOeDJwD5

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=ARnp8GCdfCPkPkzgpobW9fF6TXzCYdelvZRoy-Gu1vShroapZeklsx-hnveVkIY06ezgDJ7-BmeJ4kl_G9cB6rjYqkN7jOeDJwD5
date: Fri, 17 Jun 2022 12:04:36 GMT
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3E37
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEHv5mFFH-oa86pceFtSVIj8&google_cver=1&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2mP9s5NlywsDfyZM-WyT6Y6&google_hm=MTM1ODgzMj...

170 B
188 B

40ms
40ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2mP9s5NlywsDfyZM-WyT6Y6&google_hm=MTM1ODgzMjQyNDc3MDczNzM4Mg%3D%3D

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=ARnp8GAsMLp_K51XXB9X8GSw_mz0LOP2SeeIr-1XdRM36oHWcqcZmd83LdtkQL23X0Kv9htSk970E2mP9s5NlywsDfyZM-WyT6Y6&google_hm=MTM1ODgzMjQyNDc3MDczNzM4Mg%3D%3D
date: Fri, 17 Jun 2022 12:04:37 GMT
content-length: 0

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 3E37
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEOCoWaXniXKy2ack6-ibLF0?ext-param=ARnp8GAGTEGcRylDUzkbzekyzPso1d4n0dE3sGGL-rkEBhbZ_b6jxsPvNLXP_zsL6f9ru1gyMnQ33jFNe_spVPwA8UAx1oRAXUbKGw&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEOCoWaXniXKy2ack6-ibLF0?redir-setuniq=1&ext-param=ARnp8GAGTEGcRylDUzkbzekyzPso1d4n0dE3sGGL-rkEBhbZ_b6jxsPvNLXP_zsL6f9ru1gyMnQ33jFNe_spVPwA8UAx1oRAXUbKGw&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEOCoWaXniXKy2ack6-ibLF0&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

294ms
294ms

Image
image/gif

2a02:6b8::90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

2a02:6b8::90 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:38 GMT
content-encoding: gzip
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
x-xss-protection: 1; mode=block
expires: Fri, 02 Jun 2023 12:04:38 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://an.yandex.ru/resource/spacer.gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3E37 0
12 B 87ms
86ms Image
text/html 172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IEC835HlSLX_65wb2JFvVngiAlYF8w__b8hoYuTQpSxntj8__LRj6l18Wjwpa7KA3kZ7pf3g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BE20 17 KB
6 KB 49ms
49ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068093

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C1C 17 KB
6 KB 105ms
105ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88A3 0
20 B 41ms
41ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeR4T1G2sYsSrBtyOpt8Pz6-TgAsAAAAAOAHgBAI&bg=!XV6lXhrNAAbASn8N4Eo7ACkAdvg8WmiUFKe0QMrWhKBQ44SuGAe2jR0f2LzA_RA2E-2VYKe43WVqhwIAAABnUgAAAAJoAQcKAEsJUaPqUf4PkfWXyCW87kj4tXlVtGQTmQq0WwNXpLwjxjuVWSBEaMMl1ewXhEO7eA_8AzGVkB2s-hbUDz0sNaqsWUQFKk5zBA4gY9WZAxXm8KA6fSdhO5JjAXebl9m92umKFBZdR-3jAKU95fM_sBU3KQ-ymCw1DugVR-fWyl7M0VpxwR4Ab_ABen0sEF7vBC3h7oB5g760qcf3ZPV-eszHMxtfLenRLrS_fT_bHVJKvxbTMFQ5ygtYwXZhYV6B679NX2kMatmNRp6EBJ-ko_xZwHxVnB7kTSvmCH1BXIY-WYlAlLg7cLej9RX-d35Xc0xj3EFFa6qS50ne4dq1PZz-qsd-2ga2hCcnrFDOUtU5CLLH7KV6xk-YmhNPhJDBpt5gZFh_ErIwUmF_lSuFDcPwFXFPZs6FQsEHBipNPRqkYaCcjIUePQ_U1QB5QVK2zkTK3Bni1slphxez9KoQwcYLgTmd7MVAzQ9QIUn7vuKEpn4AKh_zJoBJMhnvnh_6divYEx5PfjeOGROTL_xPy3U-yfvj5_0NAPAm_rXxijevHIxiKI_ygRpFB0w2YukSN_LNawNSXrVvrCpdTNLanoNTrxVmVkHlqMwhFr1_Dfm80mtXj3j-O7cYMLdIVpGgmMp0TQ5azbPHGtGj4X3aTsasiVL2zVehpMKXFSxQNT4GZMikyn6OTAIX71xwqBFcufHuXY24vHg2yaKv4GGez4CTUu1LHd2mjom0U9eisn_F7HIPEaMMA3_Q0V7GLzPYIUms1stNbVPTNgArC50IoQoK_2TNdY6ZFJK7sdGCdxkqg3BtuBu2LmhHDiV5t1zIsqq9JUJqO5jGNqQWHeOTsTaXgxjICYP8xhk3Qne4BGAL0ww3aCWFuKRznIlq_2YKOcUOE6FXTygT7c5Oo56wJP-u2CN1eGPKgy0Wkjv4VE15t_6_cSdnch-kPFrX8GHTHs3Vv3LIntVWcNttjfXla1DZTvOFaaUT8D2-B5GzQcA-TBprMtuS8Zq0dhwXkbEk55VDd7GNcwLbGFwFKYo08JAqM8rFGQAx-wke0cqss7hV8KPLhbNFVBM6qM0Rlcbb4A9ojbZuw5Ixqod-60uKcmojfljtKEih84gksM-WpV2HIAPEBJahgIqyCyCr8njQsUpClys

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rubiconid.aspx
bw.scupio.com/adpinline/ Frame 63C0
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L4IELC51-11-8USR
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IELC51-11-8USR

0
621 B

35ms
34ms

Image
application/javascript

210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IELC51-11-8USR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:36 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: application/javascript
Content-Length: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L4IELC51-11-8USR
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
Expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7F6 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8066 783 B
536 B 48ms
48ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76ed5b9a4f77958a4fb9c86b1768050f6d24f5751ad9eac47d42fd34cd59b2e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6LNl3fwZzXaV2YBuSlYpYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-6LNl3fwZzXaV2YBuSlYpYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Fri, 17 Jun 2022 12:04:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B591 14 KB
10 KB 63ms
63ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c417cfe06b07ef3bbae9b827ac8bdacd8ac4ae0ff87583a0603b5c01266011b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10675
x-xss-protection: 0

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame D7F6 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4164 42 B
63 B 38ms
37ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AER7wjxNskKtvtHlsW_sNqExynQ4SFr4bmJLjGXvDBHXUmD5fhyI3_eFKWbaejat4LeqU8vcFfiilc9pAezO4TWTXWPLozRatNUZIN2JfIubI3JIE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 4164 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:02:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4164 137 KB
42 KB 75ms
74ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 4164 17 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:00:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4164 0
0 46ms
46ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQi8AS7HH3ZA6iXsOl5l7vDkDkRdME4YxpNLTdzKy596OLzIcMzsYu0RbRritylKCOqHKIeQIdAbNmnPpApeMBhxE0vtg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA47 611 B
316 B 50ms
50ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNWPZLo42MRdZFInCIm0O5EzQGdbR5jSYRUxcZ7IrULd5eHDXyJp1qQBkNsqpf7dqk2Ed-Kp_BuVxtOaR5kkhK7mkaaShQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4164 76 KB
32 KB 86ms
86ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqXyBdAqHKt5beDRAbHI9ze2zvZ5faKyGtufUZC7Wv3wEohebxtJR_YYq9zouWLrNssXRXIKHDdCr21ycP67MMF_fUNlSNwAj_0sKEnTzJArGvMffHdlhLMsI0LJZC-12NQhy7J6uYIrihUhpZvn5TDczAlM5i37aTbRl4vGXq2HtI-PQ&cry=1&dbm_d=AKAmf-DgJh2g7_5KHS0MjOfMcT1hoLcdQ1fia0Pgi1kUpkJWL_sguwGkqVMOtDzr16DNF7Gx4woL3Yh2QzIwgBF9tJ3bVgeMfWVWE8y0OTsypCJeO1OFPbe0A6MtiVdMooREvDePe0HLvqnrafTTIY6WC4KvAh-IVNf2kM7koKUtClmrZ3D6DdU1YQsbL0d-t4QpuOuGzpMhZs5qLTlRfHPAtXvgsgorYlNbKrWBvTvtnHhmn6vTIWT8Yq-zlNj4ywwWvhmjhtCpHSG88Q_RLQt8VrxfM3hUJB47hxKIEpKjQWFFw-kZKpJ18GBxnHNvUweZ8wyUQxTKxsMT4InMlpiA6Np2CpD7UYeLpF1jV7eve-_CIoZ0Uvl5w-evhYyB7XJtqfhkYwSWjSDJL20kfmJ1euC5iUI4Zh2XvJhCpdTf5OFkbVPSUYxkJasOAKLLqd8HGetPgVauOqt_VlRS8gpeqBdiMnI4rE8Obh5hN6zViBmcMUJP4KoVLITU1eYpxDMcvWidnxavsHZoF3zeb511kV6oQzlP5hbsEtcfJ5MYRQKZZI2NRs7F0siDdorN-jMFXwZJr6gAgsve0Jp6o7YTZdYZNpp3-iZUgMFY7e8FIc3Y5GCRQ5DjnmWv86vwEZf-E9knBivLwTyjfFZOLLQCqdf3eVZfx2ld6IiVcPxCbcBfCtcLEbddt7jOHcyeZQQNzzbxFWvedDeq1HCRgm7kgsqp6QRdigmAqbigaVxbKdzLlGf4rm_RwY8YZwVT2BYtr9OZOtTpFxu7CMuQG-PtZ_exbyjzeodChvsO6j3CA9XbvNk4YuqiY707_f96tSAjNktvPP1JKHP1hx0oGJSiXuIVBW8n5qq500XP4JqOD3DLLBRJ5rp1Kk2qU5-EJZvIKz70OQkkeWaRMBoW3hkFeulvkM6IV9LeaQaKg0L22HhdY73NSjQkOaSfzPMMuD9QBZl7GglrvP-arcFYhb519xB5JLQWcLUSu3hRK1XKqAoSaP4LX5WHliO4J2HaWMmJyQ7gIc88VdLNQfHr6iKsGJYq0Las1DcsHhbTEUD0oE2qu2ZD8v_wG8FzwPpt8iwBYRUBcScwnRm0Zmh3AyhsxxKXcRMr-yQLo38KVk-CmTfjT7BYxzU3j7WBSJmSZU3_Nko4RnBVZ04HoJMkD-WRjaUkKdbiaqXFA3Q-2QcWMk6-uWhJ9SKYudxaxOyYmU15EnxPBLKJwBL3AedVWApktiKe62T5ZUd2ksJ-pSJn-fMsOpMq6KPg8yQ-3MlOF_u7f2sdTQnFk4YUS7463DFU4bcQRryNOmznSC2t5KlkTOK004X2fOPbUF0lr2tLSUJVgCqPUHojTeyiyJgkqGEyX8zwblIXdJ98PExo2QwqFB20w5kEpxeLEu1hU_9YINgYriCtVkY5H8SWs5Yey5USZsroVkXo1Mg_kaFPh3cp0YOWoLn2iOVpOYWoBsC3aYg8Z0tssDVRUwnU5j8dHqjo6FoGyy0Sg3hQLDt5qZ7ZYLJT-1S6B6b4FuqNTK1q1f54lXv6UsRgC7vIOHIefp0w00aZIVEJ2EvVh3g2vAU9WStNiMmY7aZKj7QdWIt33ZZyLe8iKjwQq1Y0Tg8zSrZor2BbAvAdJ5AcoPgTnVgBQ2DSEHYo97RQmSXm2vt2Y6ZV6vsXfmn8MHolq0g6bPmnhpHvbPtIlbzSDfDXlHW7X8VQ4kPt-Gxc7spCiyeJNclW6oq6EqcXW1eLIGebFXkZdNDdKeaW9CWcW35UZJbMy9bgkb1kGQ74fKmgZGmFEJjFCNPeKfsCjPSFgsrKYljq1ePNMvtAoyITs9NZhpBpGnJUQjOa7IxbYr_UiW395aB5NHeagV5nfTYiw9CSmeNzIBP-FeHLdf_q7QHSlKBF3_lbPpGMhRH9fMlN79iGtQBoScHyED_3h6jtrOeE2bASTeQhsItoGXX7g2VqhGx2-Gc7AqZn-1aBPU692qQhSU3V-F0xR3L9ZHf9e1pbweIvSb992CbjPZm5292OBYhlILE8cEXVEz-3N4JKjwCHpHOpwKtMrI7aVJZ2JbujEFZUdjGILPcllEnXQ8_TdOTrN8dD2U5kyxXjJ5lD5hL-pM6iZWVA0dw-eY-ACxBXKpTKSY19RtRsJf2BTmtXp5e9_XI7OXj79ICEEAqOBfF1TBrx8jEWfmqASYji_HgNO4xtW4LnQltoxhIFuyTQGaKSF9dAxaKYsg-aZcnyeoPerju38UMeKJccd3Qh2mOVLS5eDqHapWmijg2IHVcp4xjibjKPO0ymmKFe8WdSsXXenN2VGvv5vhbBPy6YTtk5LxSVb32JeyowSuKD6yNW2H-G6pe7lxoC8c6gT7D_5rOqcOf0kGlfBaQiarVnOupy7r7zDzldIsfhNsr8NsroZ6iAqKgvXKBbwxNXPcbKA3lVQKCwddbmkmx5glqMW_5AhpGeGc6a6gDiZ22gU32ZAiUIeG2c6XFs14f6Us4ysRvSflCzUIO251_izZLsrDRTDGxL4VWYX-VllF3kjv6bxiUNbsNZK8VHEmn_RwajJXIoIYv4W9di0g3QuJTBnnpz1GhdNoaZATvNEuuIIqNJO7MGX4sx0xtpCbHB26dhyOca_e8qhC678X9OGF9HID8kc18KAngx_vg_QSqxq5BroEKiTPio9rpT-vP6o8yYaUSxu3knISVQ2q6ktLztaLpU5wgNbbXSFKLDQBp3g4R5YhQsL0Ft1WJOfQ34Ui8idGws7Ybugqw6Px9lQLSyRTy3Z9L0t2AICrx0Cf5fA-uDoBqrAJ7k8a4L9HbkUMdQk-VENbASQqc8MbPttJ5xDdFRMdGoIwyik_t_KAaWw1O6ubDBQlNHgQWPu87A0ATJGNenyvB_pmxsamKAm2lCspGWQlnYrNMMMjS1P0uW_ILveN1KaujVND3BRwbCwFGPJiZXOfh2vyci9yR2XeoYtY0krV817hOGdkVXtuK2DfgCl57cIKAAVqZwtb5hTj3jaYwYATqHz7RpY7mh2lpprduTx-nLKW4m075J3OVG4KsSm2HaJnPFHlNHThPurqPtCalQqQLpw2Yo7_yogvBnBlUU8nyCaE2Nl6MdeIw1fXaK_Hgpfr3bh0yhOls1O-S5yLdNCtHbfnLnL0m4AMZSQbA8oa6NH2HnucX0S9hOtSrNLpt6vhC9R4VLu2loem_vEOg2btVD9JttAPxg&cid=CAASJORoA2rOqbV1nXm4EuUwA6HRRaM8sxwOJr4etJbksKDycbRjWg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

689645e97292c57ff335fa7563172553a28858cf9bbf3b9eae5e0fd96bf43b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32746
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B591 17 KB
6 KB 98ms
98ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8066 0
0 76ms
76ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=1625855169176914&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C0D 42 B
63 B 41ms
40ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIoVqzicsGsTvISn2wUZzKvD-yUgyaJXCgnEphbGuzL8NnwO6BQnRh058lQI4V2aDcGX00GvhF80jPAnLNDU7z058xOIAE4AHkazrNuv_nOUY0VYE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 6C0D 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:02:28 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C0D 137 KB
42 KB 94ms
94ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655318790223595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/ Frame 6C0D 17 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220615/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:00:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C0D 0
0 42ms
40ms Image
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQN3_mNRArQ6BGVL5G0XcFBWT_N2hlmpSkU-i3_97PPaxd4Cp7YfnUSBJPkdmnAMnrqh27qTtcADTmUK1a-tAfwX-mCkA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1943 13 KB
5 KB 3ms
3ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F525 783 B
533 B 47ms
46ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5d5c88e436b2da390d65812d83df7b6bf3daf9dd484c18118d9f2317d2d6948

