urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 10 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 72 IPs in 7 countries across 53 domains to perform 538 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
2 151.101.129.229 54113 (FASTLY)
5 34.149.98.30 15169 (GOOGLE)
1 172.217.175.72 15169 (GOOGLE)
3 142.251.42.162 15169 (GOOGLE)
2 175.41.55.19 9505 (TWGATE-AP...)
2 157.240.31.35 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
21 31.13.82.7 32934 (FACEBOOK)
3 216.58.220.142 15169 (GOOGLE)
4 107.178.241.176 396982 (GOOGLE-CL...)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 104.21.96.9 13335 (CLOUDFLAR...)
1 104.17.238.194 13335 (CLOUDFLAR...)
1 61.216.47.122 3462 (HINET Dat...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 34.160.17.71 396982 (GOOGLE-CL...)
1 13.33.174.59 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.187 2635 (AUTOMATTIC)
3 3 52.223.40.198 16509 (AMAZON-02)
2 3 18.140.225.254 16509 (AMAZON-02)
1 2 18.182.162.20 16509 (AMAZON-02)
2 202.142.229.147 18126 (CTCX Chub...)
2 216.239.34.181 15169 (GOOGLE)
2 142.251.8.155 15169 (GOOGLE)
2 142.250.199.99 15169 (GOOGLE)
44 2404:6800:400... 15169 (GOOGLE)
19 182.161.74.1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.102 16509 (AMAZON-02)
23 142.251.42.161 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
67 143.204.126.128 16509 (AMAZON-02)
7 142.250.207.34 15169 (GOOGLE)
1 2 142.250.199.100 15169 (GOOGLE)
6 2a03:2880:f00... 32934 (FACEBOOK)
3 2a03:2880:f10... 32934 (FACEBOOK)
3 142.250.196.130 15169 (GOOGLE)
17 81 142.251.42.194 15169 (GOOGLE)
21 185.167.164.39 198622 (ADFORM)
2 182.161.74.11 55569 (CRITEO-AS...)
5 142.251.42.129 15169 (GOOGLE)
2 172.217.175.74 15169 (GOOGLE)
1 6 34.98.64.218 396982 (GOOGLE-CL...)
7 116.50.36.71 18046 (DONGFONG-...)
9 43.207.10.196 16509 (AMAZON-02)
2 34.95.67.231 396982 (GOOGLE-CL...)
2 13.230.11.166 16509 (AMAZON-02)
17 203.75.214.136 3462 (HINET Dat...)
2 9 35.201.76.93 396982 (GOOGLE-CL...)
7 35.227.249.156 396982 (GOOGLE-CL...)
14 52.197.5.4 16509 (AMAZON-02)
1 1 124.146.153.167 2514 (INFOSPHER...)
2 2 99.84.133.64 16509 (AMAZON-02)
3 3 202.233.84.8 131957 (MICROAD M...)
10 16 104.18.36.155 13335 (CLOUDFLAR...)
6 103.132.192.30 138552 (RTBHOUSE-...)
6 210.59.219.34 3462 (HINET Dat...)
16 32 35.190.36.98 15169 (GOOGLE)
16 16 172.105.220.23 63949 (AKAMAI-LI...)
2 142.251.42.195 15169 (GOOGLE)
12 182.161.74.18 55569 (CRITEO-AS...)
4 142.251.42.198 15169 (GOOGLE)
29 2404:6800:400... 15169 (GOOGLE)
12 23.62.20.90 20940 (AKAMAI-ASN1)
21 2404:6800:400... 15169 (GOOGLE)
7 2404:6800:400... 15169 (GOOGLE)
3 4 103.43.89.4 29990 (ASN-APPNEX)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 2 50.116.239.135 6336 (TURN-US-ASN)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 133.186.161.89 45974 (NHN-AS-KR...)
1 183.79.250.123 24572 (YAHOO-JP-...)
538 72
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.129.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    172.217.175.72 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f8.1e100.net
www.googletagmanager.com
3    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    175.41.55.19 (Taiwan)

ASN9505 (TWGATE-AP Taiwan Internet Gateway, TW)
PTR: 175-41-55-19.twgate-ip.twgate.net
ad-specs.guoshipartners.com
2    157.240.31.35 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-nrt1.facebook.com
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
21    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
3    216.58.220.142 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f14.1e100.net
www.google-analytics.com
4    107.178.241.176 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    104.21.96.9 (None, )

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    104.17.238.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    34.160.17.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.17.160.34.bc.googleusercontent.com
www.rayskyinvest.com
1    13.33.174.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-59.nrt57.r.cloudfront.net
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    18.140.225.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    18.182.162.20 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com
ps.eyeota.net
2    202.142.229.147 (Matsubara, Japan)

ASN18126 (CTCX Chubu Telecommunications Company, Inc., JP)
PTR: r-202-142-229-147.commufa.jp
scontent.fngo4-1.fna.fbcdn.net
2    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    142.251.8.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f155.1e100.net
stats.g.doubleclick.net
2    142.250.199.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f3.1e100.net
www.google.co.jp
44    2404:6800:4004:821::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
19    182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-102.nrt57.r.cloudfront.net
tags.crwdcntrl.net
23    142.251.42.161 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f1.1e100.net
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com
tpc.googlesyndication.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com
8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com
794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com
fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com
2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com
ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
67    143.204.126.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-128.nrt20.r.cloudfront.net
cdn.holmesmind.com
7    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
www.googletagservices.com
2    142.250.199.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f4.1e100.net
www.google.com
6    2a03:2880:f00f:104:face:b00c:0:3 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
connect.facebook.net
3    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
googleads.g.doubleclick.net
81    142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
21    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
a2.adform.net
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
5    142.251.42.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net
cdn.ampproject.org
2    172.217.175.74 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f10.1e100.net
fonts.googleapis.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
7    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
9    43.207.10.196 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
2    13.230.11.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-11-166.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
17    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net
9    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
7    35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
14    52.197.5.4 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
1    124.146.153.167 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    99.84.133.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-64.nrt57.r.cloudfront.net
cr-p3.ladsp.com
3    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
16    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
6    210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
32    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
16    172.105.220.23 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1874-23.members.linode.com
gocm.c.appier.net
2    142.251.42.195 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f3.1e100.net
fonts.gstatic.com
12    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    142.251.42.198 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net
ad.doubleclick.net
29    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    23.62.20.90 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-62-20-90.deploy.static.akamaitechnologies.com
s2.adform.net
21    2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
7    2404:6800:4004:80b::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
4    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
app.cauly.co.kr
1    183.79.250.123 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
cksync.yahoo.co.jp
Apex Domain
Subdomains		 Transfer
123 googlesyndication.com
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com
8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com
794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com
fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com
2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com
ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com
681 KB
110 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
669 KB
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
2 MB
48 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 52931
gocm.c.appier.net — Cisco Umbrella Rank: 2197
8 KB
33 adform.net
a2.adform.net — Cisco Umbrella Rank: 8098
s2.adform.net — Cisco Umbrella Rank: 6115
566 KB
25 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent.fngo4-1.fna.fbcdn.net
570 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
272 KB
17 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net
23 KB
16 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
10 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
bidder.criteo.com — Cisco Umbrella Rank: 776
9 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
701 KB
11 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
5 KB
9 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
7 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
3 KB
7 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644
2 KB
6 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 92120
14 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
7 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
27 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
3 KB
4 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
13 KB
4 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 115860
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
194 KB
3 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 gstatic.com
fonts.gstatic.com
35 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 981
2 KB
2 re-news.tw
storage.re-news.tw
asset.re-news.tw
435 KB
2 guoshipartners.com
ad-specs.guoshipartners.com — Cisco Umbrella Rank: 149876
29 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260
619 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 88638
161 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
611 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1618
173 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 55430
663 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
844 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 creditcards.com.tw
creditcards.com.tw
49 KB
1 racingcharger.tw
img.racingcharger.tw
307 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
18 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
98 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
538 53
Domain Requested by
71 pagead2.googlesyndication.com 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
reurl.cc
www.googletagservices.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
67 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
ad.holmesmind.com
41 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
39 tpc.googlesyndication.com 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
32 ad2.apx.appier.net 16 redirects reurl.cc
27 cm.g.doubleclick.net 17 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
reurl.cc
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
23 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
21 a2.adform.net 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
s2.adform.net
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
19 static.criteo.net securepubads.g.doubleclick.net
cdn.holmesmind.com
reurl.cc
static.criteo.net
16 gocm.c.appier.net 16 redirects
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
15 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
14 ad.holmesmind.com cdn.holmesmind.com
12 s2.adform.net a2.adform.net
s2.adform.net
reurl.cc
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
12 bidder.criteo.com static.criteo.net
11 www.googletagservices.com securepubads.g.doubleclick.net
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
9 c.holmesmind.com 2 redirects cdn.holmesmind.com
9 cm-dev-poc.holmesmind.com cdn.holmesmind.com
9 googleads.g.doubleclick.net 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
reurl.cc
pagead2.googlesyndication.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
9 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
7 m.holmesmind.com cdn.holmesmind.com
7 cm.lndata.com cdn.holmesmind.com
6 prebid.scupio.com cdn.holmesmind.com
6 prebid-asia.creativecdn.com cdn.holmesmind.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 storage.reurl.cc reurl.cc
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 ad.doubleclick.net 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
4 us-u.openx.net 1 redirects google-bidout-d.openx.net
googleads.g.doubleclick.net
4 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 onead.onevision.com.tw ad-specs.guoshipartners.com
reurl.cc
4 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
3 s-cs.send.microad.jp 3 redirects
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 match.adsrvr.org 3 redirects
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net cdn.holmesmind.com
reurl.cc
2 fonts.gstatic.com fonts.googleapis.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 fcm2.holmesmind.com cdn.holmesmind.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 oajs.openx.net 1 redirects reurl.cc
2 www.google.co.jp reurl.cc
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 scontent.fngo4-1.fna.fbcdn.net www.facebook.com
2 ps.eyeota.net 1 redirects reurl.cc
2 ad-specs.guoshipartners.com reurl.cc
ad-specs.guoshipartners.com
2 cdn.jsdelivr.net reurl.cc
1 ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cksync.yahoo.co.jp b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
1 app.cauly.co.kr b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 tr.blismedia.com b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
1 sync.fout.jp 1 redirects
1 r.turn.com reurl.cc
1 ad.turn.com 1 redirects
1 529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tg.socdm.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 creditcards.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 reurl.cc
0 ups.analytics.yahoo.com Failed reurl.cc
538 88