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-E-vsXPXOSN7XujXoydhnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-E-vsXPXOSN7XujXoydhnNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Fri, 17 Jun 2022 12:04:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C3D7 441 B
248 B 53ms
45ms Document
text/html 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNXLalEBVl0uGwiIMuc9LYxiEmTkelrISQr4gml9PyQ5tiK3adyCVp0r1TnE2ur-F5MzIWddAhSml2_fhmF78PEqDNC1fA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 227
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6C0D 76 KB
32 KB 135ms
132ms Script
text/javascript 2404:6800:4004:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTLhOvXER4SSimM0gPDFcfqQVNnP6RULjXWsMET6aSRNzJF558am-Uc2EGvpMHtCTN7zs1eD1D3p6z7ILgiLXMDslsOt-75ycV8WdoaXA6N9R6nlB7GiBzTTDlQU5xM7V1iTxqjJuYCHgYjkXczlYRepeOO2RKkEYX_p3x19up2Un_Z7c&cry=1&dbm_d=AKAmf-AqQcWVfJGKAEWldT8C8FSJlJLZf7kxYq_P1tb5pVXpiBgXFqYZ4njdHQuwJseBTzgSazyF4693IlLfPQebbmh6cqAm6xAXjFeR2QBV-ZkCu92KD_rng_YiQ6Mr4A9AX8fhK9FXoBOHmhv_u0U5RybKJfa2LlsIPoKCxQabH5-E3wiHTU8-0ojSNh4MQYRDKWs9xTYoZGW85nFxuUG1LPQZkymXNq6SCFOP012WmnljAtqF0yttEp1he0UQbj8qOpnG0R3pqwJ8Pcn_7YRZRFErceKfXkD25613tdCrxjPDoXYxL5kNVTe9AjlEUEzE0c-L2yQe7zl3Se0sM9SGbuIDwcp9BQ4XnE0pkd9LBAQKchcH3vYRJHko0pIMFL4MvCougRf6WfkLEPM9Jo36cy_Vx10lov6tnjs7EvHmcuVk65skXc-Lb_ku4nui0lmfyJysMm6FuEzMVg3pTrQAqhm5nKFwSdfbX639_0a7LUW0SdVFTS2oNF6iHRKBm2WlLX9xGtZU6ZTUiVigmoatZ8jOLaARPGZu7x6PWxQCxXtLuM-63gG7mYVfL0OxdpgTud_Yc1mz3Hl1rkuIDpRN8wvdZ4bX6t4h3xIz80ljHQkujku2cvj_mLGnSORqqIBs-NEfcXIgyLMscVQaJkBjSTJkCgOPn9BiqEK9F2cLSgq5vIm7JLgZIR7IuL_xc_fD9KYroJgfeMjlSjkdbO6O8ffS_niwvnqCxEgSBKRIPrSTR-0yqzvgyP0BAOevtAqIUBs7nJNYPTheAynuEoMa5f6cmb4j25klvTdugE96O-DUJ8Up5TAZGuQzcGOsFKoYt7TDgQMpASuyDU5XzM10Qn8JAzJYoowz7l5Ckcd50NZolsgwpc41SoYhbYJqGjBaf4XKbwtiLnLn2dhEg6tMQGFBaRKaMGIf8uGZmy4k7V3z4I_GZF-VoSDuPeFi8etRn2HnOWYV3MftpLmFLv8BWZAi6Yj0JMaqcdi_u26uJ3Gly_EdhMlb_yt2m512s7I8jjfvHjjTlWpBjIsDJWvHHcYBm-ExouUAKk9t0cTnqVxCTNp-me5GEOC1jWllsjYBiQD8XkBut-kPyCfRYmZWkrILqDEzKXFgAnT-XLAefG_IGtB9ZG7YzrEUfl1ICtYt3oaVF0ffmxOZHna-yZtuPYCgmQx9wo2Tnx2UEDAZfmvSwMQjGXX672IBXtz1JR4N6nBS2uwYDqAcV31hUgqKT3GgLu5lrw-xrTDhXdGzXl323a3beJWBHbzFZpE7YtTHg0a6ttvvIwLc2krkHaJzSh3_t6YWfV0IB9BASjBgaKWgqIWbO4sHUeDOUPoISEu2BAspfpZzK0YwPeweOdVs2V8qcStn8Oy8qRY_M04CT1YvyirjUy6x-Qdts5E5ARCu9juAKcFXy1m4c5SUMgzRcdlW-ihd-_Ty-4zSQsu8s7rVlTac_y4T6yf-zz_QYiewlnQLok3KtukLL9PWM6L--O1wmRVvkF_UNmPnSoIzSvpDDeSRfWFortrrWxEXJeQNVj5M_bHyXhiImP8Ldn341OXC5j6KUeeYPIMIK8r60xVWD-FTwRfwj1dgy6ceFgTVSpGEvZ1ACNqTDa1Kj5e3weG_42hcELH1y7tlELX--1RRucXWMT221Dnz9oF3dMcXHn-4-IBouQLx-AvdN-xDzMdYpDynMP6ccf6pa2xmimAQZ1otpA2_JkNwoHizKZUqcJCVFlwf1-wVnkyj8S_NLhOKXmnUKl39H4LQpIus4F75cA4yqDeyhqo7_WQ-j9rSG7tnkBh8q-l9Lbw1-4GeGBdHN-pjhyD87u6h3pKDufpnWphk1ZN1qY2zdzhboHZGErrV51EQRFiM3-Zu-bLA_7QKWUoBoushzhsvPUdNKUrBVcCSgPGg-0kvabtE9IGRQ0-TRR0-bkytSaKdYcj7LRYJJHNWsO-6TzYiGf5xoo8vjDU4-w5pEs2Ye3hc2jWIe5rkoKHaAuuV_dFYYDrktbOJn28y8NaqC6BaWbPduN6muZa1jIFo-WqeAy0I3aDkn-4kU2AtBAorH3hEWjBOE1HugW4OFJmdc6sD8fwzgbPE1r0Td8-1T5W-wAGgP2xSCEQ59Yij1vW4b8P-dm3ULffbRKsYQqkEb3crcjkZ4dVPCSxPsLIvWY03uqkxEUpImsmI21XHOnc2EijYrUgSoh4CNdNX82G7AWUt_MEc6D0MnpONRW-puzNcDERp_PGNJCuHMlxEFqj87pmSZzAD1YsC8cSEAAz68Np0V7B-8bffWdBUtoo3t1BG5NVvd_10H0Fq09AgVCYACVsn9nPMWz8zgX5dEEWXbB0rmdUfVhmVBK3QsHouMypgA9W36UsreHU9QYunjgfGs8SWqJnxWFOWtieHUbfoYwO6zgj6ibkaHuctLX_FmMYs7XP2pJZKTlNQ5NrOjaPkfZfTOHYx8o0S3kURpO9p3tC-K2WKzIyyj_z11uHQXCUoMh_1VNm3HPq5xEZlsSTbWELpQKjTR2umUAfhQ6d4hz-k9CtPyE7vymC02JuVF5tOrsnEh4rYmGU6z3jkWYDn55sO1MmR6TbkRJBRGa0_Dz_FozWB3uyIsMT-08qZ0NaBmaK5A1JrOAEEFI07S_A7w2AgNJ_YZ_FEkMMjGXE725h-u07q87jbm-ykoVhzfx6qe8ozTwlzZOLLfgh2tEVh-BaJhYACtR3jpoyvhur5NzwvcKoG1a4GJB7cKWmxRbP94bvdCrfoApqmZacCYwDn3p5wTa-85DVMVPZBBIrapahrB6ezX53wwyX5GPem_jxog6kU3e-vdgtEDyElzLqhx4HRnLzSVU8S8MK98qzQyO0NHg5JI2-Sn6cyrCZbiUvEIM4ESUUmbjgav8o8u_ZHIu-FUY1M-LeuN0txtwn2bWAYnhqYUah6tBwM12LEVbM82PxxppoTrbJ1ElnLZbiJZlK1VY08gzgk0XFZ2cS6A16BtWRcc8kucyEtnwl3xM_K-rqL2u3n50cOJ3tVngiW60vpshH8sweEqByDqCB3oUHGw-3__fnWe9qS7H5Pb6Odnu-Y3vRqlHCpq5XRD6HGCw_moypzqe75OHTYUdtEaJT2upJr3Jvt5jDus2GUVJDnsszTJjhlO9q5dvvrjYklmlhOR70SzV0a7bUEA_ya_QqaFOG3krcOvsCYCFzEX1-HQg7Nyl_-O12BjNo8&cid=CAASJORo4qXv2ZbSIrJTIp60MmeLQr6pa4joJ2JKw1ido1T7v8YnvQ&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81f::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fa980a641f6436e48942c0bb79859babddf81f3d6316edc4dc19b0f0ae61e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32853
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63C0
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJRUxDNTEtMTEtOFVTUg==

170 B
188 B

44ms
44ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJRUxDNTEtMTEtOFVTUg==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRJRUxDNTEtMTEtOFVTUg==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 63C0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oAUD_9IYSyyywAcauYTMVw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oAUD_9IYSyyywAcauYTMVw

43 B
556 B

182ms
182ms

Image
image/gif

209.54.180.144

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oAUD_9IYSyyywAcauYTMVw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

HTTP/1.1

Server

209.54.180.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:38 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TR0Z4X7Q2G01JCNQ1CBY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oAUD_9IYSyyywAcauYTMVw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 63C0
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IELC51-11-8USR

0
574 B

185ms
173ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IELC51-11-8USR
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 18AFFF7E58F84E88ACD580E7B55FF079 Ref B: TYAEDGE1016 Ref C: 2022-06-17T12:04:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXho47oBj5a4SlEWV4nYA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4IELC51-11-8USR
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 63C0
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dfd58ca5-2bf0-4dbc-ab27-5e3caf35d789&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

454ms
115ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dfd58ca5-2bf0-4dbc-ab27-5e3caf35d789&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dfd58ca5-2bf0-4dbc-ab27-5e3caf35d789&gdpr=0&gdpr_consent=&expires=30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 289

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 63C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOHIzRLorQfFI0HHtXV4Xbg&google_cver=1

42 B
691 B

454ms
116ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOHIzRLorQfFI0HHtXV4Xbg&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEOHIzRLorQfFI0HHtXV4Xbg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 63C0
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IELC51-11-8USR&sigv=1&esig=2~36092e18319634b1d859e460c5215082579c7ff9

0
47 B

4ms
3ms

Image
text/plain

2406:2000:a4:9fe::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IELC51-11-8USR&sigv=1&esig=2~36092e18319634b1d859e460c5215082579c7ff9

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

2406:2000:a4:9fe::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4IELC51-11-8USR&sigv=1&esig=2~36092e18319634b1d859e460c5215082579c7ff9
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 63C0
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/tHDbYq3mz3cKV5n5X18AQcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9008171602180435445

42 B
691 B

155ms
116ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9008171602180435445
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type: image/gif

Redirect headers

date: Fri, 17 Jun 2022 12:04:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=9008171602180435445
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63C0
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJjZTFjNGU2NWU5MzU0YmMyNDcwMGE3ZTEwNGE3MzE2M2QwMzk4ZQ

170 B
188 B

45ms
45ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJjZTFjNGU2NWU5MzU0YmMyNDcwMGE3ZTEwNGE3MzE2M2QwMzk4ZQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJjZTFjNGU2NWU5MzU0YmMyNDcwMGE3ZTEwNGE3MzE2M2QwMzk4ZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7F6 0
9 B 9ms
7ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VPU3vQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BA47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQpPHGyoFodTjINY-MoqFY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELQpPHGyoFodTjINY-MoqFY%26google_cver%3D1

43 B
1 KB

110ms
110ms

Image
image/gif

104.254.150.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELQpPHGyoFodTjINY-MoqFY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNWPZLo42MRdZFInCIm0O5EzQGdbR5jSYRUxcZ7IrULd5eHDXyJp1qQBkNsqpf7dqk2Ed-Kp_BuVxtOaR5kkhK7mkaaShQ

Protocol

HTTP/1.1

Server

104.254.150.241 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Proxy-Origin: 217.138.252.165; 217.138.252.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f2e237f7-d27b-42de-a0b7-e3f43a01d1fd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Proxy-Origin: 217.138.252.165; 217.138.252.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 890ca197-3135-4a5b-b3a3-3ba655b9d9d5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELQpPHGyoFodTjINY-MoqFY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA47
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4NDQ2OTg4NDIzNDc0OTY3

170 B
188 B

41ms
40ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4NDQ2OTg4NDIzNDc0OTY3

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Proxy-Origin: 217.138.252.165; 217.138.252.165; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1c1efec7-1e98-44a6-94e8-b3e1fdcdae6c
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU4NDQ2OTg4NDIzNDc0OTY3
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame BA47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEblMUuqFsP9Htyd0dtavpY&google_cver=1

43 B
61 B

49ms
42ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEblMUuqFsP9Htyd0dtavpY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNWPZLo42MRdZFInCIm0O5EzQGdbR5jSYRUxcZ7IrULd5eHDXyJp1qQBkNsqpf7dqk2Ed-Kp_BuVxtOaR5kkhK7mkaaShQ
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEblMUuqFsP9Htyd0dtavpY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA47
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2NmMWU3ZjktZjY0OS0yNDExLWUwNjktOWRmODgxNTE0MTFl

170 B
188 B

44ms
43ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2NmMWU3ZjktZjY0OS0yNDExLWUwNjktOWRmODgxNTE0MTFl

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Jun 2022 12:04:36 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2NmMWU3ZjktZjY0OS0yNDExLWUwNjktOWRmODgxNTE0MTFl
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1943 36 KB
14 KB 6ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H2

200

um
sync.teads.tv/ Frame C3D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELQMW32ItQ7R_ITsjmIKHp0&google_cver=1

23 B
172 B

11ms
11ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELQMW32ItQ7R_ITsjmIKHp0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNXLalEBVl0uGwiIMuc9LYxiEmTkelrISQr4gml9PyQ5tiK3adyCVp0r1TnE2ur-F5MzIWddAhSml2_fhmF78PEqDNC1fA
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 17 Jun 2022 12:04:36 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELQMW32ItQ7R_ITsjmIKHp0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3D7
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDczM2EyMmQtYzE4ZC00MjNjLTkwMGYtYWExNmRkOTQ0N2My

170 B
188 B

87ms
87ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDczM2EyMmQtYzE4ZC00MjNjLTkwMGYtYWExNmRkOTQ0N2My

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNXLalEBVl0uGwiIMuc9LYxiEmTkelrISQr4gml9PyQ5tiK3adyCVp0r1TnE2ur-F5MzIWddAhSml2_fhmF78PEqDNC1fA

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: akka-http/10.2.7
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDczM2EyMmQtYzE4ZC00MjNjLTkwMGYtYWExNmRkOTQ0N2My
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Fri, 17 Jun 2022 12:04:36 GMT

GET
H2

200

sync
partners.tremorhub.com/ Frame C3D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEOBsGC1W4YbVGDwqBOApZz4&google_cver=1

43 B
183 B

536ms
177ms

Image
image/gif

2600:1f18:612b:4264:95d7:83c7:b563:cce1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEOBsGC1W4YbVGDwqBOApZz4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQoLLkAhi0tpTMATAB&v=APEucNXLalEBVl0uGwiIMuc9LYxiEmTkelrISQr4gml9PyQ5tiK3adyCVp0r1TnE2ur-F5MzIWddAhSml2_fhmF78PEqDNC1fA
Protocol: H2
Server: 2600:1f18:612b:4264:95d7:83c7:b563:cce1 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://partners.tremorhub.com/sync?UIGL=CAESEOBsGC1W4YbVGDwqBOApZz4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F525 0
0 54ms
53ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=2875112424369557&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4164 106 KB
37 KB 44ms
4ms Script
text/javascript 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Jun 2022 07:34:29 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 4164 8 KB
3 KB 2ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqXyBdAqHKt5beDRAbHI9ze2zvZ5faKyGtufUZC7Wv3wEohebxtJR_YYq9zouWLrNssXRXIKHDdCr21ycP67MMF_fUNlSNwAj_0sKEnTzJArGvMffHdlhLMsI0LJZC-12NQhy7J6uYIrihUhpZvn5TDczAlM5i37aTbRl4vGXq2HtI-PQ&cry=1&dbm_d=AKAmf-DgJh2g7_5KHS0MjOfMcT1hoLcdQ1fia0Pgi1kUpkJWL_sguwGkqVMOtDzr16DNF7Gx4woL3Yh2QzIwgBF9tJ3bVgeMfWVWE8y0OTsypCJeO1OFPbe0A6MtiVdMooREvDePe0HLvqnrafTTIY6WC4KvAh-IVNf2kM7koKUtClmrZ3D6DdU1YQsbL0d-t4QpuOuGzpMhZs5qLTlRfHPAtXvgsgorYlNbKrWBvTvtnHhmn6vTIWT8Yq-zlNj4ywwWvhmjhtCpHSG88Q_RLQt8VrxfM3hUJB47hxKIEpKjQWFFw-kZKpJ18GBxnHNvUweZ8wyUQxTKxsMT4InMlpiA6Np2CpD7UYeLpF1jV7eve-_CIoZ0Uvl5w-evhYyB7XJtqfhkYwSWjSDJL20kfmJ1euC5iUI4Zh2XvJhCpdTf5OFkbVPSUYxkJasOAKLLqd8HGetPgVauOqt_VlRS8gpeqBdiMnI4rE8Obh5hN6zViBmcMUJP4KoVLITU1eYpxDMcvWidnxavsHZoF3zeb511kV6oQzlP5hbsEtcfJ5MYRQKZZI2NRs7F0siDdorN-jMFXwZJr6gAgsve0Jp6o7YTZdYZNpp3-iZUgMFY7e8FIc3Y5GCRQ5DjnmWv86vwEZf-E9knBivLwTyjfFZOLLQCqdf3eVZfx2ld6IiVcPxCbcBfCtcLEbddt7jOHcyeZQQNzzbxFWvedDeq1HCRgm7kgsqp6QRdigmAqbigaVxbKdzLlGf4rm_RwY8YZwVT2BYtr9OZOtTpFxu7CMuQG-PtZ_exbyjzeodChvsO6j3CA9XbvNk4YuqiY707_f96tSAjNktvPP1JKHP1hx0oGJSiXuIVBW8n5qq500XP4JqOD3DLLBRJ5rp1Kk2qU5-EJZvIKz70OQkkeWaRMBoW3hkFeulvkM6IV9LeaQaKg0L22HhdY73NSjQkOaSfzPMMuD9QBZl7GglrvP-arcFYhb519xB5JLQWcLUSu3hRK1XKqAoSaP4LX5WHliO4J2HaWMmJyQ7gIc88VdLNQfHr6iKsGJYq0Las1DcsHhbTEUD0oE2qu2ZD8v_wG8FzwPpt8iwBYRUBcScwnRm0Zmh3AyhsxxKXcRMr-yQLo38KVk-CmTfjT7BYxzU3j7WBSJmSZU3_Nko4RnBVZ04HoJMkD-WRjaUkKdbiaqXFA3Q-2QcWMk6-uWhJ9SKYudxaxOyYmU15EnxPBLKJwBL3AedVWApktiKe62T5ZUd2ksJ-pSJn-fMsOpMq6KPg8yQ-3MlOF_u7f2sdTQnFk4YUS7463DFU4bcQRryNOmznSC2t5KlkTOK004X2fOPbUF0lr2tLSUJVgCqPUHojTeyiyJgkqGEyX8zwblIXdJ98PExo2QwqFB20w5kEpxeLEu1hU_9YINgYriCtVkY5H8SWs5Yey5USZsroVkXo1Mg_kaFPh3cp0YOWoLn2iOVpOYWoBsC3aYg8Z0tssDVRUwnU5j8dHqjo6FoGyy0Sg3hQLDt5qZ7ZYLJT-1S6B6b4FuqNTK1q1f54lXv6UsRgC7vIOHIefp0w00aZIVEJ2EvVh3g2vAU9WStNiMmY7aZKj7QdWIt33ZZyLe8iKjwQq1Y0Tg8zSrZor2BbAvAdJ5AcoPgTnVgBQ2DSEHYo97RQmSXm2vt2Y6ZV6vsXfmn8MHolq0g6bPmnhpHvbPtIlbzSDfDXlHW7X8VQ4kPt-Gxc7spCiyeJNclW6oq6EqcXW1eLIGebFXkZdNDdKeaW9CWcW35UZJbMy9bgkb1kGQ74fKmgZGmFEJjFCNPeKfsCjPSFgsrKYljq1ePNMvtAoyITs9NZhpBpGnJUQjOa7IxbYr_UiW395aB5NHeagV5nfTYiw9CSmeNzIBP-FeHLdf_q7QHSlKBF3_lbPpGMhRH9fMlN79iGtQBoScHyED_3h6jtrOeE2bASTeQhsItoGXX7g2VqhGx2-Gc7AqZn-1aBPU692qQhSU3V-F0xR3L9ZHf9e1pbweIvSb992CbjPZm5292OBYhlILE8cEXVEz-3N4JKjwCHpHOpwKtMrI7aVJZ2JbujEFZUdjGILPcllEnXQ8_TdOTrN8dD2U5kyxXjJ5lD5hL-pM6iZWVA0dw-eY-ACxBXKpTKSY19RtRsJf2BTmtXp5e9_XI7OXj79ICEEAqOBfF1TBrx8jEWfmqASYji_HgNO4xtW4LnQltoxhIFuyTQGaKSF9dAxaKYsg-aZcnyeoPerju38UMeKJccd3Qh2mOVLS5eDqHapWmijg2IHVcp4xjibjKPO0ymmKFe8WdSsXXenN2VGvv5vhbBPy6YTtk5LxSVb32JeyowSuKD6yNW2H-G6pe7lxoC8c6gT7D_5rOqcOf0kGlfBaQiarVnOupy7r7zDzldIsfhNsr8NsroZ6iAqKgvXKBbwxNXPcbKA3lVQKCwddbmkmx5glqMW_5AhpGeGc6a6gDiZ22gU32ZAiUIeG2c6XFs14f6Us4ysRvSflCzUIO251_izZLsrDRTDGxL4VWYX-VllF3kjv6bxiUNbsNZK8VHEmn_RwajJXIoIYv4W9di0g3QuJTBnnpz1GhdNoaZATvNEuuIIqNJO7MGX4sx0xtpCbHB26dhyOca_e8qhC678X9OGF9HID8kc18KAngx_vg_QSqxq5BroEKiTPio9rpT-vP6o8yYaUSxu3knISVQ2q6ktLztaLpU5wgNbbXSFKLDQBp3g4R5YhQsL0Ft1WJOfQ34Ui8idGws7Ybugqw6Px9lQLSyRTy3Z9L0t2AICrx0Cf5fA-uDoBqrAJ7k8a4L9HbkUMdQk-VENbASQqc8MbPttJ5xDdFRMdGoIwyik_t_KAaWw1O6ubDBQlNHgQWPu87A0ATJGNenyvB_pmxsamKAm2lCspGWQlnYrNMMMjS1P0uW_ILveN1KaujVND3BRwbCwFGPJiZXOfh2vyci9yR2XeoYtY0krV817hOGdkVXtuK2DfgCl57cIKAAVqZwtb5hTj3jaYwYATqHz7RpY7mh2lpprduTx-nLKW4m075J3OVG4KsSm2HaJnPFHlNHThPurqPtCalQqQLpw2Yo7_yogvBnBlUU8nyCaE2Nl6MdeIw1fXaK_Hgpfr3bh0yhOls1O-S5yLdNCtHbfnLnL0m4AMZSQbA8oa6NH2HnucX0S9hOtSrNLpt6vhC9R4VLu2loem_vEOg2btVD9JttAPxg&cid=CAASJORoA2rOqbV1nXm4EuUwA6HRRaM8sxwOJr4etJbksKDycbRjWg&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:03:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 4164 27 KB
10 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10546
x-xss-protection: 0
server: cafe
etag: 1672864604874404814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:01:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDE4 13 KB
5 KB 4ms
4ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33633
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5DF 783 B
534 B 44ms
44ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0c8a0b5837372da7c68717854a3f9043547e17d2a285e517eb49e860d04ff01e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v8NnYCoLJru25PL8F8DbTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-v8NnYCoLJru25PL8F8DbTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:36 GMT
expires: Fri, 17 Jun 2022 12:04:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4164 41 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 05:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 05:56:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5EBC 1 KB
749 B 6ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 41662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 00:30:14 GMT
etag: 48472445140208031
expires: Sat, 18 Jun 2022 00:30:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4164 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faf4e371ff9b6e05e696bf9f4e9acdacd5a14bf65728565d2cd17bf8e7d3801c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C12 22 KB
8 KB 2ms
2ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 282208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:41:08 GMT
expires: Wed, 14 Jun 2023 05:41:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4164 0
27 B 96ms
57ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkn70Stq1x0rAJwIkwn-g87RLBlphME7JyfSUKXRZQk2J6ZmSrIT-ecqoe0b06vanLNhMVaOVLWtrOCtSr6St7LEQcqZxDCKuJ0S5hYEbQGCmNPlCsKdZ8uUJ27Y4D54NM63J3Sy9j26lkrfIUJge7Pt-M280XhWUSuzzL75D8NWj_hYVGVDnWO1PZqG73hj3xm3P_HeqSLQwtysuUA_tH6FLuqOsSxpm2zFYiONWSXNx7VeBOJ52PI3yJxsCwlCKB7FnlSkDhRCuf-Dvt0fW56q3tqL7nfzf2OJoB5abAntyASFfqr9htqQz0rJp8pkLu266BPaKDM8zxVHPfhph-pzkV9HnCTq-Wy7lO8LbIxatqYffqlwZOgQO2t07V-vNNQsZz7V7pmza4pssx2xnt3auOXH3sdlDdXtA7nQBedQuvpizOAvDDLMKgqtJPCqVqdvirLRddXcoSiFUatCoQn0DgUBd6PLOH8ebiuKAPJWYKA3yedtju15ffZc_-aq-PZr5TrQyX2m5vW_JQ446-Bjz8x4vQ8QbOcf3gMq63JxNEQFUe7jqzmzEleDxigvZbVuNeemu8lk6XK2weMmHYwHx4M42SYSDZnuC9WqEocPjV8-dwU9I91vJ-iBPVDcSUemcu0dhJKUJpqMftJePnn42QRHdMSSqi0ZQeIsp7nBxqaYkYkLREKBEEidmVsdcH5YQ9P9agRxppcxUkJW5D3jMC8MsUBBOkF8Mfq-y5EVCClfcQdHq0J8InQNtISP6ANDtHyOZtoBK34TbmZhc2jECewbiE4d32qxzq5f_05BpGGRoUZXiwqINt7aNIdosVr1x5gPjZ4uuBTPUDQ4VYTOyVMinBE_JlVfvFlO0YQkndBf_mEU-wNd3FbSTswixcCGYU-qjcXYCtG-l-UJuwLX84cT0DuiurFGk9fFAD_DGGqjiiLIctRN6R6k8eQ8BJBdV_Sam8p0DuR3Z1BF8LjRHAF3J6-gdOeuVrw5Y_3jGjU51ZyfyO2AS9GCcy8fKFSKk7SV3TKHTB46XEZ_przJ5xHqdnRa6c-flzD6PZU9YeQZ13Xq3nXPsRcbeSCOFrksZ94gWWECrVADm5gXtlln6sl7W51FEHE8ZvD0eR-edZ-LgB-f2QXLcJnHxSFTW7XT8rlz_KEZK9e5fZq5vSAvl6EO0CxQSke3qCkr7w&sai=AMfl-YRpPpgbWEY0s77VKbGQ0pad6Lxplbtz7diUJagtcjbZamKAVU-qW6EhUnXAv94MSNuz5piW83zhMs4f1e3qWemvlGYNL4F4M7UTTDtKnJHeEyNc3zapvG0XB8MV_qIq0KyKMzTNl--MU_qs2sTSXwVknQswsmjzvAtyWGDQt1WSKnLBxqeNoJkuls_YgP_qPIZc8MoG0XmPgiTnwNEydQ&sig=Cg0ArKJSzKSqx4Z30KAZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=82&cbvp=1&cisv=r20220615.82737&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 17 Jun 2022 12:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 8967365512096860797
s0.2mdn.net/simgad/ Frame 4164 20 KB
21 KB 51ms
9ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8967365512096860797

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4274026586ede7747715338286e6b9393f2da7b7ff3ab5904f2cfc90c42284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:06 GMT
x-content-type-options: nosniff
age: 191071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20974
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:13:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:06 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6C0D 106 KB
37 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 07:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Jun 2022 07:34:29 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/ Frame 6C0D 8 KB
3 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTLhOvXER4SSimM0gPDFcfqQVNnP6RULjXWsMET6aSRNzJF558am-Uc2EGvpMHtCTN7zs1eD1D3p6z7ILgiLXMDslsOt-75ycV8WdoaXA6N9R6nlB7GiBzTTDlQU5xM7V1iTxqjJuYCHgYjkXczlYRepeOO2RKkEYX_p3x19up2Un_Z7c&cry=1&dbm_d=AKAmf-AqQcWVfJGKAEWldT8C8FSJlJLZf7kxYq_P1tb5pVXpiBgXFqYZ4njdHQuwJseBTzgSazyF4693IlLfPQebbmh6cqAm6xAXjFeR2QBV-ZkCu92KD_rng_YiQ6Mr4A9AX8fhK9FXoBOHmhv_u0U5RybKJfa2LlsIPoKCxQabH5-E3wiHTU8-0ojSNh4MQYRDKWs9xTYoZGW85nFxuUG1LPQZkymXNq6SCFOP012WmnljAtqF0yttEp1he0UQbj8qOpnG0R3pqwJ8Pcn_7YRZRFErceKfXkD25613tdCrxjPDoXYxL5kNVTe9AjlEUEzE0c-L2yQe7zl3Se0sM9SGbuIDwcp9BQ4XnE0pkd9LBAQKchcH3vYRJHko0pIMFL4MvCougRf6WfkLEPM9Jo36cy_Vx10lov6tnjs7EvHmcuVk65skXc-Lb_ku4nui0lmfyJysMm6FuEzMVg3pTrQAqhm5nKFwSdfbX639_0a7LUW0SdVFTS2oNF6iHRKBm2WlLX9xGtZU6ZTUiVigmoatZ8jOLaARPGZu7x6PWxQCxXtLuM-63gG7mYVfL0OxdpgTud_Yc1mz3Hl1rkuIDpRN8wvdZ4bX6t4h3xIz80ljHQkujku2cvj_mLGnSORqqIBs-NEfcXIgyLMscVQaJkBjSTJkCgOPn9BiqEK9F2cLSgq5vIm7JLgZIR7IuL_xc_fD9KYroJgfeMjlSjkdbO6O8ffS_niwvnqCxEgSBKRIPrSTR-0yqzvgyP0BAOevtAqIUBs7nJNYPTheAynuEoMa5f6cmb4j25klvTdugE96O-DUJ8Up5TAZGuQzcGOsFKoYt7TDgQMpASuyDU5XzM10Qn8JAzJYoowz7l5Ckcd50NZolsgwpc41SoYhbYJqGjBaf4XKbwtiLnLn2dhEg6tMQGFBaRKaMGIf8uGZmy4k7V3z4I_GZF-VoSDuPeFi8etRn2HnOWYV3MftpLmFLv8BWZAi6Yj0JMaqcdi_u26uJ3Gly_EdhMlb_yt2m512s7I8jjfvHjjTlWpBjIsDJWvHHcYBm-ExouUAKk9t0cTnqVxCTNp-me5GEOC1jWllsjYBiQD8XkBut-kPyCfRYmZWkrILqDEzKXFgAnT-XLAefG_IGtB9ZG7YzrEUfl1ICtYt3oaVF0ffmxOZHna-yZtuPYCgmQx9wo2Tnx2UEDAZfmvSwMQjGXX672IBXtz1JR4N6nBS2uwYDqAcV31hUgqKT3GgLu5lrw-xrTDhXdGzXl323a3beJWBHbzFZpE7YtTHg0a6ttvvIwLc2krkHaJzSh3_t6YWfV0IB9BASjBgaKWgqIWbO4sHUeDOUPoISEu2BAspfpZzK0YwPeweOdVs2V8qcStn8Oy8qRY_M04CT1YvyirjUy6x-Qdts5E5ARCu9juAKcFXy1m4c5SUMgzRcdlW-ihd-_Ty-4zSQsu8s7rVlTac_y4T6yf-zz_QYiewlnQLok3KtukLL9PWM6L--O1wmRVvkF_UNmPnSoIzSvpDDeSRfWFortrrWxEXJeQNVj5M_bHyXhiImP8Ldn341OXC5j6KUeeYPIMIK8r60xVWD-FTwRfwj1dgy6ceFgTVSpGEvZ1ACNqTDa1Kj5e3weG_42hcELH1y7tlELX--1RRucXWMT221Dnz9oF3dMcXHn-4-IBouQLx-AvdN-xDzMdYpDynMP6ccf6pa2xmimAQZ1otpA2_JkNwoHizKZUqcJCVFlwf1-wVnkyj8S_NLhOKXmnUKl39H4LQpIus4F75cA4yqDeyhqo7_WQ-j9rSG7tnkBh8q-l9Lbw1-4GeGBdHN-pjhyD87u6h3pKDufpnWphk1ZN1qY2zdzhboHZGErrV51EQRFiM3-Zu-bLA_7QKWUoBoushzhsvPUdNKUrBVcCSgPGg-0kvabtE9IGRQ0-TRR0-bkytSaKdYcj7LRYJJHNWsO-6TzYiGf5xoo8vjDU4-w5pEs2Ye3hc2jWIe5rkoKHaAuuV_dFYYDrktbOJn28y8NaqC6BaWbPduN6muZa1jIFo-WqeAy0I3aDkn-4kU2AtBAorH3hEWjBOE1HugW4OFJmdc6sD8fwzgbPE1r0Td8-1T5W-wAGgP2xSCEQ59Yij1vW4b8P-dm3ULffbRKsYQqkEb3crcjkZ4dVPCSxPsLIvWY03uqkxEUpImsmI21XHOnc2EijYrUgSoh4CNdNX82G7AWUt_MEc6D0MnpONRW-puzNcDERp_PGNJCuHMlxEFqj87pmSZzAD1YsC8cSEAAz68Np0V7B-8bffWdBUtoo3t1BG5NVvd_10H0Fq09AgVCYACVsn9nPMWz8zgX5dEEWXbB0rmdUfVhmVBK3QsHouMypgA9W36UsreHU9QYunjgfGs8SWqJnxWFOWtieHUbfoYwO6zgj6ibkaHuctLX_FmMYs7XP2pJZKTlNQ5NrOjaPkfZfTOHYx8o0S3kURpO9p3tC-K2WKzIyyj_z11uHQXCUoMh_1VNm3HPq5xEZlsSTbWELpQKjTR2umUAfhQ6d4hz-k9CtPyE7vymC02JuVF5tOrsnEh4rYmGU6z3jkWYDn55sO1MmR6TbkRJBRGa0_Dz_FozWB3uyIsMT-08qZ0NaBmaK5A1JrOAEEFI07S_A7w2AgNJ_YZ_FEkMMjGXE725h-u07q87jbm-ykoVhzfx6qe8ozTwlzZOLLfgh2tEVh-BaJhYACtR3jpoyvhur5NzwvcKoG1a4GJB7cKWmxRbP94bvdCrfoApqmZacCYwDn3p5wTa-85DVMVPZBBIrapahrB6ezX53wwyX5GPem_jxog6kU3e-vdgtEDyElzLqhx4HRnLzSVU8S8MK98qzQyO0NHg5JI2-Sn6cyrCZbiUvEIM4ESUUmbjgav8o8u_ZHIu-FUY1M-LeuN0txtwn2bWAYnhqYUah6tBwM12LEVbM82PxxppoTrbJ1ElnLZbiJZlK1VY08gzgk0XFZ2cS6A16BtWRcc8kucyEtnwl3xM_K-rqL2u3n50cOJ3tVngiW60vpshH8sweEqByDqCB3oUHGw-3__fnWe9qS7H5Pb6Odnu-Y3vRqlHCpq5XRD6HGCw_moypzqe75OHTYUdtEaJT2upJr3Jvt5jDus2GUVJDnsszTJjhlO9q5dvvrjYklmlhOR70SzV0a7bUEA_ya_QqaFOG3krcOvsCYCFzEX1-HQg7Nyl_-O12BjNo8&cid=CAASJORo4qXv2ZbSIrJTIp60MmeLQr6pa4joJ2JKw1ido1T7v8YnvQ&rfl=6%2Chttps%253A%252F%252Freurl.cc%242%2C%2C%2C%2C%2Chttps%253A%252F%252Freurl.cc%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:03:24 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/ Frame 6C0D 27 KB
10 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220615/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10546
x-xss-protection: 0
server: cafe
etag: 1672864604874404814
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Jul 2022 12:01:37 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5EBC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1&google_push=ARnp8GAGYz3Icof-7PaOgmVDUbkkhAjhx2xImZoWG1grSt5hS9u7iDiQCZwDcRPbUIIwcD0WcCca7SAOi9gc0QNPxI9JFuyVRUO-
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzkzNDg5ODA2MjQ3NTIwNDA1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1