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ad-specs.guoshipartners.com
Go Daddy Secure Certificate Authority - G2		 2022-12-30 -
2024-01-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-18 -
2023-12-17		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
onead.onevision.com.tw
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.fngo4-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh

This page contains 74 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: BA8D5A613BC9503C8BF9E51F6D049003
Requests: 50 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 6E10A2AE020EB78CB3AFD282A2E6E438
Requests: 32 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8FFD5F56F4655EE6170A7DEB8BACBDD6
Requests: 3 HTTP requests in this frame

Frame: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D376C6782B66ECABFBD74FE1B7C600EC
Requests: 1 HTTP requests in this frame

Frame: https://35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 00F94D380B6B3E4C12D77E8F4B29AF18
Requests: 1 HTTP requests in this frame

Frame: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9A16F925BF367B3D27E8B4ADC4BFE67
Requests: 24 HTTP requests in this frame

Frame: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB8F16ABB6C85D1D4916D4A5A070BA23
Requests: 23 HTTP requests in this frame

Frame: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E07738DA9BA8745CCF3003340563EA64
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuewhK4EpJDv8MhZsh2sCGmd3khLDXGBBCExUoUMUcLW-0SQTknN0yex9SiLyZYl8xTHwfobIy3fSjaf-uer33XTr5ugaGPKxdF3LmBuir0KBr0Zn8mjdC_aOgyygmVbXZgG1RC0XaINEVWzJmiEEQOqCsCxAG49CqaxIdUCOb28DIvCa5qAYncRY_4pyQsmir2BAmMaSDg7NGqEmeAzJsI8X4LkdE-htuwgbTY3aHFZpCJ1gFEy8ARzi-8ciWTNgANKF72Je11HujzwbvkExJJ2lnQVVkhqdstHBEzmDrTW901Es-0XDqqFte1xmC9RxgHsQs_9Q9yemS24X9RsFMVm38TSdzE1Q_GXlhIlrP6AAAuE0KOsUp7ssZLctJg&sai=AMfl-YR6td2N2yE8MQ4GJrfFemDsON-tshUFIJEooMeMfaHrRiidOrfJfHbhi7K8eJIBc7fGmfPMKCkSmvqxnNQvdOpiDyM8jd9ePkljUZB9Pwer4iAsRgQrKdlTzTGTqdk-Rx9zO3hYvRqBAF9Be699wUgqw_axpAAxqJX4_g&sig=Cg0ArKJSzEv3AXfOEdMTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 404E74F9F51A9940BD31F049D016F97D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSZwzprdxcPM1vfvQKiXtSzdPy_tisbqSGDMZmMu5heGLaWrASdy1_QkBSwvetSFrHUS1Ti1iu75kQ5aCltLa2sI-t75LLiFsr7ifhOsAhF66ISxgKYcd0hwJPtZ9yxCYdOywDNEaa99yrvSPKpBi9WtVZxIBJod2pVaelsEHWBvVsC4fln8_p0p_Eo8JrrnpIorH7MUTrI8jP-TY-dXDsErhvYD0y9RMeDz1cQk3zUDL9eAWV5RVzHK_7_UInDVAksAHUvKeiKmJgcqjS-uAZ7YoIBaDwRNQbZiJQfQ2HElWu7uOQ4Gl8w6AeHy-q9Gq1bXeA-pnpmw1wiEXE8Mt-DJB0jw8cMKcIY8NJUQe650pO99RytcBmVt4HSwdH&sai=AMfl-YRs9TSbB-oSh5ZKx9YrrN4yBUxOni21D3U4WiPV0dWgr6q9CTrP8eAZFbYijaz6xPIkucGDWUFaradPWQBzproQtr2dcf4ZQzKQGl4WdSEln65bKy7rPwZpjGPkS6WnYJj717vlxqqKCEgaqyRr6u658Foo5ieSY2QaGg&sig=Cg0ArKJSzCea_fcBaHViEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: FB1CBC6E7F8EC9093312CD2B78BEFD76
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUp2YQQ9S8fzFoL8sNXwFZzqhM4gLPMOrnFiGPcvPpPbQr7Vp3RuDxMTptVzfIjtza7Duy8o8VAD-0LNZ8F6dSH_-5rTw
Frame ID: 7D683A3D191944BA521A355043E3E25F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhjMic_-ATAB&v=APEucNUhbiAQbFm-Tck2vFrFQnRg-fIc4Z74IwFonMduBD4A97ukgqGEOA_Njw53oB3c8KuM44bCW4UtxXRubT03TYYFQ39vTw
Frame ID: 60290E9733F0D2BFD9C1A3BD2578AB10
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUv-f2Byx-cH-mBBoAevZLNzEc5rBR_-euJ-gD8ETKDamZjoRT-hq_19eU2rPrmHQoTcodARJ3_vlnfDOUCG-vjZjHRYQ
Frame ID: 452FBAE35BC2DCCD8E80EFD3C97D4CEB
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: AC10CB9510B4A3ED7A2B95843C103E8C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: EA26F046BE732697911FDF62C8C64379
Requests: 15 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2AEE7FFB9CDC8389E5C38ADC9408E968
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 7C11D1F5F0053547D8A5112DF97F28A2
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 7A5FEB911A2D6378ACDBAFB5B5CE53EA
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 26F7A02B234A9D605535D1322BBBCDC8
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 9B9131C4092791D8AF8466B69340A048
Requests: 13 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: BBA4AEF62FBF0A80D9EFA8AF5649075D
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: A6C6CB9F8683A4AB67F7359646108CB7
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: B87C7641DDDA1B9737D5CAE972AC1DBF
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 3F991CA1FBC638A5EDCBC19DA30BD8D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 05AF2E9AF533054F858B1BEB4EA6CB68
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 234B4DD0DCFE8A2684812F5BF82E80CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 628F7687DE31AC854CDB2788FCD9E7EC
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 02ED8A94062712CDBC93263F23683559
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8A1F8430C139C9443853B0CBA814C6D1
Requests: 6 HTTP requests in this frame

Frame: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 1F633DEE158EEFDDE28B9E13BB6050EF
Requests: 1 HTTP requests in this frame

Frame: https://529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: B3487A30E65609EAEEB11AD8543B3A6F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD7551EE0022FD1EF5CB4DC67D80B980
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63932BB90BA23B044886466747E940F4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A2A12E22DA37366826BDC8B0B2A9E1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2EAAC82095A151D00C2A7DDF88295386
Requests: 2 HTTP requests in this frame