43 B
398 B

61ms
60ms

Image
image/gif

2001:df2:a300:bbbb::135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
Protocol: H2
Server: 2001:df2:a300:bbbb::135 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EBC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NldiU05oZlgxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5G...

170 B
188 B

62ms
56ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NldiU05oZlgxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5GcYHEPpxqfpf9e4tkRcGKle8nNzOdusLEr2N9HQ6xOAVzsGkRleCeX

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:36 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0df29b6fdb34fb134@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NldiU05oZlgxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GA12zox-o2WDp1bw8nRfZJoA-_1Pq0QevdmJTCx_5GcYHEPpxqfpf9e4tkRcGKle8nNzOdusLEr2N9HQ6xOAVzsGkRleCeX
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5EBC
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI...

43 B
416 B

147ms
130ms

Image
image/gif

2606:4700:4400::6812:230b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242777&pi=t.ma~as.2784%2F13801&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467475976&bpp=8&bdt=725&idt=406&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467477&ga_hid=920323945&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=2625769193&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531556%2C42531608%2C31067488%2C31062931&oid=2&pvsid=938253491606001&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gyvx463yced7&fsb=1&dtd=527
Protocol: H2
Server: 2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 71cba6148cae8a78-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1544
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 71cba6137afa8a78-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAA80s9PCPdnTtrR_IXjOJzkaloi6ag1b3dycyFFNbURbq-XTYKEfIj7V75_qjPic6RfnMVpPrE3m1NJH1sqdv9keBZHAI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EBC
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBeWdrAEIMmH4UutEDBibNQ&google_cver=1&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG3jC4QwzDxrkJl
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CDF1BBFD22C141CBA9189A2126525508&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG...

170 B
188 B

46ms
45ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CDF1BBFD22C141CBA9189A2126525508&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG3jC4QwzDxrkJl

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CDF1BBFD22C141CBA9189A2126525508&google_push=ARnp8GBsxwfjUbkYmazBLuJVKhtgizLmSXRoB79Wam2u0wQn_F8HO5ABWUr6jufB_tm3w3Z6cEnZX1RI8BvTYFG3jC4QwzDxrkJl
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 16 Jun 2022 12:04:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EBC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFC...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNTc1NjM2NTY2MjY2NjQxNw&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vV...

170 B
188 B

85ms
84ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNTc1NjM2NTY2MjY2NjQxNw&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFCh-kuof10LBceYhYuY-aI

Requested by

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODYzNTc1NjM2NTY2MjY2NjQxNw&google_push=ARnp8GAlVOxAIY8HStNmZ53zz_mFl9DSd0-htW5fYWx5nf7MjKQ7SFIv6ipz3fLSyaB571NZjqv_vVFCh-kuof10LBceYhYuY-aI
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5EBC 0
12 B 42ms
42ms Image
text/html 172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbPWrqekPPEObg42BsAKqsTbl71bYKXHeHEN8S1X7uscPs17FKc074hYs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame CDE4 36 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1943 0
9 B 4ms
4ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RjHnIQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 8967365512096860797
s0.2mdn.net/simgad/ Frame 6C0D 20 KB
21 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8967365512096860797

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4274026586ede7747715338286e6b9393f2da7b7ff3ab5904f2cfc90c42284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:06 GMT
x-content-type-options: nosniff
age: 191071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20974
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:13:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C0D 0
27 B 63ms
61ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssW0UCmIK7lVnV0g4OAbpVabCzfAhHor3DrSgtQR-Ax03O59OJGMqTwaj2xKchiwx_w1WPSkWQ42jMYhdunxZBKXb3U2Qyghkws79MB1J7ZIEWEBbnyl_fMk4Jm_LMi571B1gJcf-D6U4i76qMG0dRIMkfzbEqxOfqNe4qSHcB474sDAN00Xa2SfYc0hB5BBDG4D-i0b9ZlbzfI8p_T6Qwb4ev5Hcr0TdEBfn0r4JiSyC5r4qhhVyJ8q_80vdm_Ol-5h9XEZpmLujJBBJj3QsWezV318vJN2fTVXiG9oBG6bN5wGdX6tcyMYeTk4v2flMWPF8WUJJUYT06qHxw7i3-vkicIWChy07a0Xm4qkNit_qkfKyEoVsT-U2nXBNURmWx1N05NvBEb78KnDKWewHfQS_MRU0UwA6zj34IuNLpoRmnNCwZljI-P_LZ-qj2ANWSZBSi816ofvw4IIE5NVluwfx8_5eAzaOQHMP4iXkQBI0fCgU65BrpV2X2Z4777ZGZ0-ZmX1j3BVvzqsodAICAHWY6c7xW7Kd56JH_dlWt-slWAjpwcdvj92aVU5nT2rbwBngMIYeo7gR4Z-Qfbig0B9cgM8sWgBrCxN6QBgMtUtbio8XMmrI4-7yAH0zId32HysCt53W3OP6T56Am82jlxctI_ycffyBtWve2sLqfrZRNOv5aU7fdWAqQU_YFfuqM_LiiZiKBIV2gUx_1fyQuRHA9H1aNOBE0ClpKoWfDyUq0ZYPlEWLMV7Bni3zJtcMeKHdSt3DLvHDznyGbJOFZb_D6fs3w4dJtjLgcVQJGH2XICaYA3ggi4Z5-DTMr2rf7EL-chIWPxXkw76kF4woDD6B8igqzDFIJsMUYmqWmXi2z8RPwg6z6105hwfHYtRHoUDp_XH5dL1h6gv4mXiT4bAWwo_tHFRLg2gXtzx5lywZdXXRkuV1lwhnMcx7Nm3aHIQ5bjXydgq11QmVDu-ZaxahAGHZ7HSU1RVBm6MqLMud2EXps3Xal0rRUX9hBW-yTBjIw0rEsQYautlGSWlQx5r35IWJ8O7DkZBHb1HGANfgkSAzrDtdEvxoBgiXhKf5iX13WRsp2FrUu0ExcnRKMNePdietBoJLzDKEfHh_RPK4w7mw5YtKWG2y0Fr_oHdcS7JR84jBj3-qY2Jd4FDKwhYczAU1ypUmAT6jC24_vE&sai=AMfl-YT00a0b4FSyAZb_mZa_qQHSdFejxKGTMh8lG2GzWbOmaLYYlpJgdiDjSdlfdr9sW_jjFgBoFP4G64NML9nox92tTqK19Y78NEq-4MxkhtsJg6tLpuoQedVzU7dT2UkmFaa4zkx8BREJd8krNsaXBssl1gxu2EnWZv4g-RBUupYw_QPgJqdcOQ0EaZl9shJQMa6kO5QzGVFiNLMn9CtOqQ&sig=Cg0ArKJSzBZ_6vD7hfDsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=43&cbvp=1&cisv=r20220615.71235&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Fri, 17 Jun 2022 12:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5DF 0
0 61ms
59ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=1707102116517937&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C12 36 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C0D 41 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 05:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jun 2023 05:56:48 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 927C 1 KB
749 B 4ms
2ms Document
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 41663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 00:30:14 GMT
etag: 48472445140208031
expires: Sat, 18 Jun 2022 00:30:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6C0D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b9a2e8741a3a44237bf03ff4b2072e4b70bd5f72b5ad1b59be87af596c29bf3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8392 0
0 53ms
49ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=1113247215987441&bg=!4uGl4aXNAAbASn8N4Eo7ACkAdvg8WqstQ-4xvbq34IJ4ja0u6so3rodmGg-_LlUE1hx5g3Z6EVLWgQIAAAGcUgAAAAFoAQcKAAfxH_JGiiLHmQLQrCCfhpA7dIJtdGtpwu7rgQcmze9CuseH7L5yW-BkokTLpHD6JvN-wSLi90L-5R9u6E1cIg6p4xdcW6dDTn9LNT1Ll_z1Ly_JVjjQiTHl2bcwUul9PeeQgRN4-A3ce-EkVUoLvB5xKgwKey_cvSiyY2OLV-KVtg6q_lhDWqIlr5afiCwCxV_6_XPTCwBpfu3D8zZFeEssrzgt1W58nsNi3gWXSJtMO5BoCIlXOp8uDTuIA7OMb9QiwtgQeBqYGK-7aF5hg5OqvOjSUDX55XAXE55u3r8w6305W81XfltgcJnhFBcOHqv7X0_vudWa9rYM0bLL7SJ7z0SN_yWuOU2qeFANQR5Mf47zunKUo_XEf2_ceOnMU7iame3e4UB-oJROMO7wO0uDz4UZmD3ReIn6jauUtx1xL1VjjZqxjkImSO94KlLmMROya43a253IdAyWrarSDv8YRPAHPHVwgWLZ9VwTX3r4n7AmqqTrn9GXz8TiDsJJec58buYswHt3a2RVADB3-KV6nIiOR8FHeQeLFYZkfPZfKtf2X6pAabjKisXy-jpZFd4t-GGPIX0GmrtjGGUB7UpYPpJPfOiS1jYmsoMkqp67wTBuZzNu59UYg4qFKRMV0QTEr9ulQLKRt42_VtTCUuSH20sq75vUEHmicj_Sa7PNwYs2Y_sWk_LWEsJXg-o6pToE_GJowCvoGLumyBXRqbyWnt-3J9aiiq4zCLieE5XZ1WILqHoiCodFwu2FBD3zCE8wNthqy6OhHBi1q14mtaN4Q7jEOG5SFcN40Dq9EFkhfJg_RlHbWpuvKgJ7hMwR3VOeYU4J01Q-XBQpGnX0sQaXO2qumMNMcptJ1WSZIjBpa9P7t0lMZ0MeaUOcMPCuh5XauMmDQt0dETZKpre7feEL7p9vqw59zGE6YL6-0cskreKQ_Wgw_UPLHUncbvER2Aa2JlI2hCfeLyyx
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1515 22 KB
8 KB 4ms
2ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 282209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:41:08 GMT
expires: Wed, 14 Jun 2023 05:41:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 927C
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1&google_push=ARnp8GDlN1zgWENcZqX42g1n36_PammGTSfXuzA8mJ5UrrzZXymXBYVw_eYdhs0TGXzZsO0NaOh9pH-XfRE-7Ii8I-XjYjsCP7FB
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMzMjAxODM2MDU3ODgwNzI1OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1

43 B
398 B

61ms
60ms

Image
image/gif

2001:df2:a300:bbbb::135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
Protocol: H2
Server: 2001:df2:a300:bbbb::135 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMZgDf13Y2HnRm71xGkNvu4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 927C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVFLemxCaUsxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYa...

170 B
188 B

92ms
88ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVFLemxCaUsxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYaNNsI4ctQVkKulSWdVd8SFfQ7Gp_hD2bqwCgtk402uk_sN311Z7Jw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Jun 2022 12:04:37 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-04ad4cd0f984625ad@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVFLemxCaUsxTzJhSWw1&google_gid=CAESEFQV6RYKm06u13EeyB9qdX0&google_cver=1&google_push=ARnp8GCVGHY7DQWT_Tcjaebhws36rbusQwcoWPflY3PSDYaNNsI4ctQVkKulSWdVd8SFfQ7Gp_hD2bqwCgtk402uk_sN311Z7Jw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 927C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15...

43 B
392 B

132ms
132ms

Image
image/gif

2606:4700:4400::6812:230b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282
Protocol: H2
Server: 2606:4700:4400::6812:230b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 71cba6151d658a78-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 71cba6143c028a78-NRT
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIJvVnB4rDXj622nRDngYD0&google_cver=1&google_push=ARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GAUB9Dn6GEw9cxpUqj9S8ub_0ADar-mcgddlrwjck6F1QRgHfR-RWP2hFtId8DcroU5knX0ohLSCmkfjJW3iR0Tj6yZz15Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 927C
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBeWdrAEIMmH4UutEDBibNQ&google_cver=1&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F30sCvXWZLBtY5W
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DC0F567862FF4D2C95A4A10117B587E2&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F3...

170 B
188 B

45ms
45ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DC0F567862FF4D2C95A4A10117B587E2&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F30sCvXWZLBtY5W

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DC0F567862FF4D2C95A4A10117B587E2&google_push=ARnp8GCgIasm43h0vH5x3SEMtu9_oXT17fHhTlB_g5YTp3nJRPgLJ3OcyWkt5Dkh4yN0ADBgzWgJSwkkkUwr6F30sCvXWZLBtY5W
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 16 Jun 2022 12:04:37 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 927C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2K...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKDBmI67PWMHUNBNIL8oNcY&google_cver=1&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk5NDcwNTUwNDg5MzAzNDA5MQ&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx...

170 B
188 B

89ms
89ms

Image
image/png

172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk5NDcwNTUwNDg5MzAzNDA5MQ&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2KSjlcqybZ-ujY8F6NwLyG

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDk5NDcwNTUwNDg5MzAzNDA5MQ&google_push=ARnp8GDEJw3K46ykX83J-AF6b96TZTy0PvLMHfSla9NghBzJOG038yZvuxkWn6Zz9uru6PkvGM7pIx2KSjlcqybZ-ujY8F6NwLyG
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 927C 0
12 B 47ms
46ms Image
text/html 172.217.31.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGNSIrq2tW4JZko8JBM_bh99ZpzW4h8iZpxJaeTboSHzuSEYzgXYbH-L0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.31.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1515 36 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDE4 0
9 B 2ms
2ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?a7rc1Q
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9F6 14 KB
10 KB 65ms
65ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ed408c83e6ccbdbd51992986c85a6df38401dfec4a89b5d0bd7bdbad7e8c0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10674
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4164 0
26 B 48ms
48ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkn70Stq1x0rAJwIkwn-g87RLBlphME7JyfSUKXRZQk2J6ZmSrIT-ecqoe0b06vanLNhMVaOVLWtrOCtSr6St7LEQcqZxDCKuJ0S5hYEbQGCmNPlCsKdZ8uUJ27Y4D54NM63J3Sy9j26lkrfIUJge7Pt-M280XhWUSuzzL75D8NWj_hYVGVDnWO1PZqG73hj3xm3P_HeqSLQwtysuUA_tH6FLuqOsSxpm2zFYiONWSXNx7VeBOJ52PI3yJxsCwlCKB7FnlSkDhRCuf-Dvt0fW56q3tqL7nfzf2OJoB5abAntyASFfqr9htqQz0rJp8pkLu266BPaKDM8zxVHPfhph-pzkV9HnCTq-Wy7lO8LbIxatqYffqlwZOgQO2t07V-vNNQsZz7V7pmza4pssx2xnt3auOXH3sdlDdXtA7nQBedQuvpizOAvDDLMKgqtJPCqVqdvirLRddXcoSiFUatCoQn0DgUBd6PLOH8ebiuKAPJWYKA3yedtju15ffZc_-aq-PZr5TrQyX2m5vW_JQ446-Bjz8x4vQ8QbOcf3gMq63JxNEQFUe7jqzmzEleDxigvZbVuNeemu8lk6XK2weMmHYwHx4M42SYSDZnuC9WqEocPjV8-dwU9I91vJ-iBPVDcSUemcu0dhJKUJpqMftJePnn42QRHdMSSqi0ZQeIsp7nBxqaYkYkLREKBEEidmVsdcH5YQ9P9agRxppcxUkJW5D3jMC8MsUBBOkF8Mfq-y5EVCClfcQdHq0J8InQNtISP6ANDtHyOZtoBK34TbmZhc2jECewbiE4d32qxzq5f_05BpGGRoUZXiwqINt7aNIdosVr1x5gPjZ4uuBTPUDQ4VYTOyVMinBE_JlVfvFlO0YQkndBf_mEU-wNd3FbSTswixcCGYU-qjcXYCtG-l-UJuwLX84cT0DuiurFGk9fFAD_DGGqjiiLIctRN6R6k8eQ8BJBdV_Sam8p0DuR3Z1BF8LjRHAF3J6-gdOeuVrw5Y_3jGjU51ZyfyO2AS9GCcy8fKFSKk7SV3TKHTB46XEZ_przJ5xHqdnRa6c-flzD6PZU9YeQZ13Xq3nXPsRcbeSCOFrksZ94gWWECrVADm5gXtlln6sl7W51FEHE8ZvD0eR-edZ-LgB-f2QXLcJnHxSFTW7XT8rlz_KEZK9e5fZq5vSAvl6EO0CxQSke3qCkr7w&sai=AMfl-YRpPpgbWEY0s77VKbGQ0pad6Lxplbtz7diUJagtcjbZamKAVU-qW6EhUnXAv94MSNuz5piW83zhMs4f1e3qWemvlGYNL4F4M7UTTDtKnJHeEyNc3zapvG0XB8MV_qIq0KyKMzTNl--MU_qs2sTSXwVknQswsmjzvAtyWGDQt1WSKnLBxqeNoJkuls_YgP_qPIZc8MoG0XmPgiTnwNEydQ&sig=Cg0ArKJSzKSqx4Z30KAZEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=491&vt=11&dtpt=409&dett=3&cstd=491&cisv=r20220615.82737&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 12 KB
3 KB 4ms
3ms Document
text/html 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09d12a7dc4e96f1b3dadfa7d83c2d5ca150b79c9b165a0fc158459b784f6e5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 191070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3280
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 07:00:07 GMT
expires: Thu, 15 Jun 2023 07:00:07 GMT
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C12 0
20 B 50ms
50ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFIR_1G2sYumqMpaX8wPLo6uACgAAAAA4AeAEAg&bg=!g4ClgMTNAAbASn8N4Eo7ACkAdvg8WnyMhlLm_gvEWaatWR4p0OOhWlDfpYLFi70_AsaguD_84SU4vwIAAAD8UgAAAAFoAQcKAGloHfxSwk5POGwu5hUjCT_qPntbZ_7jnnlZF4_r9E0zQXw6mOa7o2EpA4h1l7ijJaBh9oovb9vz6RfkLK2HQ5pE0h6I2MCoKajYRswwU8ICjoZF0YyWQLmAHnmSMvSm0HG1ljWYSJ_7f2CZAw4nUbrH70rnBKDrnw-R9GRv20KXS_kvHhcclNwqElqvcdKcwjyJU2KPyYjlsJco1DqhG50WYGxpK64JULRekwzomqeEfzdmCynZ3Ew5bM7Fi7UMj__LaTC1NJs6zbVqCz1NuJDfXAeXvpfQs3cSVPElM7Q9z8-PKnU4G7ocl880PFkypjt81ZQhWCSND_3aP--H-taZ0pWWldVARNSPR3psuUtL-uqDE7eaCXoGeXeL5wWvytXsHkKoVCrLUKcuyeRUkNZPQzE_BTu8cfrrKPK57jOxDZQzhxOB-85rPLM6u6DvhfRngKH2sWbVrlsGPuhzyK_KhS0MPoTsSVx0gGrHAbadyeeNutwVHhqr-R96LQYScjr7RzTnFfTC4mw9WUTggdHvpPAO6uwiv4sHDlSvY4Z6-mJT1e9ngZnyjvdHdU9eFPcCi0TIvlrTtM2fOkM4VnfMTCN4H_MAd1S7fMvP26FAI09crXp1p-R75UseYsTUG-KmMvfIXXcm6yNXVw-Q5Cd6ge8S1dWcf2cWooHJflp76OFU_sNusV691Bxbx2CEBinadfnIDW7wKEBilSU551TcFMDZBB9TYQOkvKnEjOSfqN7hp02jtA3160-PCTsPVH0Fas_L9S_HDGf2dDDJ7Id911jxQxBgX-2BxaC7LJgHkXpze0rmpUT4pc3N829KNKws_FINRjzyueWtaYBdI_hSyQVSME52-ugRhzVBtVQ-ZFMFx3hDX47AC-eglP8FwqJOj6UQr3Cg5nXywKVNSqCBPzzZLU78I1KIq9lPfya3jWCuRR271PEbDXdZh1EiBnPoorFpUeCfcdgpZdtGjVH_51rYkIEvWIBYXkjXa39Yp9CbutnUNDTW76HV7SPOvwxksXISGzUPGl3cV3HUlS_rj1JQrvR3Qk9lBaI6yLroB6RYEjcbJ6swBYFdiZAOKMl4MwANSqhHJ91kyCei2u9H1fynrbsfL2NsVGSZNTCxhGFAFssPWCF3TNZQoBPicekVHuBM89RkFuWTI3YkGUI8_x2HTELF9vW5vg

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.css
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 1 KB
507 B 5ms
4ms Stylesheet
text/css 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb557cbf0858cec9d331a4129cce04c15080ccb27473def0da4268a85915433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 478
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1842 29 KB
10 KB 5ms
4ms Script
text/javascript 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 09:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Jun 2022 09:24:30 GMT

GET
H3 200 backup.jpg
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 20 KB
21 KB 12ms
7ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/backup.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4274026586ede7747715338286e6b9393f2da7b7ff3ab5904f2cfc90c42284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20974
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 intro.jpg
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 44 KB
44 KB 25ms
20ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/intro.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9233220dce3810b938afc721a1e5930a677af30f620ad38daf02c4818556e7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44619
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy1.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 40 KB
40 KB 45ms
39ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

282ce6e357f4bb7a8dcf369f2c9ef8e4cc51dcf62bce58da372018c599e5b8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41132
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy2.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 36 KB
36 KB 66ms
61ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b7cbd6f855ef3bcf20d42f8cd19b69763b962fbebda5a4f982dc1731be9c496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36683
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy3.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 53 KB
53 KB 36ms
30ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e88f9d2aaf3785228d08854cb9e8cdf6a93544231e3a62347539b391ff3a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54748
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 transition.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame 1842 3 KB
3 KB 66ms
61ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/transition.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df3d97645fcbcc16995a28e4b15b0d66674fde5eac40d1f9a73c66957020fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3242
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/ Frame 1842 106 KB
32 KB 52ms
3ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b140064d6ddb3746fda2cd6719d1403e0a48ab74c565c3fdc44efecc847231

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1348779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31489
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a78a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ojqqx2Z4i9zOEHF44jL%2Fmz%2BV2PC4%2BRKJq99Pk3W6acAEu0e6sx0wGvlCgwUzmptTmuUpIg0zENzGc0NAkg9WIOHu8C1QqIuOgH3QXKNV4PSLlzSNimd0QuwNcZXdXrLYNkHuuGNQ%2FzF%2FO40v86xt54I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71cba6166bb4349f-NRT
expires: Wed, 07 Jun 2023 12:04:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE20 0
0 118ms
113ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=1625855169176914&bg=!FRalFlLNAAbASn8N4Eo7ACkAdvg8Wmx5M70oMwo34AFcBXmwpYwXAU1Faa1BzY8_NgnkFOstBdpDwQIAAACRUgAAAAJoAQeZAv4SQ_isGsnUWYBdYL4Rh4PbQpVrAlG-PTqzrmzZLjfNXrv2SWYDdh7SjPboVqgNIBIn0T1KMRI-uCwLizSEaN-pUOCRo0yxbNsPKm8z20rGnU3G_zr9_tlv_toa-grpeqtM6kYNuN-sBvZn-KgzFhIXj9_6iC0pqN-rsFeeSa9MkP_5NQ3kApO55b_IXPqCjoZscr1hv5_zL7sjEuoiQMqnBtljevVIsFOOCaFQzC9EevGAQNKtWNw9hMAMOEXOBgpsV53GpqoS62qG2cb_tEqt3fRGOad2OSRhZ3ePx_Io0vUwBhIrGjSf3J8gz5Kgecjooc6oK0RCySOpOtEQm1WQS62sLEjfMR9o3_GFctnEQISMrPt73z2YYKSMjZjJJj0H9Ujt4rppbW48aGZfkPJWkcZk9ORFWnDbg11iFRx7OKxs8s2ERlmfXllc55THDNs5yx2NflWFf5t7nr1NS6TWFJuXKJmJjOjdVvolXjm2p1Wr74194rrSr_9eCmUh6p4EM-T4ORijRoVfUyAqF5WSfCfNoCJGtoVxMLGlrN61VHWoFZLr8t_Xmh_OhCviRnBMxC3ye37Dsbh7CNGI-IRHnDLGzyHkj6a_6Hst9wNBRa_xnrcGfQgXABEt3JUeNMsxoZRlV6z3AEGnhklxgySYDblBjnFcQ7GQgxH5pzjkgB91M8QJMASjLqoj1p0jlZzPQNPTP-OgbbLqC0E6StTA77dH1p3mbcuSo8nwGX2ZRtA-dkOF2DUfv4QBpWDx9mI0SMi6deePCYimtGW_SlxYpwvCyQeaoil2Tp8s3Sd-Q7J0I30kYiQGTRVzbNRMIq1EEPDpD4BLlOOhnjbigsWK-DQOcNETOLDIVyNayMiUU-9i9OgxwUMUFGaxZB97FTuF5CJYOtF1C7Qenx0FJrzZw0LuarYs_256oYlnF25OAc9dDSZCYRD1weutbXRwvE7ofiwSS08t3uu3ZJcr6uGM7q41w9RLldQycx3A5ubX0_kMcwU1IXUc9TL5d_FM
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9F6 17 KB
6 KB 106ms
99ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1515 0
20 B 63ms
47ms Image
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNECz1G2sYuaENe2I29gP09S5kAYAAAAAOAHgBAI&bg=!p6SlpODNAAbASn8N4Eo7ACkAdvg8WmGk5MAesAbpDspBN10OJe-Jg3oL_zXwPjmafnbVt_s-iXNJLAIAAADNUgAAAAZoAQcKAChS3EGpSmthyC52e9dV6xn43oqgTkdGNmYlXXcHJQ1ZZK07ALZTzEEdmQMH2Yir-Vp2lfB_2heQ8qLCoYpGC9upmlYStn6nxtEWlSOpkNNZNP8zyh4ZvIEOAz0VxlGGog-zJPNNoCdfmgPVXYIrCf1aEJgl2xAsXKANoGi_cpKIDlUCN4PNRnmc5_kKtPKIpsJaA-3pWpq5OeEHY3gZZFj__wAPbfx207ND5V9nwLgXzE1Sc8_Bske1P1ELMSgdJTGmpjjHUbpCh3q8GBfj3JnD8-jPXRInVOC9kpG5qTcKatclZ-Da9611hN_8xrE81N_mwv1ma6dOuzDYwVAx9dTd9TsE6zrFvEgaSGLikYrSHidT4Rwv3uLpDsgByzkricrw9pUNab4MYLttMVvNAFXesaMHx_FbRIAZdS6FmiLdI8RKQTXr4IMXnEDLc1j2_gCqA45M0LBGVhegN3WinQineSAI_fAs3VxHT_OgvDlWVEBBtb_LEXtpH6hvKyJjzqpHb5RMR42PlTycp2-dE3HbqDXOVarrJhGFXYrB5LlshxNh_cvL725tkrm3xDC8Dj8QtAyH4ttoKwv0y07frW1cZSVS5iUNyuAuFlp0GmovqMjQSpxMD_4nyeyujay6vpvKVuJkjeMje3gkDu3JtHzlSRASiDAGJ3ir9UVFR12cYjFc-VUx5zF0-mhkRD97NQcZQvS4jUhjUHbp3CGC_h6xcqJEOoCnc7Gdg4DqvIdB-wH_NBp72SGjojzzAnVb6kCl1FMxhF29Na5oRa3cYN-g0pqwxnwMBioSC1MnDsmw5_W9U_giu0WTGEZTCk3LrroJ_t19XX4qafS0znUvpNFRrMKdiAYRHtPQqlcqKjq7qzUwPxdoHi-4GGJfx-fSvuKaA9vJ4NKgIeCy2L9jxljMe3SsdrEmW-Tnsy1gZUD9gp5Wb8Kke477CW7768oPXDhuznBRXESExagBp3GwlW4luvBFDWQHzxyMILFTjgfd4FPlSWss8LrDaiCHPW-cgsJqdoiYykLlmPYw1KZQzg11l9k4WDmcdgpY_0gGJBDs0_UFaetRsezAwTZuOtTdqqZyEQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242782&pi=t.ma~as.2784%2F12679&w=300&url=https%3A%2F%2Freurl.cc%2F6e9zk5&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655467476000&bpp=14&bdt=691&idt=253&shv=r20220615&mjsv=m202206130101&ptt=5&saldr=sa&cookie=ID%3D35a3000533eb936a-22a1466c81d40052%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ&gpic=UID%3D000006b770a46157%3AT%3D1655467475%3ART%3D1655467475%3AS%3DALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw&correlator=3991300433824&frm=23&ife=1&pv=1&ga_vid=220517886.1655467473&ga_sid=1655467476&ga_hid=1200057663&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=728&biw=1600&bih=1200&isw=300&ish=250&ifk=1695829137&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067528%2C42531606%2C31067487%2C31062931&oid=2&pvsid=4354137296708468&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pxq341bwdxyx&fsb=1&dtd=282