Frame: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 186CF00B90525625CAB64579C518DE3D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Frame ID: 68B7F51649D5409DA23563C826FB9A5F
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssmLGSzJ1PqvTXM-rx1e7JhXdYHi8_ISK4s41F4nwS2ur2dHdRp7JRLsqBbmWBgcJGa0OI8ba5ZykeTAmyQhx8Ra9lU9u1Z2H6-WAbSt4ophuNBn6I22XSfozmsjt12RGx5fNX4VjIHpo_IKxdGpKyzHrGv8b5h3A7TUZZBO9OJdvgR6jvv2RxYj_VbKJDFl3d_CkYR6O4eNd67ISxK74opTchCM60QJ8-D86DwNuygs1PtNzaQbkA9ke8vCOKdEQLGzX_hwPaQgVhYA2KQD7T6F692M3fS-SSTyCgdTdtkwnWnL1kabXIV4fvHDwaa6YsFwGDNDIv09r_S3SL5s_TaOD79p20s0loQoHeKV3d3vK9wIU44AOxobKoDIhEYX0Ht05Cnqk&sai=AMfl-YTJewXwBRs4IerOVW1OOGH63mSkovj5wNl3fPjgff8Hwxp9UPKDAnlblPdHImPchM2P2UoupYywc5XBlfmu3QnxXyAmOvLdrjNhS_smVXZ7dJO0X-32cOoqEoqAjov1RrpMAb1-FnIE8A&sig=Cg0ArKJSzMYmsp-0OjUfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: D9F8EA5D382C85500E0878D730AFE9F4
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Frame ID: 53F9BC3E4A17F319CB9B7E9BA1881ED4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 9F4991A40C5912095CEAEF4D00AA7D5F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E4347F9D64CDB0B1C2052C0FB00CFE40
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EDC55161B29F3F8BF366456795F8BFAD
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1C7B42AD8CB100021D14BFEA6D9F1887
Requests: 6 HTTP requests in this frame

Frame: https://8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Frame ID: 6C1C93AABBFD74C8BF294344232398B9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4E49488AAE77F9168460B230310759A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 110065699E6C51ECB73B5C0AD3863CDF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstY7Z6k9N5kl8OlxYLLzm8vLece-hS9ieuHLOANCkjVL_vMqbhVPevoI7b2rpU7FFyZNqVpFRB7qXimi9DOLdXYDO2PevM6W73DJ0n4iwR0wTDZvh3FnRnxJzITNHEJpYu_F6FV_C0_6SUBY422JZRH1CaY0wfNtengqr763l6xxqFmss9qaLfSaVsKTZyhkDamTHRKaTCQ15_tJzY9JF9HUnPTydoaY_oY5wnkoDyl9htwNmCPlIwTyuHgRhkA2atmPJDXjl2Sv-2Ge5ruC3rYPpfqRQhATN0g6eix5j5_aLZGqlIA5otFFRU7VRe3VR5MJ_I1dlkTnrtVHJCGjkQQ1f_d2MGwLSXrqyqUh2dHc7S5PeiZkowXz7kiER_az_bVOnoSHHk&sai=AMfl-YS0sSMXNZysgwFrQr2fhB2wq0y4egdqgwfPFEktHlXNAfwhp61sLPP-FAIUWyxHnJ7zRnshWk5FBtqRp5WRCYhAkTS3gNAFRBgd2Ug71k3nEcLDLoCbpwwEYqrwKfCXiPV1WljU8R3eGQ&sig=Cg0ArKJSzN2sPVrTlRqZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2144EA95B7BCAA360FDE45C4548321CE
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Frame ID: 2B7C1DABE390EEF9D4D2012C565A0AB8
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 6FFB46931B36ADA01E8BA3FDA52307F0
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CA7E86BD2EB2D66B0BFB00E568C008A1
Requests: 6 HTTP requests in this frame

Frame: https://794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Frame ID: 395EE7C153DE221BA60B044AD071E257
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97FFE4D70E8F312515BF443D4F6705F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 605906D1756D43BB829325EC11A16CEC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWRw2Z4jluXwmHQFLSY85K3KsTOexUX4DKrmq3BzjDStVpgp9Ff6iD3RFqAK731k25HMVKs316mX9PkWEYyC4ahjS4gErvDbmE6AFUpXW9D29aRg4pkwxRlL98FtFmrM-Loy2xQWV4N45HmOfZOCd3ZV92byjBLPiomz-GzQ1oc1lhTLLVUI1-w-O_5S-NCqzK1RJSw1TEge9p2fi2qEix3hmLXTklGlx4UfRoJANW6Qv7ctYD_XXNWhqtrWenYLSHrQxJaUuumn4CgZSnpniQaywjYSPtSadzmjJEyO1pZgNPP0daipRjL0zOJyGPTMNaFgH3AO8lzOH9yf9t3v47J7pFcR9UlgVWjmCVxjMKsKomGlZse8fwVEyip-jdaJOXhcE4zeg&sai=AMfl-YRbzyTjBSrLoxfMxwvXqz5kdy9EwHQTm19D0hm_-BK6ey3KxkjzOH8ghydOcptNZ5R0EG0DtDoqMcwPTozYm17QXar8MMhOJ32EastI_qej2dNOEl1vZIvIQG088pHGZGpW1CBuzWAWTw&sig=Cg0ArKJSzEwO7IiLWHslEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CFBF10F396E94BE80BE045E004C0B36B
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Frame ID: 8EC96C0A4B9CE0DFD23DCFAD75F82824
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 9E4B6E547F9B72F510D2CB304D40259F
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3E4657F13E44C6701789A0AB03C84CB6
Requests: 6 HTTP requests in this frame

Frame: https://fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=12
Frame ID: F375089D42508954486890BCB83F8A95
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F2E840577843341C361D08E3990F3D25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 668D904680DA62F7CCC9357E92DA3093
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsvpRew-Kb04QmCUTfHP4fQQNWuYuTnokpOt-gKrvR06hBUhPzOe_04xecTeMfyM2zc5H6XCGiNjQrlVO3HXophYbkPwAewWrCdZ9TzFkO4WO0IQCxZxd1o5WyXHD2SY2awRnqqvu-NtyZhkcQXmXQS5JIN4tx93KfYhWePZNtfl92b7cyk7DmECMZ5EA7ieaOcNwr-NfCa2-5smv_XfI_mH2HzP1qU8a61r5xuGBexJ0CUifELqln22pgZZv8PvIQnlBkaBWz1RRsAGi-hFKQIp8M3b57ZLs6fwSJ-TQf5kemccqwCMWp4mccKEQ07NwzsPmb83TzUh_MsJSlijvwU-_NMwEKe6HgJjjzwuNKF4kDOmKEyY_GWRZwd_i_Ba49PlRI2eE&sai=AMfl-YQT27UvFNlTw8NQJ_Kv-ry2ETHVNUI0ldXKVE4Usj6EPd5Y8aS2JJDZGwZVtpU2LREA0kRRBvsS_BrJT10Bdx-ozJ0mXGgdn-fDMd_ZvLmazbYOxY1BYzIUFORBXfMqspYQhJx_uQLBAg&sig=Cg0ArKJSzC6WnnyCJJ5VEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E2C1B857B070D3EA36D7E51C02114995
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Frame ID: 2E0FE8321C1841DD2E0EB6BFC2D88148
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 2ABC2DE568F8B47D3314D9391C9BB24E
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C4F3DB8F73DE7023E83C0C1060EB5181
Requests: 6 HTTP requests in this frame

Frame: https://2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=15
Frame ID: 96CA86E3ED47372BADE3C1EC6C8E1828
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F32ABB41BCBCB1D3969A35AC94433F1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93E419E1C5AD55FDB32A3C156E708740
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUyAqDi39s353O3m0TvqpTTyM0PDHF99LlE3dXf3o4FEg67h7Ve5-qjC2cMIJ9OmvW1JaQVQLt56RhjJDxVmH0q3yGXM2VeCQJssQVpzUE5-9H5CLIY8EWOin7zsAo86ohnSsSjP2xXwl1HhXpzj57RxQ02heAQEamyg892b-_rNMvt_d0wbJFaMuCSODE8E5gfS0UioI_DxElBOrJfg1NXLnODkHEfwj7HHApRB9ZgZFeaoB2bmbN8fQjtLqeLq4JL8hRKjhKQ2qtT-s8jMCr60XnTEYq6SEXxmaqmpgXAolFAkUubNKwHZDVR6uLMzWrT-C8R4F0zjk9_BFOUpEhCsXuyS31Vl0TjfdUbJv4RuQx0fi3KIxz7v_tCoxVaEuQMv5RXHk&sai=AMfl-YTiiynqAuQR7tBFROyYS4RNuDgEXYMq3HqEggwSqAPY2rPJ75sLY6DP498Qvv6hN4WO0zifFKWH0GF_2RtLs8vfKH2laVGVLrZF0i-1W8f3GoXYOYjlFqmR7FYPOitjvrP1WQJCYMWVtA&sig=Cg0ArKJSzJ7Vc-3i8OZbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 81BADC8AEB673543F002797175289683
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Frame ID: 8D86FA0A726C819611ED295F3853F737
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 7BBA7BB8F8DBDBABDE81D887AECEF8E6
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: AEB77BCE5FF237C7B1229095668068CE
Requests: 5 HTTP requests in this frame