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FC51 14 KB
10 KB 95ms
74ms XHR
application/json 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3031b72dfd5af729f239b5fa2586325271da7067663e6e937b58244b4852cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10635
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C0D 0
26 B 62ms
50ms Ping
image/gif 216.58.220.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssW0UCmIK7lVnV0g4OAbpVabCzfAhHor3DrSgtQR-Ax03O59OJGMqTwaj2xKchiwx_w1WPSkWQ42jMYhdunxZBKXb3U2Qyghkws79MB1J7ZIEWEBbnyl_fMk4Jm_LMi571B1gJcf-D6U4i76qMG0dRIMkfzbEqxOfqNe4qSHcB474sDAN00Xa2SfYc0hB5BBDG4D-i0b9ZlbzfI8p_T6Qwb4ev5Hcr0TdEBfn0r4JiSyC5r4qhhVyJ8q_80vdm_Ol-5h9XEZpmLujJBBJj3QsWezV318vJN2fTVXiG9oBG6bN5wGdX6tcyMYeTk4v2flMWPF8WUJJUYT06qHxw7i3-vkicIWChy07a0Xm4qkNit_qkfKyEoVsT-U2nXBNURmWx1N05NvBEb78KnDKWewHfQS_MRU0UwA6zj34IuNLpoRmnNCwZljI-P_LZ-qj2ANWSZBSi816ofvw4IIE5NVluwfx8_5eAzaOQHMP4iXkQBI0fCgU65BrpV2X2Z4777ZGZ0-ZmX1j3BVvzqsodAICAHWY6c7xW7Kd56JH_dlWt-slWAjpwcdvj92aVU5nT2rbwBngMIYeo7gR4Z-Qfbig0B9cgM8sWgBrCxN6QBgMtUtbio8XMmrI4-7yAH0zId32HysCt53W3OP6T56Am82jlxctI_ycffyBtWve2sLqfrZRNOv5aU7fdWAqQU_YFfuqM_LiiZiKBIV2gUx_1fyQuRHA9H1aNOBE0ClpKoWfDyUq0ZYPlEWLMV7Bni3zJtcMeKHdSt3DLvHDznyGbJOFZb_D6fs3w4dJtjLgcVQJGH2XICaYA3ggi4Z5-DTMr2rf7EL-chIWPxXkw76kF4woDD6B8igqzDFIJsMUYmqWmXi2z8RPwg6z6105hwfHYtRHoUDp_XH5dL1h6gv4mXiT4bAWwo_tHFRLg2gXtzx5lywZdXXRkuV1lwhnMcx7Nm3aHIQ5bjXydgq11QmVDu-ZaxahAGHZ7HSU1RVBm6MqLMud2EXps3Xal0rRUX9hBW-yTBjIw0rEsQYautlGSWlQx5r35IWJ8O7DkZBHb1HGANfgkSAzrDtdEvxoBgiXhKf5iX13WRsp2FrUu0ExcnRKMNePdietBoJLzDKEfHh_RPK4w7mw5YtKWG2y0Fr_oHdcS7JR84jBj3-qY2Jd4FDKwhYczAU1ypUmAT6jC24_vE&sai=AMfl-YT00a0b4FSyAZb_mZa_qQHSdFejxKGTMh8lG2GzWbOmaLYYlpJgdiDjSdlfdr9sW_jjFgBoFP4G64NML9nox92tTqK19Y78NEq-4MxkhtsJg6tLpuoQedVzU7dT2UkmFaa4zkx8BREJd8krNsaXBssl1gxu2EnWZv4g-RBUupYw_QPgJqdcOQ0EaZl9shJQMa6kO5QzGVFiNLMn9CtOqQ&sig=Cg0ArKJSzBZ_6vD7hfDsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&vt=11&dtpt=449&dett=3&cstd=492&cisv=r20220615.71235&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 12 KB
3 KB 13ms
6ms Document
text/html 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09d12a7dc4e96f1b3dadfa7d83c2d5ca150b79c9b165a0fc158459b784f6e5b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 191070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3280
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 07:00:07 GMT
expires: Thu, 15 Jun 2023 07:00:07 GMT
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H/1.1

206
Partial Content

2
r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipb... Frame 1842
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

245 KB
245 KB

98ms
7ms

Media
video/mp4

2404:6800:4004:33::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2DEBD430076EC72FB0C570137347894933BFDA81.0B0F9B33ADEF1ACAE89D826CC8615D319C425985/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:33::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9cb2d60bbf1c86f318a335e22109c2f125ef44fd7999d780f3a071d051a45a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Mar 2022 04:00:45 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-250705/250706
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 250706
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2DEBD430076EC72FB0C570137347894933BFDA81.0B0F9B33ADEF1ACAE89D826CC8615D319C425985/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

5
r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipb... Frame 1842
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

94 KB
94 KB

93ms
7ms

Media
video/mp4

2404:6800:4004:29::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3876E934BF0014BB746091DB1646B6B3D0BADA45.4C929A9A6B1E1F14A40AD6DCF7B86CD5E4AD2ACE/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:29::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

918411f0da732121e8e8c3f92065164f6820a8735871520149034e96d870364e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Mar 2022 03:26:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-95806/95807
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 95807
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/3876E934BF0014BB746091DB1646B6B3D0BADA45.4C929A9A6B1E1F14A40AD6DCF7B86CD5E4AD2ACE/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

1
r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipb... Frame 1842
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,it...
https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,i...

119 KB
119 KB

104ms
10ms

Media
video/mp4

2404:6800:4004:18::6

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/37FCB49420DD5EC8AF1D55A0FED18264405365E1.4CCF4910DF6060FF0D3122213791CBC4D225070A/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:18::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

df0d8f5ad95b6bcbc49c5a0727f6ac20778efac065ab3595c09300e761c60ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Mar 2022 03:27:15 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-121344/121345
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 121345
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/37FCB49420DD5EC8AF1D55A0FED18264405365E1.4CCF4910DF6060FF0D3122213791CBC4D225070A/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipb... Frame 1842
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

74 KB
75 KB

96ms
7ms

Media
video/mp4

2404:6800:4004:1f::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2D7FBB17FD6978AA25FF9827A15CC2FF3F33B58E.79C0A91566176F5885984A69760EBC05993EF14C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:1f::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

001d8b3b06126347a3431a81191fdc755c1c7f994afc78af8e17d748d28d32c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Mar 2022 03:26:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-75755/75756
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 75756
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/2D7FBB17FD6978AA25FF9827A15CC2FF3F33B58E.79C0A91566176F5885984A69760EBC05993EF14C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main.css
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 1 KB
507 B 7ms
7ms Stylesheet
text/css 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb557cbf0858cec9d331a4129cce04c15080ccb27473def0da4268a85915433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 478
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E76E 29 KB
10 KB 8ms
8ms Script
text/javascript 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 09:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 18 Jun 2022 09:24:30 GMT

GET
H3 200 backup.jpg
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 20 KB
21 KB 13ms
13ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/backup.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be4274026586ede7747715338286e6b9393f2da7b7ff3ab5904f2cfc90c42284

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20974
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 intro.jpg
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 44 KB
44 KB 12ms
11ms Image
image/jpeg 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/intro.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9233220dce3810b938afc721a1e5930a677af30f620ad38daf02c4818556e7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44619
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy1.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 40 KB
40 KB 13ms
11ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

282ce6e357f4bb7a8dcf369f2c9ef8e4cc51dcf62bce58da372018c599e5b8f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41132
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy2.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 36 KB
36 KB 16ms
14ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b7cbd6f855ef3bcf20d42f8cd19b69763b962fbebda5a4f982dc1731be9c496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36683
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 copy3.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 53 KB
53 KB 18ms
16ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/copy3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e88f9d2aaf3785228d08854cb9e8cdf6a93544231e3a62347539b391ff3a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54748
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 transition.png
s0.2mdn.net/sadbundle/15306026249286253500/ Frame E76E 3 KB
3 KB 20ms
11ms Image
image/png 2404:6800:4004:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15306026249286253500/transition.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df3d97645fcbcc16995a28e4b15b0d66674fde5eac40d1f9a73c66957020fa73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 07:00:07 GMT
x-content-type-options: nosniff
age: 191070
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3242
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 04:12:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 07:00:07 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/ Frame E76E 106 KB
31 KB 220ms
8ms Script
application/javascript 2606:4700::6811:190e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15306026249286253500/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b140064d6ddb3746fda2cd6719d1403e0a48ab74c565c3fdc44efecc847231

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1348779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31489
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a78a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9uZyXuXn1a3Yv4oQ8ZPBINeQOXOb3es1WKQgvgqOhugocVcYukCtExYXyZj23WzVBcba%2BeFTwSWrSItZV%2BNm%2F80JiQJCjwrrxppwi0hrnMP7bw0R07UvCOW8G5khotscehaGlnPQdVFFG1asxvL2eiA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71cba6183d06af7c-NRT
expires: Wed, 07 Jun 2023 12:04:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 54D2 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1764 783 B
535 B 37ms
37ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5f495a416e97b7771f3d2d4967c110e37d33e5187132d071bd8c5cf650f1e2b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qhGmx9WHUWUvmnpRqL1wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1qhGmx9WHUWUvmnpRqL1wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:37 GMT
expires: Fri, 17 Jun 2022 12:04:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FC51 17 KB
6 KB 78ms
74ms Script
text/javascript 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 12:04:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C1C 0
0 59ms
58ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=2875112424369557&bg=!zM-lz4vNAAbASn8N4Eo7ACkAdvg8WnnsnRoscRREfeFROLx8V_saviQ3-RtvgRIJwlpV_OJrJ2rfcgIAAADEUgAAAAJoAQeZAv4JPdTHL7GAlcge3kC2PE0CYiKW5n95zqEUE7vjxitpdWpbXuQ3ZaNK0DVcvKokmbnf3txfWq4-R1c-cpTq0zZjoAKCWFtv6XaO2FGVqcuWJge6IKbSODhT0UBJbnLp3gvgWhXe-GXiGtcqRUsPisA34CTFqyWUIhES46c6XcxkB8DHWBqI1ggFC1I9fZzZkSGJxFW67gjspDo6ofPU8DHdVltDs486cUj-l1fBqdnHV1HtwtMlaWU5zSHMowSgjIsrHzu5B9vFTuKRZlgwNvScy4uW8mFjnGRc-Y8wLdBT2ojY4Ev675NxZuKtHJZvXNzBQOeDv0VnMyyhyNwYYiZlwEQJTsUgzTdq2nVLmkSSMb7K78aNp3YpMmve6UTEEHgx6jAo-1iwqiZC66wuXAz_35MUyZ3iZHYCmzd1nzu2-s54VDHy7PjEVLZ6CXDKAtE90UPVOpgSVyWYTVFce1zE4LkaRO9NESljbvszUPLeoiYgUpBfgODgRbfCdkRdF7GWtyUQrSky18FEZZhQ6opL021K4OMBxzkzFh42US9LF3yTUUWUlLRzpbm9uYTfHTdzDkAGPpsTXI7QdrILByPgGxfFF4sAQoPuxFGBekzVdugCOmj6bCXlKPLzLszfSb_hLEcvLeT09F6Rh78JVazO28fE6_mSpxuHXPLRfeZUjyIMfho3R6v4cmCEhhdHeaCYTb_9gkUZojanN3NRPHDGjX6TfRJAT0jzKDrdSU9Fz3oP3i7Z3BTE1g1SS701lThCJqXmCWMlT0KrTKT0fVn5LMXgVO1zb_5g_TJRtx59DwsgzjO5hy5-AkNi6Ls8KEAXgcWahdzp1BLHU8BsWOIUdf5VF74ua4M4hMlOCCPkX-LGedRYFMc-uJLTri7YC2TctDOWPoATJUa-8umfmNYi1TRjyFMfA17pwUW-Z1FbDv5q4mufyci637GQzzW4MNgY7CeP4p-u02JMki7JkXGpJt_Fr2TVPXZ8NXh7Qp6fNuOe-fjeNAKfVIOLso_R
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE07 42 B
64 B 49ms
49ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus6UC3MDY2QE8S1_ZdsxRtTnWE9S4rc7tdwXtyBEOnSwHw4a27OvhoTQrcDBa6HsuShAnz7OOuYJe5mzkN5UI-y03NTtv8rFgAVYJpnO2SmbjXEabXv4xY3B4u&sai=AMfl-YQSJZPTfuhL7vf6_4sgE2MCqASOTbPZRIwfL9IlJGZqJlm_k4zOzVkjN6dkJmIecX4wFdCa3kE5BoY-9tBXT7Q8S_8CUqzExms&sig=Cg0ArKJSzAnSA0UrtUCGEAE&cid=CAASEuRoIVuxBihmOVKvPeKG8URRvw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3326638708&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655467476016&rpt=707&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A71 13 KB
5 KB 3ms
3ms Document
text/html 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 33634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 02:44:03 GMT
expires: Sat, 17 Jun 2023 02:44:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 325A 783 B
533 B 40ms
40ms Document
text/html 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7671004dcfaf60409176c52fe7cb5d1d2cebe399c68d442e8641b5307a8b2374

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oJo8yMojaQc82mmkL8SRpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-oJo8yMojaQc82mmkL8SRpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Jun 2022 12:04:37 GMT
expires: Fri, 17 Jun 2022 12:04:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 54D2 36 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

245 KB
245 KB

66ms
7ms

Media
video/mp4

2404:6800:4004:33::7

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/02A203FE59E58DE3F5CD2BA93821CB6D915E8BF7.8119A5BFD9AA472F77D9433533858A2273A9F083/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:33::7 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9cb2d60bbf1c86f318a335e22109c2f125ef44fd7999d780f3a071d051a45a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 11 Mar 2022 04:00:45 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-250705/250706
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 250706
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r2---sn-oguesnde.c.2mdn.net/videoplayback/id/a25e3f32cc44630e/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/02A203FE59E58DE3F5CD2BA93821CB6D915E8BF7.8119A5BFD9AA472F77D9433533858A2273A9F083/key/cms1/mh/Xk/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/26d1730f812ba3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguesnde/ms/onc/mt/1655466801/mv/u/mvi/2?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A71 36 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1LsLs3hPvZWq9Am_ancfxsM5HBEIiYSFkjEIdAr0QGk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:50:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 317623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13859
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:50:54 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

94 KB
94 KB

61ms
6ms

Media
video/mp4

2404:6800:4004:29::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/5A1E019AE8BA1F8208BC3299C64C0916E03D14DB.074661022D9B6810BEA99F80904D24BED75BD947/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:29::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

918411f0da732121e8e8c3f92065164f6820a8735871520149034e96d870364e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Mar 2022 03:26:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-95806/95807
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 95807
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-oguelnze.c.2mdn.net/videoplayback/id/f9ea2634fde7bb6b/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/5A1E019AE8BA1F8208BC3299C64C0916E03D14DB.074661022D9B6810BEA99F80904D24BED75BD947/key/cms1/mh/q7/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7l/req_id/a0787fbb3d80a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnze/ms/onc/mt/1655466801/mv/u/mvi/5?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

https://gcdn.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,it...
https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,i...

119 KB
119 KB

19ms
13ms

Media
video/mp4

2404:6800:4004:18::6

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DBEF8A01FA814A636BB7849D3059B854C7C4AFD.2AEF52677BA0BC9B8F0F9A7AA9C385D054F8E685/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

2404:6800:4004:18::6 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

df0d8f5ad95b6bcbc49c5a0727f6ac20778efac065ab3595c09300e761c60ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 03:27:15 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-121344/121345
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 121345
expires: Fri, 17 Jun 2022 12:04:38 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:38 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-oguelnle.c.2mdn.net/videoplayback/id/cda166678f5ea18a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730208/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/6DBEF8A01FA814A636BB7849D3059B854C7C4AFD.2AEF52677BA0BC9B8F0F9A7AA9C385D054F8E685/key/cms1/mh/ka/pl/48/redirect_counter/1/cm2rm/sn-htgx20capj-npos7s/req_id/67b1c1d8be39a3ee/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-oguelnle/ms/onc/mt/1655466801/mv/u/mvi/1?file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,it...
https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,i...