Frame: https://ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=18
Frame ID: C91AC699FA0D1E82EE5A4AD9FCE0F0E2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BFEEF91D73F6883B92DA3A88B4610BC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20E49705522473D5094C283343B3779E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

538
Requests

90 %
HTTPS

8 %
IPv6

53
Domains

88
Subdomains

72
IPs

7
Countries

7864 kB
Transfer

17777 kB
Size

72
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
Request Chain 28
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1 HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=76469100-d997-4c60-b064-00ec88c65b88
Request Chain 29
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id} HTTP 302
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=ad11b532aba7a43575a1b39c51609c77
Request Chain 30
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs
Request Chain 68
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 133
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 138
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 150
  • https://match.adsrvr.org/track/cmf/openx?oxid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=76469100-d997-4c60-b064-00ec88c65b88&ttd_puid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0&gdpr_consent=
Request Chain 151
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXUCa8Co8YQAAPcuTycAAAAA
Request Chain 152
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AX9PodXUPuotks8AEDmpkELhvs8AAAGMURF0qw
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
Request Chain 169
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Request Chain 171
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa0xoswNKVovgNa7iHwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Request Chain 172
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa0xoswNKVovgNa7iHwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Request Chain 175
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Request Chain 177
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa-jdDpdDGoRl10-HRAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Request Chain 181
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BGCHfv8_Bti7ZNmUbAJ1ZQ
Request Chain 182
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=2iDexx6LCQe9mbJvbAJ1ZQ
Request Chain 184
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o0QBVcC3D2yyj4idbAJ1ZQ
Request Chain 185
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=dxu4fXoMCE6Gwcy9bAJ1ZQ
Request Chain 187
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BRUF-VfVBw2i5b0VbAJ1ZQ
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 191
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMQq8onBBJtaUk8zTS4rzos&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQq8onBBJtaUk8zTS4rzos%26google_cver%3D1
Request Chain 288
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2OTI2NTQ1ODU2MzU5MjA2Ng%3D%3D
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
Request Chain 290
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4OGU2Y2QtMmI2Ni0yOWQyLWVlNzgtZjRhM2I3MTk2MDNi
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 312
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 313
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 333
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1&google_push=AXcoOmQCBYJE612BpKXxVdkrV7VRCx05EyAj-MSoLFS043yeklFuYFTnaRaH5nmPa8_rzmPTXWGWDlKY39Goth-rlV7WWGJtaoAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg4NDg2NTM5OTE4NzE2MzU5NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1
Request Chain 334
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEcLNu7XwG5D_RjvGKS07g0&google_cver=1&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJwNYBOoN1YYQTiWQhIVJag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJwNYBOoN1YYQTiWQhIVJag&google_hm=ZHFycUZHbFFmVUR6TXJPTko4d1B3aVZTUDdr&from_google=pc1
Request Chain 336
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJYOzhGNUCHD2NH67xRgVkU&google_cver=1&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nmZhXTPeaov_2TWcwCEmdlLokXAjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZUURFWFEtWS05OElU&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nmZhXTPeaov_2TWcwCEmdlLokXAjw
Request Chain 337
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_cver=1&google_push=AXcoOmTpe_PFTd-2zyP3F4vjdqOxofQWj1Oz0OChMPf_yKJYvHidqacOPVKTR29XK90ewH94HiNbySqKFoMKeOHc4AyuueTg8YLECw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_hm=ZXUCa0xoswNKVovgNa7iHwAAFaAAAAAB&google_nid=index&google_push=AXcoOmTpe_PFTd-2zyP3F4vjdqOxofQWj1Oz0OChMPf_yKJYvHidqacOPVKTR29XK90ewH94HiNbySqKFoMKeOHc4AyuueTg8YLECw
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 387
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 388
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 422
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 436
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 439
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 465
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 479
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 480
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 515
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Request Chain 527
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Request Chain 528
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ

538 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaOWLp
reurl.cc/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f8f18348868cc274bb3b8eb6d48a03024fa6d9578f96fffb03df39e52c7e1515

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 10 Dec 2023 00:12:24 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
1231d193-36af-496f-acc9-dc7c054bd94b
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 10 Dec 2023 00:12:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
3953511
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-tyo11923-TYO
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:30:12 GMT
content-encoding
gzip
via
1.1 google
age
6132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
c9d26446-15dd-437c-901e-4ad02e0bce4d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
pixel.js
storage.reurl.cc/javascripts/ 		429 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:08:56 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
11009
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
ac20f7f0-6702-4fd8-b12b-db480c6f6520
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:33:34 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
20331
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
023d0776-ca97-405a-bb33-a19af39e1051
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a0a41b2e8440fe710ba781b20fcd9adc8887c6be824ee2ed152d5e1a7a4caf8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93962
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Dec 2023 00:12:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
06da2b189c4d33bda507de07d05d2ea2b82054f85ed8a43debab0c23dc20d492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30281
x-xss-protection
0
server
cafe
etag
128 / 19701 / 31079991 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:25 GMT
onead-lib.min.js
ad-specs.guoshipartners.com/static/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
175.41.55.19 , Taiwan, ASN9505 (TWGATE-AP Taiwan Internet Gateway, TW),
Reverse DNS
175-41-55-19.twgate-ip.twgate.net
Software
HiNetCDN/2310 / OneAD
Resource Hash
818415c7bf8f7af5fc8a9bf30891d7c42653c4645eb34bc5e1c925046e349bb3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:24 GMT
via
1.1 google
content-encoding
br
age
0
x-powered-by
OneAD
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Fri, 08 Dec 2023 08:21:16 GMT
server
HiNetCDN/2310
etag
W/"6572d1fc-6631"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-varnish
510653
cache-control
public, max-age=360
access-control-allow-credentials
true
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 10 Dec 2023 00:12:25 GMT
x-content-type-options
nosniff
content-encoding
br
age
3960538
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-tyo11923-TYO
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 23:48:57 GMT
content-encoding
gzip
via
1.1 google
age
1407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
47b1c576-5405-4e26-a128-1ac24599119d
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
loading.js
storage.reurl.cc/javascripts/ 		134 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 23:24:29 GMT
content-encoding
gzip
via
1.1 google
age
2875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
0f2fb591-6ff8-4cb1-aa87-ef425113d579
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
isip.js
ad-specs.guoshipartners.com/static/js/ 		83 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad-specs.guoshipartners.com/static/js/isip.js
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/onead-lib.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
175.41.55.19 , Taiwan, ASN9505 (TWGATE-AP Taiwan Internet Gateway, TW),
Reverse DNS
175-41-55-19.twgate-ip.twgate.net
Software
HiNetCDN/2310 / OneAD
Resource Hash
ddfe7905bb4acd782a1630ce8a0ab4d32caf3e9e734111a922098a6ff3467799

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
via
1.1 google
content-encoding
br
age
349
x-powered-by
OneAD
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
last-modified
Thu, 30 Nov 2023 03:47:16 GMT
server
HiNetCDN/2310
etag
W/"656805c4-14a18"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-varnish
133959894 100165360
cache-control
public, max-age=360
access-control-allow-credentials
true
page.php
www.facebook.com/plugins/ Frame 6E10 		93 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
aa1cc068a8abd222279eea8f314ec0d11dd140e9db17702031f88a15d623fb23
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:25 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
PjFxg9W8gAFuKOzdxZbvAK0jGiewLfcMmob6rxVNK9u7bmNohUNk8TlL7jKASYopeSeyx95qHaKeqwKVCSKwyg==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
8c48fafd69a01c418c2b5b03ee09e2292736defc99693680f13e1e57e0c6918a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1d98-Gj10+U2zLudDOaz3ONMES5PLXbU"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7576
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Dec 2023 00:12:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Afc1so3Ps3gJ0bg34obtQOtnGqseHoJN3sJeQYCd7Nzk2NgjolxhILV8vyTTYcTzLr3LPs+vHaZNy59ZbpoEuw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 22:42:49 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5376
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 10 Dec 2023 00:42:49 GMT
oid
onead.onevision.com.tw/v2/et/ 		329 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/et/oid?cb=window.ONEAD_etag_cscb
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/isip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
a3d330dfdf5b301b089077172aba206dc3ef1f146ee7d5f90c8fce3a9d2b4600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend
onead-http-event-zg4b-gohttp
content-length
329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
last-modified
Sun, 10 Dec 2023 00:12:25 GMT
server
gws
etag
cc0060be-96f0-11ee-b4f2-0242ac130002
content-type
application/javascript
access-control-allow-origin
*
x-varnish
25193387
cache-control
max-age=600
access-control-allow-credentials
true
x-onead-version
c0099aeb
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
mocpogo_01.jpg
asset.re-news.tw/images/ 		427 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 23:32:09 GMT
via
1.1 google
age
2416
x-guploader-uploadid
ABPtcPq2r3tUahs0ZDJL-4uyWdvgZsxLWsGuJvqTQdQaM0MVabfSX4XDlLij9KLA89ofYqI185bSTgipJMeMMES-KnaoRvqRAGdE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437364
last-modified
Wed, 18 Oct 2023 12:58:27 GMT
server
UploadServer
etag
"2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation
1697633907721269
x-goog-hash
crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
437364
accept-ranges
bytes
1702122653-f3ccdd27d2000e3f9255a7e3e2c48800-840x525.jpg
img.gbyhn.com.tw/2023/12/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1702122653-f3ccdd27d2000e3f9255a7e3e2c48800-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94c9a1dd16b7c2a814fc4d39a9b7ca179dc5bc1d5468d849bc0a98d72ce5acdf

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39886
alt-svc
h3=":443"; ma=86400
content-length
99289
last-modified
Sat, 09 Dec 2023 11:50:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsO%2Biup%2BsR95uPSSo31ObnIvwSBn0Y7jqwKjwP18SeCnmARHzJoOJgPPMSmC9u42%2FQr5ZI7VFAkeH8jw93dlhdKE6D1vXWt9GEl3iHxqcrxZHmWEBw6oDjXY6iVAR7toU1ad"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
833146b55e9e8a86-NRT
expires
Sat, 16 Dec 2023 12:02:18 GMT
ESR_Logo_Logo.jpg
mma.prnasia.com/media2/1876479/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1876479/ESR_Logo_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.238.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
cf-cache-status
HIT
age
38825
x-powered-by
ASP.NET
server-timing
intid;desc=86948cdb1e2055f4
content-length
18053
cf-bgj
h2pri
last-modified
Sat, 09 Dec 2023 13:14:09 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
833146b558362641-NRT
access-control-allow-headers
Content-Type
expires
Sat, 09 Dec 2023 13:14:10 GMT
2023120802095359.jpg
img.racingcharger.tw/wp-content/uploads/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023120802095359.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
last-modified
Fri, 08 Dec 2023 02:09:57 GMT
server
Apache
accept-ranges
bytes
content-length
314534
content-type
image/jpeg
2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/01/2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
50242
x-nc
HIT bur 4
last-modified
Thu, 30 Nov 2023 05:13:28 GMT
server
nginx
etag
"fe1c2850a81cccd5"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sat, 29 Nov 2025 17:13:28 GMT
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Sun, 10 Dec 2023 00:12:25 GMT
expires
Sun, 08 Dec 2024 15:49:01 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-59.nrt57.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 955146e21376628b0f1d57e43c48d40c.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C2
age
4971245
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
LH5d7Ubh_d09zWfm6Sd0_m2-Jkq_7H1Tkbp0Po-0zkF51DgE5KyVNQ==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
109448
x-nc
HIT nrt 8
last-modified
Fri, 13 Oct 2023 09:02:46 GMT
server
nginx
etag
"ab5b506272fb167b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires
Sun, 12 Oct 2025 21:02:46 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Sun, 17 Dec 2023 00:12:25 GMT
adsrv
onead.onevision.com.tw/v2/ 		165 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://onead.onevision.com.tw/v2/adsrv?adid=&category=-1&cookie=true&uid=1000480&ip=&volume=0&channel=0&isip_index=0&pb=1&slot_limit_width=970&slot_limit_height=420&slot_limit_inread_width=640&slot_limit_inread_height=420&web_location=https%3A%2F%2Freurl.cc%2FgaOWLp&r=&title=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8+-+reurl&fp=3593eac944e3966720703aee2f44baa2&guid=cc0060cb-96f0-11ee-b4f2-0242ac130002&_t=1702167145422&scopes[]=spotbuy&scopes[]=speed
Requested by
Host: ad-specs.guoshipartners.com
URL: https://ad-specs.guoshipartners.com/static/js/isip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
08d4228cb1c62f985c148c85cfaa4c4dd83707191f6418f197d28504682db0dc