74 KB
75 KB

63ms
6ms

Media
video/mp4

2404:6800:4004:1f::a

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/10CB84412B6972C8E75209AF2427D93412D94CF4.3451959685861C640BAC78FEBF2FB2DCE5E7983C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

HTTP/1.1

Server

2404:6800:4004:1f::a -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

001d8b3b06126347a3431a81191fdc755c1c7f994afc78af8e17d748d28d32c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Mar 2022 03:26:52 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-75755/75756
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 75756
Expires: Fri, 17 Jun 2022 12:04:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-ogul7ne6.c.2mdn.net/videoplayback/id/3302ff42c4e9f51a/itag/15/source/doubleclick/ratebypass/yes/mime/video%2Fmp4/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797730207/sparams/acao,expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,source/signature/10CB84412B6972C8E75209AF2427D93412D94CF4.3451959685861C640BAC78FEBF2FB2DCE5E7983C/key/cms1/mh/05/pl/48/cms_redirect/yes/mip/2001:ac8:40:b2::2e/mm/42/mn/sn-ogul7ne6/ms/onc/mt/1655466801/mv/u/mvi/5/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1764 0
0 57ms
56ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=938253491606001&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 325A 0
0 46ms
46ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=4354137296708468&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B591 0
0 66ms
66ms Image
text/html 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=1707102116517937&bg=!gYKlgsbNAAbASn8N4Eo7ACkAdvg8WkMk80J3H7O_qy51NIHBK65hx1aeHRufNfjbl-Tce_o7d-m_jwIAAAEXUgAAAAFoAQeZAtIksUjYsk9NYs7s4xqD28CeZTAqCDycVqBxwUDJDgZovpDPueo6Idyo1wQ2_lMiCddSgb-o9UY65kzvsCXwkvslDRrjCuF5RwK--0vX0vooSDMDHyGhU3zbTUS1CRlFjlUtviN4EkgpPkiGN7SFts9XQtVNcM-Y-TmQvFacd0Kq9EOiMeu43os4-59Oy_NMXlwsUWkPJ3MluPLpI4AvNOzBwd4VlFPmXNkzNfIILZMoGAwDtCmTslgiZK2Zr2dsF0zIwWe898U9CnInSEKVh6W8CIDg9Abw4eiTnoDkDF8EDalf6dPe6wfRW0Wd067-HoN301ZjLjlSewfJ_s9YG2bsMji1WV8PXCCGhrJbuKpETQIr0r7QgNzddpecsD8bP3uhYtTg42dvZstYRnmXdvp8Ztk23HBDEd6RVr1XKQ3fCi6qjrh4u07Xbvi1uiJloX3ObnZF4_74QYYrDCp6S-FmmncUe2a5tj1NkqTqc74sHTsGw7fMhDfm1BLDJmpF1uwTM2-sb7FSrwv_8foP0LF1R10umGL3pzHrXc5Sw8n5bOasdGyrCQlDvZUf7zcbKnv3ZQ43d_2p_it1AcP2MjIXckiZ0R3uFBSnuVQFHvvExcNT59CmaGsgQfXFFSQV41zJyYv45R3xsg4sPXIguMcac_6gfD_6BWtWU52GpT_UVQrpI3SdBAJbkr1m0mTit5Ia282A47KYyphEtdh8au8VaAq5_1X8PnOas8tJAp-GM1Xhpny4NAwtz68D4sjbRsA2OE0vIHNUnC4KQO7LnhE6Bnm17KzcRjU1eVYocbxQFj2Co4iJHwgostlvyvH7JCqa3ydxess20PwTcqzOJ3Y5RFxWUKZnlKp6ZszW7sTLapUTXCtzc2ag2mUnePKasSaQdJpIyItyordpblDw0raFx0M_yBUJ6ZS9yeV3LkYuKe_n4kaKhfWm5JQ1BA72yKgUBA
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A71 0
9 B 7ms
6ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VzzvvQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 54D2 0
9 B 4ms
3ms Image
text/plain 2404:6800:4004:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MjxseA
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame DF8D
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=6Zbf-HxzUXhVdGtyb2lxZHhpaEsxT3czNUw2bXRZcVBhMmZNdXY2SVl6T3NBRTMyUjVYSXI0UzUxazBCeDF1b1dHYnpHeldCd0dYWkJ0ME5sQkV0SFNocWZ2RHl1L09xdVdvcjkrVEVHeWIwNXV5V2tyRlk4U1lYWkM2aV...

417 B
668 B

4ms
3ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6Zbf-HxzUXhVdGtyb2lxZHhpaEsxT3czNUw2bXRZcVBhMmZNdXY2SVl6T3NBRTMyUjVYSXI0UzUxazBCeDF1b1dHYnpHeldCd0dYWkJ0ME5sQkV0SFNocWZ2RHl1L09xdVdvcjkrVEVHeWIwNXV5V2tyRlk4U1lYWkM2aVM2bzlNeFhZVi9pT0lmZktIYTVZb2JjdG5GY1hUVCtLdW1FbkR6Um8rMW5FRHh3Q3VXYWZ4WXVhNGlQRkgrbkNpVjlBVUhYUmpMd29qUUhOMk1CeEswbHlUWFlpS1RkNHk4ZDYzNlp3dHhlSWZqSjB4ekxESnJSQXFFM0lIOU1UZEVkWG8rYWxWMGVyWVVER05JUCtXdDBOTkdmQktCU2k5emE0eU4yS1VxVjBXMFhucThlZz18&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

74e6b3372704f674d39d791e909e95b9047e88c5285c2e3144f1a093b1c7b498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2730
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
location: https://mug.criteo.com/sid?cpp=6Zbf-HxzUXhVdGtyb2lxZHhpaEsxT3czNUw2bXRZcVBhMmZNdXY2SVl6T3NBRTMyUjVYSXI0UzUxazBCeDF1b1dHYnpHeldCd0dYWkJ0ME5sQkV0SFNocWZ2RHl1L09xdVdvcjkrVEVHeWIwNXV5V2tyRlk4U1lYWkM2aVM2bzlNeFhZVi9pT0lmZktIYTVZb2JjdG5GY1hUVCtLdW1FbkR6Um8rMW5FRHh3Q3VXYWZ4WXVhNGlQRkgrbkNpVjlBVUhYUmpMd29qUUhOMk1CeEswbHlUWFlpS1RkNHk4ZDYzNlp3dHhlSWZqSjB4ekxESnJSQXFFM0lIOU1UZEVkWG8rYWxWMGVyWVVER05JUCtXdDBOTkdmQktCU2k5emE0eU4yS1VxVjBXMFhucThlZz18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1208
content-length: 567
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame DF8D 35 B
266 B 179ms
179ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:38 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame DF8D 0
13 B 136ms
136ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: reurl.cc
URL: https://reurl.cc/6e9zk5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame B21F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=xU45ZnxKajNZOTFTMy9jU2h3R25FZS9SRVI3Z2puTjBicHcwUFlqUzkvaGJyV0h6TElPUHRaZFJLQk5HcTNUenhmcjFGeGFlWndMOWtibEFBM2xWd1dxdnp2UnZkbWs4ZUVoMk1OL0x1dDZkV0VmTkVxeW01Rjh4S0pTcE...

414 B
659 B

4ms
4ms

XHR
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xU45ZnxKajNZOTFTMy9jU2h3R25FZS9SRVI3Z2puTjBicHcwUFlqUzkvaGJyV0h6TElPUHRaZFJLQk5HcTNUenhmcjFGeGFlWndMOWtibEFBM2xWd1dxdnp2UnZkbWs4ZUVoMk1OL0x1dDZkV0VmTkVxeW01Rjh4S0pTcEN6cXM3N1BFbUgralVsQWxUVUFVT0VRVmJJcWJJSVBlRTIrQ3RrMzFLNjdxUkpUZjk3dGRxdmpPOTEzQ2dVQUc1TS8xSG9yR1FmT21FTTU2WTA2UjMvN1NVTnNmQWZaSnJnVkFuUnI5dUV4OE55dTgxVHhLZlNseEZrc2tvcHV4dkFCWll2YlFiRDNlQkdhSGRlOG5VaFRNQjVLVmJiUT09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/6e9zk5

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

da8ebf8eb819e4c61bb3cd3ed47549469927e54a10e3d5cd3f62bdaec79f7e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:38 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2973
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:37 GMT
location: https://mug.criteo.com/sid?cpp=xU45ZnxKajNZOTFTMy9jU2h3R25FZS9SRVI3Z2puTjBicHcwUFlqUzkvaGJyV0h6TElPUHRaZFJLQk5HcTNUenhmcjFGeGFlWndMOWtibEFBM2xWd1dxdnp2UnZkbWs4ZUVoMk1OL0x1dDZkV0VmTkVxeW01Rjh4S0pTcEN6cXM3N1BFbUgralVsQWxUVUFVT0VRVmJJcWJJSVBlRTIrQ3RrMzFLNjdxUkpUZjk3dGRxdmpPOTEzQ2dVQUc1TS8xSG9yR1FmT21FTTU2WTA2UjMvN1NVTnNmQWZaSnJnVkFuUnI5dUV4OE55dTgxVHhLZlNseEZrc2tvcHV4dkFCWll2YlFiRDNlQkdhSGRlOG5VaFRNQjVLVmJiUT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1172
content-length: 541
expires: 0

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame B21F 35 B
266 B 253ms
139ms Image
image/gif 209.58.188.181
LEASEWEB-APAC-HKG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Fri, 17 Jun 2022 12:04:38 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cm
c.holmesmind.com/ Frame B21F 0
13 B 136ms
136ms Image
text/html 35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 12:04:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 18ms
8ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Jun 2022 12:04:37 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 888
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 6ms
6ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Jun 2022 12:04:38 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 837
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 9ms
4ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Jun 2022 12:04:38 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 883
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 9ms
4ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Jun 2022 12:04:37 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 822
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4164 42 B
0 46ms
46ms Fetch
image/gif 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueB7mUvmIL_2OmvNiUXWr67SrO9Mi68EeYRhy4XsAkIry6OFxbwkuXC4zW5OvRXPf5uAmz2bmdqcWb2SJdjGWpiOspNV7O6f52z751rrwNdGw&sai=AMfl-YScLmeFXSWhlAJ2t0lh7R9YmsEB5iOfmD6pWES63OAbYy9Fu0FE4rNQRTpK2BoYxExXNbtJRd1DbYIhhxN4h_EPPHmLbhr5I8gulMDjYDdZGh9v5fAPao5uajY&sig=Cg0ArKJSzJRHMMmFGZLtEAE&cid=CAASJORoA2rOqbV1nXm4EuUwA6HRRaM8sxwOJr4etJbksKDycbRjWg&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655467476504&rpt=897&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 12:04:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: prebid.scupio.com
URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8567137355206662

Domain: prebid.scupio.com
URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.03633142292759994

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 21:22:19	Name: _ga Value: GA1.2.220517886.1655467473
.reurl.cc/	1970-01-20 03:52:33	Name: _gid Value: GA1.2.776816040.1655467473
.reurl.cc/	1970-01-20 03:51:07	Name: _gat Value: 1
.reurl.cc/	1970-01-20 06:00:43	Name: _fbp Value: fb.1.1655467473419.1223160288
reurl.cc/	1970-01-20 04:34:19	Name: CFFPCKUUID Value: 1516-4dCodaXLazeT8OkHpctFj4jLBCY1pqdm
.reurl.cc/	1970-01-20 04:34:19	Name: CFFPCKUUIDMAIN Value: 3458-dxds1ESbxUgHdfJSpFWlMdMrf9Utn7fM
.facebook.com/	1970-01-20 06:00:43	Name: fr Value: 0PSGilg60n5ZlQDRg..BirG3R...1.0.BirG3R.
.hinet.net/	1970-01-20 21:22:19	Name: uuid Value: db0e948d-5aae-475c-af12-be6907d633b9
.c.appier.net/	1970-01-20 12:36:43	Name: _auid Value: nt1C8GzNCyS_edE50W2sYg
.holmesmind.com/	1970-01-23 19:28:05	Name: P Value: 479937-1zYryQVWer2ety184OWrKmIDPZmAgQph
.holmesmind.com/	1970-01-20 04:12:14	Name: Vision Value: 20220617-23:59,20220617-23,20220617-23,20220617-23:59
.holmesmind.com/	1970-01-20 04:12:14	Name: C Value: null
.holmesmind.com/	1970-01-20 06:16:05	Name: RK Value: null
.reurl.cc/	1970-01-20 12:36:43	Name: __htid Value: db0e948d-5aae-475c-af12-be6907d633b9
.reurl.cc/	1970-01-20 03:51:11	Name: _ht_em Value: 1
.aralego.com/	1970-01-20 12:36:43	Name: sspid Value: e2111d40-72ee-3f93-b182-01c9a85719b5
.reurl.cc/	1970-01-20 03:52:33	Name: _ht_50ef57 Value: 1
.doubleclick.net/	1970-01-20 21:22:19	Name: IDE Value: AHWqTUmAkhXi9BcmA-zK2OYIIbynq46KllQtoT9dgLb0FEpywQhfFuEagpUQp0IBjQk
.reurl.cc/	1970-01-20 03:52:33	Name: _ht_hi Value: 1
.holmesmind.com/	1970-01-20 04:12:14	Name: R Value: null
.holmesmind.com/	1970-01-20 06:16:05	Name: G Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/	1970-01-23 19:28:05	Name: d Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.lndata.com/	1970-01-20 12:37:12	Name: admckid Value: 2206172004341859749
.aralego.com/	1970-01-20 12:36:43	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 12:36:43	Name: gdpr Value: 1
.yahoo.com/	1970-01-20 12:37:05	Name: A3 Value: d=AQABBNJtrGICEPPNu1BwXIthHeDGPyIQ9AcFEgEBAQG_rWK2YgAAAAAA_eMAAA&S=AQAAAqyXuqFBrHIYyYxM_UPAsng
.reurl.cc/	1970-01-20 13:12:43	Name: __gads Value: ID=35a3000533eb936a-22a1466c81d40052:T=1655467475:RT=1655467475:S=ALNI_MYLiwb4bWiFCVv5CTrzB65NIRnjiQ
.reurl.cc/	1970-01-20 13:12:43	Name: __gpi Value: UID=000006b770a46157:T=1655467475:RT=1655467475:S=ALNI_MZiDqlZQU_CPvvMrNngs6ZQm8I8aw
.criteo.com/	1970-01-20 13:12:43	Name: uid Value: 2098c189-7f08-455e-ae49-980b05066307
.scupio.com/	1970-01-20 12:36:43	Name: OrgKeyValue Value: CSA20220617200435761020
.scupio.com/	1970-01-20 12:36:43	Name: gx Value: H4sIAFPerGIA%2fxNmYGDg4uZ4cKz34KcZL6wEWIVYOOwFmADG9D3bFwAAAA%3d%3d
.scupio.com/	1970-01-20 04:01:12	Name: gxc Value: 1
.casalemedia.com/	1970-01-20 06:00:43	Name: CMPS Value: 906
.casalemedia.com/	1970-01-20 12:36:43	Name: CMRUM3 Value: 2d62ac6dd42760
.casalemedia.com/	1970-01-20 03:52:33	Name: CMST Value: Yqxt1GKsbdQA
.send.microad.jp/	1970-01-20 06:00:43	Name: TR Value: 1f82e033235bc82c6fdd634604c6cb59
.pubmatic.com/	1970-01-20 03:52:33	Name: KTPCACOOKIE Value: YES
.reemo-ad.jp/	1970-01-20 21:22:19	Name: deviceIdentifier Value: WyNlTkyPZqeKNXKxrmfwYFzRmmblpXCb
.reemo-ad.jp/	1970-01-20 04:12:43	Name: sync_gadx Value: 1
.pubmatic.com/	1970-01-20 06:00:43	Name: KADUSERCOOKIE Value: D53500F7-D2FA-4C5A-B559-91683E89F448
.rubiconproject.com/	1970-01-20 12:36:43	Name: khaos Value: L4IELC51-11-8USR
.casalemedia.com/	1970-01-20 12:36:43	Name: CMID Value: Yqxt1I.nlCH0iaTJ6Mzt4AAA
.casalemedia.com/	1970-01-20 06:00:43	Name: CMPRO Value: 906
.bidswitch.net/	1970-01-20 12:36:43	Name: tuuid Value: 13d397c8-5dbc-4f84-97cf-398476527bf0
.bidswitch.net/	1970-01-20 12:36:43	Name: c Value: 1655467476
.bidswitch.net/	1970-01-20 12:36:43	Name: tuuid_lu Value: 1655467476
.adsrvr.org/	1970-01-20 12:36:43	Name: TDID Value: dfd58ca5-2bf0-4dbc-ab27-5e3caf35d789
.adsrvr.org/	1970-01-20 12:36:43	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJDqzM_ymOg6EAUYBSABKAIyCwjO-bb8iJnoOhAFOAE.
.openx.net/	1970-01-20 12:36:43	Name: i Value: 83320b6a-96b9-4542-af5f-0fa92f94bc83\|1655467476
.teads.tv/	1970-01-20 12:35:17	Name: tt_viewer Value: d733a22d-c18d-423c-900f-aa16dd9447c2
.bidswitch.net/	1970-01-20 03:51:07	Name: google_push Value: ARnp8GC8hlN6HT_f4CQ6YJ2pzRXn88zfmF11P5JQR4rCfwKMKxfbDfPNyBolLasxHVgJbdloySOBC-vDKqRQkI9b1wGBP4r3R5J5
.scupio.com/	1970-01-20 12:36:43	Name: rubiconid Value: L4IELC51-11-8USR
.inmobi.com/	1970-01-20 06:00:43	Name: idsp_c Value: 546a753e-2f60-46b2-82a5-960464b2bbe7
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:23:01	Name: bcookie Value: "v=2&1b674e99-6bfa-44f0-8c98-b3f9877fd9d4"
.linkedin.com/	1970-01-20 03:52:33	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2374:u=1:x=1:i=1655467477:t=1655553877:v=2:sig=AQGmWrQCc6WQttdSEYEVM0cHd5kFCojg"
.adform.net/	1970-01-20 04:34:19	Name: C Value: 1
.turn.com/	1970-01-20 08:10:19	Name: uid Value: 7934898062475204059
.adform.net/	1970-01-20 05:17:31	Name: uid Value: 4994705504893034091
.simpli.fi/	1970-01-20 12:38:09	Name: suid Value: DC0F567862FF4D2C95A4A10117B587E2
.uuidksinc.net/	1970-01-20 12:36:43	Name: jcsuuid Value: cGXpt3buBwZvQrxPrWFr
.adnxs.com/	1970-01-20 06:00:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#vw>`A!]tbPl1M>e)ZlrFUfJ+tGXxo<CuX@zL^)tvMW-1xZiL:(HlsFfYvpS<+qOz83If)y3KL9D3I?+EW20g]
.adnxs.com/	1970-01-20 06:00:43	Name: uuid2 Value: 8545748097072203499
.tribalfusion.com/	1970-01-20 06:00:43	Name: ANON_ID Value: a0nseFS3n0hryoxDnS6ZdLlnifnKhXOAgL6UVId7VSHquQh57TIYdLieY2TLhFOj2ngYQZbYRuZaPNGyEpLTmGZa
.w55c.net/	1970-01-20 04:34:19	Name: matchgoogle Value: 5
.w55c.net/	1970-01-20 13:19:55	Name: wfivefivec Value: UQKzlBiK1O2aIl5
.rubiconproject.com/	1970-01-20 12:36:43	Name: audit Value: 1\|3D5lrhcO4iD4nZWWBtFyYR8pV7ZsgHdtcIYghInoLE+rLKOqscwnxmtEi2DM4hvPuIplmNU+QD3qFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.yandex.ru/	1970-01-23 19:27:07	Name: yuidss Value: 5112353581655467477
.yandex.ru/	1970-01-23 19:27:07	Name: yandexuid Value: 5112353581655467477