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
via
1.1 google
age
0
x-powered-by
OneAD
x-onead-message
out-of-freq
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend
onead-http-query-32x5-gohttp
content-length
165
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
gws
x-onead-guid
cc0060cb-96f0-11ee-b4f2-0242ac130002
content-type
application/javascript
access-control-allow-origin
*
x-varnish
893351
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-version
c0099aeb
accept-ranges
bytes
expires
Mon, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8FFD 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
dd2bc5fd7e0060c445c944aef606adf497674afad62d1946816e062ae166a5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30279
x-xss-protection
0
server
cafe
etag
925 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:25 GMT
cms
ups.analytics.yahoo.com/ups/58791/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=OneDATA
  • https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
0
0
ttd
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=r1jlltl&ttd_tpi=1
  • https://onead.onevision.com.tw/v2/pixel/ttd?id=76469100-d997-4c60-b064-00ec88c65b88
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ttd?id=76469100-d997-4c60-b064-00ec88c65b88
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:25 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-status
okay
x-onead-backend
onead-http-event-zg4b-gohttp
content-length
170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
server
gws
x-vendor-client-id
76469100-d997-4c60-b064-00ec88c65b88
content-type
image/png
x-varnish
23296052
x-vendor
ttd
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-version
c0099aeb
accept-ranges
bytes
access-control-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://onead.onevision.com.tw/v2/pixel/ttd?id=76469100-d997-4c60-b064-00ec88c65b88
date
Sun, 10 Dec 2023 00:12:25 GMT
server
Kestrel
content-length
197
ltm
onead.onevision.com.tw/v2/pixel/
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://bcp.crwdcntrl.net/map/ct=y/c=15135/tp=ONEA/?https://onead.onevision.com.tw/v2/pixel/ltm?id=${profile_id}
  • https://onead.onevision.com.tw/v2/pixel/ltm?id=ad11b532aba7a43575a1b39c51609c77
170 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/pixel/ltm?id=ad11b532aba7a43575a1b39c51609c77
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
107.178.241.176 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-status
okay
x-onead-backend
onead-http-event-zg4b-gohttp
content-length
170
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
last-modified
Tue, 27 Oct 2020 13:57:49 GMT
server
gws
x-vendor-client-id
ad11b532aba7a43575a1b39c51609c77
content-type
image/png
x-varnish
23975095
x-vendor
ltm
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-version
c0099aeb
accept-ranges
bytes
access-control-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://onead.onevision.com.tw/v2/pixel/ltm?id=ad11b532aba7a43575a1b39c51609c77
cache-control
no-cache
x-server
10.42.10.233
content-length
0
expires
0
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs
  • https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Server
18.182.162.20 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-162-20.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Sun, 10 Dec 2023 00:12:25 GMT
Content-Length
1304
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=3m51m51&uid=cc0060cb-96f0-11ee-b4f2-0242ac130002&t=ajs
Date
Sun, 10 Dec 2023 00:12:25 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Dec 2023 00:12:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33827
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kpRI2wNf7BkFRV0OJLv/+yUML+6J/QcGS9Y1RcbgyCm0GE5gxJ+lrRVpG4kUIqcZOpCaW+Xh5LZxGJb+G4OImA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 6E10 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QZ/F21WCMvVioyUwMJMxZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5281
reporting-endpoints
x-fb-debug
UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:50:30 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 6E10 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
l5RQhyVd8URxzkkmUrIhL+M56zEKkSZ0id7WmGRMbRXrJTsAJE2/YNv19SA89mg3EZ6VqCHNVElAs6c/IMAp4w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 23:18:01 GMT
3-b-uOZP-xr.css
static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,ja_JP/ Frame 6E10 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yn/l/0,ja_JP/3-b-uOZP-xr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
371efc0115ad875d3c13d4949c769a620a7e3281360130b1213394ea3a076591
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jRfVbDVk7GDyS7cYEB9/Hw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4900
reporting-endpoints
x-fb-debug
j21KZRUAxiXMibHGzB1aHoEhYogod+R5VO8eMbqO3UMoxySYThIfctNnuTnpZ4/8t8+TFgxgztV64an3EDcHig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 04:06:01 GMT
JS2LsxE-gw3.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6E10 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Veg+9swSo/ybchlTfP+avA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93749
reporting-endpoints
x-fb-debug
GILntJGFlzWPcAkfpFiCETadOEgFC7qAmnMiwNYjd8KEFZ+OV7kRr8nHL5UYo17PGD7yFZBQnrEzltxNivpk1A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:11:38 GMT
YJcyY7izLGB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6E10 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qj5bFqqBeNQLu7uSNkxJ/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27471
reporting-endpoints
x-fb-debug
7pUWswxC/faPP6SIN2aiiUUQxamcHXWruFIDOdfiMWgW0/j0h6/LCupP9FtI6bfMa5FkmOrXN8xj48mgaXNtRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:33 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 6E10 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
5ktdl38nnKDsn9IiNqlPm0x/hIIGePfp/hs1vcHneiFjH81tgrSqVPa/w2GHGbsT/H6Qts+4gMFfcyNsRe9n8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:21:08 GMT
Oqf9IHnbxLu.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 6E10 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Oqf9IHnbxLu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9MINgIqN0461ojiNiqiKIw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16842
reporting-endpoints
x-fb-debug
SjMFODvd+BIlsGmjF64Jh6VbuJD+rihtJes+rfQ9OznVleQerPmwfxtTnqHN0o2uNbEa/zOBTP3Qy9GNN7lB7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 17:31:34 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6E10 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
kUrCp987F5r.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/ Frame 6E10 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/kUrCp987F5r.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
cO3XBqtxUlL4qpnQkU3adQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7937
reporting-endpoints
x-fb-debug
O88ACbMuCfMc6vwIvp1vSyiiF7D2DTMV1/VJ9hFlOEVXQtYKEkijANavF+nfKT9SgZKdf8lSUO0HX4CqekzYDg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:00:29 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 6E10 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:01 GMT
a5lyNsAxenJ.js
static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/ Frame 6E10 		348 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/a5lyNsAxenJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
0Ycn4CdUMcQu52zpN8q4Lw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83382
reporting-endpoints
x-fb-debug
xJ/0uPuH6eBroeGEwsJMwDzR2bFakJbrQgevVXnsOqi8dyyQ6hakXyc4vsayO2GrruWlKrKliDayIVG74Nocew==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:00:41 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 6E10 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
qb2Dj7XLRaI.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 6E10 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4Adm+FXxkwDjHgLJ9sF/4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17829
reporting-endpoints
x-fb-debug
nyW4pDFbyjuixRtKkdd8/1tMamMQWBHb9rOxRUCaNeTPs5odfRh8GKReCYsHmyuNL7tiIBRj3caQCxT6iu7rEQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:14:55 GMT
8ymKMCefWgD.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 6E10 		209 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/8ymKMCefWgD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
30iKdJ7w93p6Ga9jpgjUMg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60955
reporting-endpoints
x-fb-debug
q9TXbFzKaCSE8ncbx788ZypFR0zZUoIwUDi49A3p4F8NMBanpwzKYgLF+vUwuwsn/WsxWanzyTdZAA5ktXHbog==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 07 Dec 2024 23:30:26 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 6E10 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
k/Yu4P7DehhOc6HhJ1VTs/0YTUCjF/jB7QpDBMr6Apapx3wP3WarngcdrGvViniqPJLfW/5Fb6A3kfRdQZdMtA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 26 Nov 2024 06:33:45 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 6E10 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 19:20:18 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent.fngo4-1.fna.fbcdn.net/v/t39.30808-6/ Frame 6E10 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fngo4-1.fna.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=KF7ckY7Fk7IAX9BgD1p&_nc_ht=scontent.fngo4-1.fna&edm=ADwHzz8EAAAA&oh=00_AfAX95ZtOZE1dEgDwKRjcHrLokefPUD7wd7rj_cb_zRAdg&oe=65798585
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.142.229.147 Matsubara, Japan, ASN18126 (CTCX Chubu Telecommunications Company, Inc., JP),
Reverse DNS
r-202-142-229-147.commufa.jp
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent.fngo4-1.fna.fbcdn.net/v/t39.30808-1/ Frame 6E10 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fngo4-1.fna.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=yWJeOfJyZqcAX-LCn8F&_nc_ht=scontent.fngo4-1.fna&edm=ADwHzz8EAAAA&oh=00_AfDFlzQtiysraBJ3z5o2zFewFUV3Jf6bHZ1G5wWI9x_64w&oe=657A3F55
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.142.229.147 Matsubara, Japan, ASN18126 (CTCX Chubu Telecommunications Company, Inc., JP),
Reverse DNS
r-202-142-229-147.commufa.jp
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBAh2Tf8ETnXwEAKFgQec1ZjFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=48884428&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=619475905&gjid=1962299813&cid=771304031.1702167146&tid=UA-102456694-1&_gid=1255475582.1702167146&_r=1&_slc=1&z=311001870
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=48884428&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MjIyLjkuMjMzLjc&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=771304031.1702167146&tid=UA-102456694-1&_gid=1255475582.1702167146&z=1764273958
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 15:22:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31778
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 8FFD 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70902
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702167146103&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702167146100.1417066294&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702167145790&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 10 Dec 2023 00:12:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702167145233&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=771304031.1702167146&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702167146&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1643
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=771304031.1702167146&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=771304031.1702167146&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=337821302
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:36:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
45363
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 11:36:23 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=771304031.1702167146&jid=619475905&gjid=1962299813&_gid=1255475582.1702167146&_u=IEBAAEAAAAAAACAAI~&z=1309706555
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.8.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tb-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:26 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
275510
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
833146ba1c5f8a60-NRT
expires
Wed, 13 Dec 2023 00:12:26 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 13:29:10 GMT
content-encoding
gzip
age
384196
x-guploader-uploadid
ABPtcPrDbMU7J-92oWg-tNRKxF-QDy1NEDvpi98ElAyfNJABMrdlSpSxTOTK6Slg7WCQwdqIfXKjIA5zXDidOU0IQ-jGPCZCTlFN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 04 Dec 2024 13:29:10 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
fa64da9691a88b96276c9f5fb499fb92
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-102.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:45:03 GMT
content-encoding
gzip
via
1.1 3358dad524ffe91108e2a678aaa49dca.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
19665
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
gu6JUO93ffx2ooUtXOlN37hA70QcH2aIIixHCe7sNBqUl9gyuIJ5PA==
ads
securepubads.g.doubleclick.net/gampad/ 		139 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2968135424283770&correlator=2127372032886377&eid=31079991&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702167146374&lmt=1702167146&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=771304031.1702167146&ga_sid=1702167146&ga_hid=48884428&ga_fc=true&dlt=1702167144824&idt=1524&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5431f39064874a3ee6e34341192aee4027988937d76e95bdd5beb63304a048b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32572
x-xss-protection
0
google-lineitem-id
-1,-1,-1,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D376 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
expires
Mon, 09 Dec 2024 00:12:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8FFD 		64 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=595626880121956&correlator=1426282806901830&eid=31077976%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CMW_%E8%93%8B%E7%89%88_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C320x480&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702167146565&lmt=1702167146&adxs=800&adys=610&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=el3mvggkbdk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167147&ga_hid=64128491&ga_fc=true&dlt=1702167145546&idt=993&adks=3618862931&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bb8f5846dd9376fbd3a35c9af2dbadcf3cee098329feeab411a86b7ff6c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15227
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
expires
Mon, 09 Dec 2024 00:12:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
cf5338de1fb63046ab4e67bfd3cc7c07c56a0b31763cac892db1566e75237d4f

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-3y2Ep4yEj4myj7XsLKQeJVmJizU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 10 Dec 2023 00:12:26 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		235 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.225.254 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-225-254.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b0af161c403d0e5eeedf30f3b8a1ccdc5f1cba57035214c8103acfebd683d847

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.13.171
access-control-allow-credentials
true
content-length
235
expires
0
container.html
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
expires
Mon, 09 Dec 2024 00:12:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
expires
Mon, 09 Dec 2024 00:12:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E077 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
expires
Mon, 09 Dec 2024 00:12:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 404E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuewhK4EpJDv8MhZsh2sCGmd3khLDXGBBCExUoUMUcLW-0SQTknN0yex9SiLyZYl8xTHwfobIy3fSjaf-uer33XTr5ugaGPKxdF3LmBuir0KBr0Zn8mjdC_aOgyygmVbXZgG1RC0XaINEVWzJmiEEQOqCsCxAG49CqaxIdUCOb28DIvCa5qAYncRY_4pyQsmir2BAmMaSDg7NGqEmeAzJsI8X4LkdE-htuwgbTY3aHFZpCJ1gFEy8ARzi-8ciWTNgANKF72Je11HujzwbvkExJJ2lnQVVkhqdstHBEzmDrTW901Es-0XDqqFte1xmC9RxgHsQs_9Q9yemS24X9RsFMVm38TSdzE1Q_GXlhIlrP6AAAuE0KOsUp7ssZLctJg&sai=AMfl-YR6td2N2yE8MQ4GJrfFemDsON-tshUFIJEooMeMfaHrRiidOrfJfHbhi7K8eJIBc7fGmfPMKCkSmvqxnNQvdOpiDyM8jd9ePkljUZB9Pwer4iAsRgQrKdlTzTGTqdk-Rx9zO3hYvRqBAF9Be699wUgqw_axpAAxqJX4_g&sig=Cg0ArKJSzEv3AXfOEdMTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:26 GMT
init.js
cdn.holmesmind.com/js/ Frame 404E 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
Kh5o_EtBeY8mqcSxDvkt-DwwaU8cWGfIXVJW7__40-giceZkUB9Jrw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 404E 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSZwzprdxcPM1vfvQKiXtSzdPy_tisbqSGDMZmMu5heGLaWrASdy1_QkBSwvetSFrHUS1Ti1iu75kQ5aCltLa2sI-t75LLiFsr7ifhOsAhF66ISxgKYcd0hwJPtZ9yxCYdOywDNEaa99yrvSPKpBi9WtVZxIBJod2pVaelsEHWBvVsC4fln8_p0p_Eo8JrrnpIorH7MUTrI8jP-TY-dXDsErhvYD0y9RMeDz1cQk3zUDL9eAWV5RVzHK_7_UInDVAksAHUvKeiKmJgcqjS-uAZ7YoIBaDwRNQbZiJQfQ2HElWu7uOQ4Gl8w6AeHy-q9Gq1bXeA-pnpmw1wiEXE8Mt-DJB0jw8cMKcIY8NJUQe650pO99RytcBmVt4HSwdH&sai=AMfl-YRs9TSbB-oSh5ZKx9YrrN4yBUxOni21D3U4WiPV0dWgr6q9CTrP8eAZFbYijaz6xPIkucGDWUFaradPWQBzproQtr2dcf4ZQzKQGl4WdSEln65bKy7rPwZpjGPkS6WnYJj717vlxqqKCEgaqyRr6u658Foo5ieSY2QaGg&sig=Cg0ArKJSzCea_fcBaHViEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:26 GMT
init.js
cdn.holmesmind.com/js/ Frame FB1C 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
R-wddeDgfMqtlaVuU0SZolVEKMxw6xJcp0ssBvXEll9eSZD7GiB2Uw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FB1C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js?cb=31079991
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=771304031.1702167146&jid=619475905&_u=IEBAAEAAAAAAACAAI~&z=17592952
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=771304031.1702167146&jid=619475905&_u=IEBAAEAAAAAAACAAI~&z=17592952
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6E10 		573 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
hunL/IAdcY3BvlJMCcr6IKE0jX4LAhF7cJqtIBqXywI6yCJNyqlJvzl9Elna90yfg1stP2h0+Z+EM/8NhlICeg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Nov 2024 18:20:20 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 6E10 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame 6E10 		955 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45520df7de4a64c0fe03411f3c1dc3aed115b2d583d367df5613cc7be92543a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
qr1pZJF6d9Iu9oWQvESbZg
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Dec 2023 00:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
677kbPkvIfberIpI3cEyj32Phb7y7UbYaXMu+8ERgfrmFxGCEHNBLbMxrjjfxZvmyfA4CmVQXHCHVTkWV6WREA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 6E10 		955 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
984117ec1cd84b711ce5b26ea8272e6290b2e8240ea7b764bebfc2ee540632b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
qr1pZJF6d9Iu9oWQvESbZg
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Dec 2023 00:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
MBHpltEfWTGkWdGRGIDc+f9CJbWnOc5ACaX08ysfU9uz0l4Pfg+S8UrC596CKjL+JCVaidn7S3KLtchED2hQJw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7D68 		448 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUp2YQQ9S8fzFoL8sNXwFZzqhM4gLPMOrnFiGPcvPpPbQr7Vp3RuDxMTptVzfIjtza7Duy8o8VAD-0LNZ8F6dSH_-5rTw
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AB8F 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8F 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIN0q6zMQ-cMRuo0O72hoMum6HZ84z4jQ2uizr9JVswFUw6LiRN6PdQogYALWjQtR51tWWT5NeVLnVEe82GGONKkjdRRCSvIdbuW9cMCsgAHYuYbo
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/adfscript/ Frame AB8F 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfscript/?bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CtF-yagJ1ZdSGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9AWRCBrT1NwjiO33NEBSfRJW-2Kg2uuAVBNfIwhHq3XHnpdzZC8xxY2BUYE3RW-A6NXCF-MVGUg1jjiVvYDP0_f4iVdpaBw4VkVpLFDNV1w0Z8tdObwddAhfRxFRYIvMwNJYQzjW3m6PxnQKUfUOqC_rjNONwuZ3SmVYmbXenCgEnGlrY84X_odICq8rqbffj4gAVPvttZZtaMb8uciX3V1lXzSeoe0j0pyKRKvv8TSFEay7MNuX4njN3TVU4dBobaWyUs5JFgSHP077vCdoOFhuJNPtbX_eeTdSCoR7GmxRs9zN8WfylYGhpIPwBYpZl2el_ALH3NyjfCl2y-dugkAqtmKI_nKFPF2WZXH1bNy5ynohvfMQ8AEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIi6fx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_0tiGhv38F35dEYgSGAr1Wqn63S-Q&client=ca-pub-4485239425924787&dbm_c=AKAmf-AmyW8aPMKr5-X6sAd1ty74xCzC69-rFfWmWXxPRCt3c-pF1xwMoOKR6xprMhJPH3z3PIJfKyJ-KpFid-cQj1Ste4kRcVU12ixuADZFN4mL7xbB9so2swltEF0HNPt85IKp9IAI3iriyMR7tyV87jol2tOUwbVuRL_mHyeaisweO5HB17M&cry=1&dbm_d=AKAmf-CXiP4Q22jlB59Axt-ADc7Ps5dhVy0FUfj5opJjC1SUB6VATrQ7enHG8Lqew_2hSYZnvZryXCj-WH9ODJdRxDLQJv_Ws-01rBLr70VhzY38BClmNV2mOfrvnKadfDKuPA0uB8tDCrf4ZqsqtOK8WfyhS1jVtkV3p6iykUgDZn-naDBVAHxdwElyCmrcOnxukNqymRFBfiG_esxs2YUicDusBnStzW873sTMkBJcfa749vUSTYITNTIHohDbIxuf-FZRTb5IUzrbIA9hD4wI4QIBxornkSOpKJDejeBB0571H9XCqaOWstf0A_AdhNrMb0dfCgWKjYd8iFIgjz6mwnyO9PCaTNuUDiveFwAnSi6gCotAx5Ad2J2iG4dQgfcs2PaxbRL5GDlSmnUWEgHZU263fJTlfddj4ammsncuJ2KGuwCBJbRUnUxN0GO-Y9G6HNtzwWjZKVI3LFWr1pJoi0my-5iRGoOhfNJ7wslXCv9lcwr6IIZnKUezL-qp-19gz0cFXivDnCUokpbOPpYAPbKxfekL_CfFH8BRNzro2IRiyskbrp8&adurl=
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1b5b48a8156cf1e817677b642678f7f247c4e090ccde142e47f3e7eda6fb3e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2468
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AB8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AB8F 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AB8F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6029 		448 B
256 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhjMic_-ATAB&v=APEucNUhbiAQbFm-Tck2vFrFQnRg-fIc4Z74IwFonMduBD4A97ukgqGEOA_Njw53oB3c8KuM44bCW4UtxXRubT03TYYFQ39vTw
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E9A1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A1 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DH0dVM8-qLfIW4w8PAiwshNvXDWkSnmRpqQNwYhGIS6l3ehMtDk873XfC4Pf8C4Gu8ejhKOawfq_GzBZJ7VUikpQxSkjR2CbLsl9cuHyL1WF2K-BQ
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/adfscript/ Frame E9A1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfscript/?bn=69660013;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXUgvagJ1ZdOGG72v7OsPjv2zsA-z9cbKdIfHz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJECT9BlDPzPVz_ZSJhE3i37w9IqF3XR625X3agVrsdSDqLlesibTy29z7uArlUTP32Nw1G9dJkLJLISMAjZs1pBy-L4MPfwX4YtmWZi5ddJdKuWvzD4mejKGWFfUbxsrmIjraC4SaOeWHySrYRz2Cpe0ZJQFBATEQ7xSXVQ69d25dJBl8gZBWRi8JdwpcLRws0NUl16i6J_4YtBU-Pc_Owhlbb9aFLHrZCuwSDArLH39gFwlaVU3UX_E1gomOEEBmf8YDKCrDtOblsR4HIpZ5aD0DItKPoB5Y00qKQLwF4EYTKMF_zJ-svsiMKuqIR9Z-kCyEYQUKQO7aXkq0TNVMeCJlN31mZ-yYZ2EdrQBQMw-xXowASYxe7F3QTgBAOIBY2QlbZNkAYBoAZNgAf27uW_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOliA7fDgyoODA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwiKp_HgyoODAxW9F3sHHY7-DPawE8vD4RXIE_i5-OMD0BMA2BMK2BQB0BUB-BYBgBcB6BcF&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_29-vlzSNXZJ5yv9iFmUtwevBHAkg&client=ca-pub-4485239425924787&dbm_c=AKAmf-BRa5GLE9ivdgHC7A5w9N8w8qB9NOIWihKLAw4GDRxpHlbEHSjv4u1IW3S5b0Hok8q3QwktPAL5Ug6QdVFyaegw_xLYjF-m2JeQyJYU1mV9_qKJhxLCPm2wqjxRshngdqDcs82MSruJdc1_OwOYXRjG8EE6rwhwZ13WARrE6U8x2YhlhpQ&cry=1&dbm_d=AKAmf-BfpVL7ngQDOECeX2HIjzuNEjOeuJLocMRi6-MsQ1YFtlIinWGiTZQkwhpJgAIfRNgWx-ddBiCAzYS48bnYTeSY_9aS3Oe3yNUxQUbdzutfCvZc4aR_jbyd_s8hcDREgmMaFIfZW7LKZM0VjOcvJ3dc5TPSgW01-5lZwUC5HaKwcClrbL91JHqsfegIOiViuF2kQZxsROzB8kcqXw2tOr6UtaZXEVBvfTotxvsN9rCNpLF-uf1pzroR8c1yZN4tAL_Kk3CwoRYymo5zuMm4ztv0vzBKe3l4kfjgyXL4sjpWGbGOPABoRrD26ASXK9qo3DnLtCvVRhnSZ9Ux3JFHpbPLygTcsj1qyS7dpXI-LLwtaKTuB8lQ6XWCEQRT-BK1tkzlVTQwknsjAjolKqJdeMDbuxH7dK1SVfiJWAtM4p8_40GtjDTXK6s16z0lfCLEQlpu4A-7e9kXsm9aXI2zUcCFGamh9OLT3zjpTOmmE_6M65uMwsIuHFZMbE-oO9c6pFL1cyUdWz7_alteLkya3_eUv2jKr-60U7vxSn5pOif4Br52tO4&adurl=