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09c0c0b5de4f21c3dc52a51678eb21d5.safeframe.googlesyndication.com
61605509c96e8be7bb97a5143f3fcfc1.safeframe.googlesyndication.com
a.tribalfusion.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yahoo.com
ads.yap.yahoo.com
adservice.google.co.jp
adservice.google.com
agent.aralego.com
ajax.googleapis.com
an.yandex.ru
bfcbafbaaba4e50dd166144f42f70060.safeframe.googlesyndication.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
c1.adform.net
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
creditcards.com.tw
db0e948d-5aae-475c-af12-be6907d633b9.t.ssp.hinet.net
dsum-sec.casalemedia.com
eus.rubiconproject.com
fcm.holmesmind.com
fp.holmesmind.com
gcdn.2mdn.net
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
ib.adnxs.com
image6.pubmatic.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.adsrvr.org
mug.criteo.com
mweb.ck.inmobi.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
r.turn.com
r1---sn-oguelnle.c.2mdn.net
r2---sn-oguesnde.c.2mdn.net
r5---sn-oguelnze.c.2mdn.net
r5---sn-ogul7ne6.c.2mdn.net
rec.scupio.com
reurl.cc
s-cs.send.microad.jp
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.aralego.com
sync.dsp.reemo-ad.jp
sync.teads.tv
t.ssp.hinet.net
token.rubiconproject.com
tp2.beap.gemini.yahoo.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagservices.com
x.bidswitch.net
fcm.holmesmind.com
prebid.scupio.com
103.132.192.30
103.231.99.243
104.254.150.241
104.45.178.220
116.50.36.71
142.251.42.162
143.204.86.83
150.95.47.242
161.202.200.115
172.105.199.172
172.217.31.130
180.222.102.159
180.222.102.162
182.161.74.11
182.161.74.18
185.84.60.30
192.0.77.2
192.0.78.187
192.0.78.244
2001:df2:a300:bbbb::135
202.233.84.8
203.75.214.136
209.54.180.144
209.58.171.197
209.58.188.181
210.59.219.175
210.59.219.180
210.59.219.181
216.58.220.130
23.10.15.201
23.106.127.38
23.108.102.145
23.44.53.47
23.45.61.118
2404:6800:4004:18::6
2404:6800:4004:1f::a
2404:6800:4004:29::a
2404:6800:4004:33::7
2404:6800:4004:80b::2001
2404:6800:4004:80c::2002
2404:6800:4004:810::2001
2404:6800:4004:813::200e
2404:6800:4004:81f::2002
2404:6800:4004:820::200e
2404:6800:4004:821::2006
2404:6800:4004:822::2002
2404:6800:4004:822::200a
2404:6800:4004:825::2002
2404:6800:4004:826::2003
2404:6800:4004:827::2004
2404:6800:4008:c13::9b
2406:2000:a4:9fe::1
2406:2000:e4:1504::6000
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a03:84c0:247d:fa50:b665
2600:1f18:612b:4264:95d7:83c7:b563:cce1
2600:9000:2066:8c00:0:e06c:e940:93a1
2600:9000:21d2:4c00:3:1794:2540:93a1
2600:9000:21d2:9000:1e:5c56:d400:93a1
2606:4700:20::ac43:47fe
2606:4700:3032::ac43:b27d
2606:4700:3034::6815:6009
2606:4700:4400::6812:230b
2606:4700::6810:5614
2606:4700::6811:190e
2620:1ec:21::14
2a02:6b8::90
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
31.220.27.155
34.117.219.39
34.149.98.30
34.96.119.68
34.98.64.218
35.185.130.121
35.186.215.140
35.201.76.93
35.213.12.39
35.227.249.156
35.244.196.223
35.71.131.137
35.75.198.235
52.197.44.129
54.254.238.16
69.173.158.64
8.39.36.141
001d8b3b06126347a3431a81191fdc755c1c7f994afc78af8e17d748d28d32c7
00629ef727c6c2f00185d9f431d757ffe961a78ec9296f04bde3245b0e56ecf0
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0437542089d469165cd97ca5f3a20534ded86fe0ed47a77ed4dc257fdf848ef3
061a5e2b08a32f5a4c6c606e45ba856a5b2a3a6bef6cca6840550e1060f03844
09b8094313fc511d0f733614f3e1b3b7fd3db093f4cd0c4ca2bf52f3087a73f9
09d12a7dc4e96f1b3dadfa7d83c2d5ca150b79c9b165a0fc158459b784f6e5b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a2e8741a3a44237bf03ff4b2072e4b70bd5f72b5ad1b59be87af596c29bf3
0c8a0b5837372da7c68717854a3f9043547e17d2a285e517eb49e860d04ff01e
0d878bb28a008c1ada5aa1fcfff91ab39a6e54dda5f51359ee93bbb70373a614
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1291c3d774415b830ea3f2c5ce78d160485606386d08a878c87f41ccdbe4a73f
12e46b645dde5408be7fc6f4ce9647addac5d09c5f27dc8e3ffe9e07e6c9a935
13ace3000c230275163af5eb27c262bc3788baa569bd5f4ebf8acdbc9b368650
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
1b7cbd6f855ef3bcf20d42f8cd19b69763b962fbebda5a4f982dc1731be9c496
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c417cfe06b07ef3bbae9b827ac8bdacd8ac4ae0ff87583a0603b5c01266011b
1e96d23570a21ae41a9fe619cd1040aebcdab437456cf7fbd47c86fcdc9614b2
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
2347e2113a0c6d4f115bcbeb6ae2982be9b2299fb0e333933dd5d7530d63b71e
24e802020fff34325efbf88a06cf2477023479d11def137b70b2a3472dbf37d6
260cef14eab28592e790873b2ed34232251236c3f86d583b7b03cd3465fe8f63
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
282ce6e357f4bb7a8dcf369f2c9ef8e4cc51dcf62bce58da372018c599e5b8f4
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3221ccc7c661c74f08b522d88575f767d1507e58ed094340c7fbc7f4a284e84d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36636efc3cf08e080d1af975d786696ced3faa0a26698e342273a59c7fb6fce5
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3748b3ffe5660261265a12bbc9c8ebfd6c4c1e43eff0a776585ac2f0f292f325
37f7cb504e24d04c0a0ad415ed8612013957406bceb5dc53e21ce7480ecbe46d
385d9695c056b74da974c61046be6b619185ae2a0b170b8f55d3357f052d44e8
39ae4d787c5e587cedc5dc98a77e90351d52446f9b645cdceb0b29fee53d16ad
3c5dd02cd4b4e5889f6b3efe5faccfbae53695ff00ba9c6df48a41e03a018348
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41dee7918ec0c10c933205c5dd706162888a561a83b02766f167c2a16644a21b
42176dd8bba6d2b3043429bc0f0401f069e2c8e3e2642fa3f2cfef58cad0071b
450ec09142b8012915afafc33e1253f5c6abf4f6a95d866065a85be31536557b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4733409211a7a3d3d490f107d6e5b846263c9a8697a10b288f49230422b41860
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49208d22ed999fd361d3061398d38da0b539ea359a74ed244750fabc39b9aa0a
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed408c83e6ccbdbd51992986c85a6df38401dfec4a89b5d0bd7bdbad7e8c0bd
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb557cbf0858cec9d331a4129cce04c15080ccb27473def0da4268a85915433
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5af40032d30af7eed15f0e63e1df9f71de8da66f1a4cc01e06efcfc5edf1bf40
5b5c859910a0da0b091abe462b45e0d31b6a54a4c73b3097bb2de2f3ebc4ba10
5bd86173a60386373d8f421e527bfbeaa642d84eb76aaec700e01a66e50dc7f0
5c4e555f2cdb1d2c4bc4bd48cf25afb9944c1faed58be0725a8222e9fe2dd67e
5c9b0652899d3687ea14076efe8f4144d1317fe1073dd7f1e87af7413408339a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65270abb587a4a940d5e95391923a39c85fe155383bdada55710eba9084f0c24
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
689645e97292c57ff335fa7563172553a28858cf9bbf3b9eae5e0fd96bf43b69
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae681d708d3258a1b7861438d111f43cea16e578d3019fb5145bb702860268a
6cbe12faad98d8b75965e41ff4037cb368597f121df1075a3fbcea18834201d9
6e9ab8ab1d57a0695a66577e348ae4343e1a92f70cb4835a52c4863f11114037
74e6b3372704f674d39d791e909e95b9047e88c5285c2e3144f1a093b1c7b498
7671004dcfaf60409176c52fe7cb5d1d2cebe399c68d442e8641b5307a8b2374
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
76ed5b9a4f77958a4fb9c86b1768050f6d24f5751ad9eac47d42fd34cd59b2e6
7ea014dbd2141838e64f839656dd6eec7e513ebac16b0b811430b3a81b777a58
8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850a150239aa319a9c772f1e6e71c15680d670c980c3daf41734c6ce8e0e8255
8a01d484dea4d228b7ce9914acc6e04cd3ec3c877fb5bc7f542d11e62b6d5bc6
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8affb5eb694f03265a9b5426bff2402aeabd8f116085c47403570b121e295c65
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
918411f0da732121e8e8c3f92065164f6820a8735871520149034e96d870364e
9233220dce3810b938afc721a1e5930a677af30f620ad38daf02c4818556e7ca
9507c82f63728034db45af7acd453276bfa6185dc77051a1c9ba4e832768decf
964c1bcbb15822149986951a68b9d6af016341f66acf7c5257d422f1f4eb6645
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a8107b409a85294861156b187b0b1dffa2bd065215e572cd4ea855218dcc3fc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8c0ac19964706e18280f35973180a896d74c52c760c2d7047d6a94c1329a6f
9cb2d60bbf1c86f318a335e22109c2f125ef44fd7999d780f3a071d051a45a55
9ccb8b9a6ee44b87ed26be736139cba8fd2d712f29dc8004c41a66e55fc206fb
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9fa980a641f6436e48942c0bb79859babddf81f3d6316edc4dc19b0f0ae61e8f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0674094c9bc9f20ecae340fc60248b65c3e7e60537c7b89abe3e4b150bda7d9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a3031b72dfd5af729f239b5fa2586325271da7067663e6e937b58244b4852cdc
a3e9505934fb894a88dbea3297bd5273091adf2aa3d4c42d7b6552a18707c21a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d5c88e436b2da390d65812d83df7b6bf3daf9dd484c18118d9f2317d2d6948
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a84e18f7c6d146ce37634fb2c239ec05ee278cadcc1daec3372b993c61bdab33
a8b140064d6ddb3746fda2cd6719d1403e0a48ab74c565c3fdc44efecc847231
aa7d5c4f8503ed1c61e33520ded1c6af24c8081374d27d99ea30069da2169029
acd723c8b4be139d4d9c0110a5f9848aa87d1795c432811eff542260c7dbd865
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4226fe5329d5e56744ae24b393cb8a3a8ab895661b294972bd516cd388e0f0d
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b7e88f9d2aaf3785228d08854cb9e8cdf6a93544231e3a62347539b391ff3a8a
b8154ef2bad9c16951f463ab4cd5dfd7c19f13e1698f9691fb67a1258acbfda7
be4274026586ede7747715338286e6b9393f2da7b7ff3ab5904f2cfc90c42284
bf051f3ee7aa85b70fbdb5a9c4dbe61dc57372814f700b1b23ecb4f7dfb9ce63
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31a23592de4c0f90f33a0fbe516035b151d27e12821404a75bf5e6ca2c1851d
c50a4d6505f1216962db6a855d60ebf08222fa6c286e7f21699c002d81b3cd9d
c9444dddb6467e00274771d88673b14e702b2f749bf0209cdd83ed18eb430603
d28994b64f1a0612d0076a2557f92a8bcd7d534818fbbb392738eb0689c2298a
d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4
d3bc17141284652ab2fb52acd8b0bb19b9f668d373962766e513a13f318c2d8f
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d4bb0bb3784fbd95aaf409bf6a771fc6c3391c1108898485923108740af44069
d541f77dd45df41c827a1c2b2899696c336c7bb3a1a06422d66ca4f37454258e
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d64ff733921537a418d16ed3b3a7b440e972b5b308440f4c48a424b31da6af98
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
d8879a25d7ba59d83faf14d6c39e25f1342c8b639465f08d5f7e4ced786e0a7b
da8ebf8eb819e4c61bb3cd3ed47549469927e54a10e3d5cd3f62bdaec79f7e3d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc21bc7732e89c80dfa432623176dc1cb299ecb028334cd2ad386da0c7e43bcc
dcb5009ba61768a2dbeffb1f453c36ddb6097ef6e00f36aaedd0fbc15f79d73f
df0d8f5ad95b6bcbc49c5a0727f6ac20778efac065ab3595c09300e761c60ca1
df3d97645fcbcc16995a28e4b15b0d66674fde5eac40d1f9a73c66957020fa73
df84f7be123672ec0dc04b526561de9c771fc6850852da99cc9cd1c78d0830c3
e0f282af981881505ec9471152e045651794ba2caf933fdeb6be3301bc08e26f
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e32272da242ceb6ecfad754975bc09782c6229a7a46c58e46cec347aab22be64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d999f79b235f3f12d4e98214e3f04f42dba5444601d6562b231c9b59a9b003
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c440613a194e8288b8d776510dd081ad1a50b0006d8ba756a6be9dd4a6390c
ebb5b843e4213db60048b5d338120b97aa988f15eca48d95c36f1b78f88be193
ec932c455eda11443b2dc60e323f01a43a8a93eeb5bb281460f90e900f15151b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0276a30a4a4e452906175d089e368cfd6a230ef1a7f6c4021dc2f68c681404e
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f5f495a416e97b7771f3d2d4967c110e37d33e5187132d071bd8c5cf650f1e2b
f7770fdfba7cddd3afef2938b438f1f4b61b97a0f61a8a43a101a44a149fdbd3
faf4e371ff9b6e05e696bf9f4e9acdacd5a14bf65728565d2cd17bf8e7d3801c
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf
ff7687c91db12eafae28d0dc4766fea210e82baed0307b2c0779ef203ec06876

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

449 Requests

85 %HTTPS

43 %IPv6

57 Domains

100 Subdomains

73 IPs

6 Countries

6499 kBTransfer

11113 kBSize

69 Cookies

17 Outgoing links

Page URL History

Redirected requests

449 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

449
Requests

85 %
HTTPS

43 %
IPv6

57
Domains

100
Subdomains

73
IPs

6
Countries

6499 kB
Transfer

11113 kB
Size

69
Cookies

449 HTTP transactions
6 data transactions