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9eb8ce9765e993eb33634e0b8eaa3370da2a4831ecdb1fb1939678004ada9d00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2479
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E9A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E9A1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E9A1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 452F 		448 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUv-f2Byx-cH-mBBoAevZLNzEc5rBR_-euJ-gD8ETKDamZjoRT-hq_19eU2rPrmHQoTcodARJ3_vlnfDOUCG-vjZjHRYQ
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E077 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E077 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CieBSWeitScpZB_uxD6omCdWXWe19l6CBVZZ6HTxrcBfSndDmZ4eGhbWCs57VKyfhLhM0OxDpNBog5xtwNqjcnfaUrggzjCFMU9CAcEqFExTvsxkc
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/adfscript/ Frame E077 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfscript/?bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Ck5onagJ1ZdWGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9Cb6UUOCvPM5F8U26btjnV_7EVShcnPhgFHsAl9XGSjACPGXQnMb9ksHLZoHFam837HA_Y8F1ECCSbeKow9GDscD9BsyBcTy64FuitY610e0K-kAsWaNJHxAiFDZ-CZKjz9pUw22n5D9a3Y0t6nq5bf7KExIYhUQ2OJaxpGoLdyNlEh0-ltfnvf74spjgK39Aue843lPQRxowB46cGGSqLFWYot65aMu7uV9b9q18Xo_d7OerbYBPSC2nKsTNjA2onvw7wvEDxa-kgmEEFlTch6Xtj4zXk4NI7-o0ZnBSOQMKR86X7IChX3AJOAygUE1TovahUfN7mMhVrQ0ms4DZVw5zZtG_Hu7w0CMeoUKs-H6gdsln2X_cAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIjKfx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_1JxuisuVrcuyi_DnfFoeLinL-_Ag&client=ca-pub-4485239425924787&dbm_c=AKAmf-C7o01CqXFh79feuqmSl4a03FMMFxRxlAoBhvriICvnP8BYtorq6gFCL6uPEBL_-ID7jdV8jIbaH0oL21bnazvv3KTXP_PxTGNJMAMyKI-TJ9zAmRXjHVTdYT3-uLfFl9WIZaSSOV43-uqNA9W_Zo2VYXzwETKSk2YFr2ek3P0M1uHrZLo&cry=1&dbm_d=AKAmf-CcnNuPHzDXjs3sOMClUuQtue6yJJVageND3RgCie-cMxKtEtSoq1kCjz9Az3Ae4MNfxbofjur7H6eKIDx1OOyGL-3LXtkMbxyZGtiojdIjIx0_ChID3xZ-GCszZ56wFxKHYxlAR3Ggc-W_kcFCIJzLtpzhXrwj5hRi7aIe8aCppGcIoxW9PmFe1pCSn31_K1XroUXquPgw8aZvu95vkJpMHogNcJrrPgN7B1ad6JnwGNVc7cn51kDydBKvOUd3InP5kQwbhEu9Ag-W_OpWElLk1Y0dMtdHcBCR3rSG5UDscxDwbR0WJWW6AxaqpUZVY1WV6LTX54Mtph6tZkSZq6w0gX01gkt59pKH5bQkFpZSAWIJb7glITPIda6CtSwc8q_14d0Pcc4IUJZNVUqRkOB6afCs4CbUOXTmvF7aDXYPoWhmTxC-P5tV5R6KMUE3hNtyFCsNo9ZtOJazQKexG4qoojbK0Su7xZppQ__BH_iWKX4blwinJsq9DgC-fxT1hOkHY6YgqE9dedYYL0w9mMyeZPGH_5qEYA-ntnGQZSWD7y_PMD8&adurl=
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bc15adb54ceec979b3d87cffac956115a68a75e9ab99d48587842bf97a63424e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2482
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E077 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E077 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E077 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:27 GMT
syncframe
gum.criteo.com/ Frame AC10 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:26 GMT
server
Kestrel
server-processing-duration-in-ticks
987128
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
b03rUpj3fKJ.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 6E10 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pG8ZphjXUfeB/6xAtn+7sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:34 GMT
C8LrV2fV5JS.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6E10 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uzIAFtOVooYStiVL9khrKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74671
reporting-endpoints
x-fb-debug
WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:47:54 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 6E10 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 18:22:49 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 6E10 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
Zly67A9uiK4BXlA1K7W2pLaoiRaq35m10NwiyooDLC4//RAIHzweNbT3qCxb1aUCKc+H8YZKPn2tPcNhycnndA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Nov 2024 21:02:34 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 6E10 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
8q9xXc98bDRZcu3b+M7gSHEFAjqRgMOziWN8kUd63Af7v88fW+rsCOju4i+EiodqNmECk0ZUHxP4MQ6wMmbaMg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Nov 2024 18:31:31 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame EA26 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:55:11 GMT
age
202636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:55:11 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA26 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:42:12 GMT
age
203415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:42:12 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA26 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 18:34:10 GMT
age
106697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 18:34:10 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA26 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 06 Dec 2023 19:42:08 GMT
age
275419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Dec 2024 19:42:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame EA26 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 15:58:35 GMT
age
202432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 15:58:35 GMT
css
fonts.googleapis.com/ Frame EA26 		670 B
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E9%AB%98%E7%B0%A1%E5%8D%98%E4%BF%A1%E3%82%92%E3%83%88%E9%A0%BC%E3%81%84%E3%81%A7%E6%AF%94%E3%81%8F%E7%B5%8C%E3%83%95%E7%90%86%E3%81%AB%E7%AE%A1%E6%80%A7%E6%A5%AD%E6%96%99%E8%BC%83%E7%84%A1%E9%96%8B%E3%82%BD%E4%BD%9C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f10.1e100.net
Software
ESF /
Resource Hash
4fb2ce584152b13d1e5468ee6480541f2f3e25bb33a38cf8fe48223ab7d7d2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 00:12:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 00:12:27 GMT
css
fonts.googleapis.com/ Frame EA26 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f10.1e100.net
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 22:27:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 00:12:27 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA26 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 13:37:46 GMT
x-content-type-options
nosniff
server
cafe
age
38081
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sun, 10 Dec 2023 13:37:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame EA26 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
16170
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 10 Dec 2023 19:42:57 GMT
truncated
/ Frame EA26 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c51535809496e5139313bf5110e0aa887d0cefb6ae8f7f5dbb116b35fe85c2

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
pd
google-bidout-d.openx.net/w/1.0/ Frame 2AEE 		484 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d9ef701c575eed6b2882caea43d4efcb1ffd001b4bdd60cedca5d54c6da33564

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
308
content-type
text/html
date
Sun, 10 Dec 2023 00:12:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
capmapping.htm
cdn.holmesmind.com/js/ Frame 7C11 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
58
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:11:50 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
ylrW2ss9Sx5LLlP1ICpvCcD5HKZZ1YRuwRx2htF_Fy7Wcojz1GXkmw==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 7A5F 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
q-V6KUpFFuLuZL0nDFsyq_FmGvyxoM-Sd4DNau1kIBcTZaGwVJOCgg==
capmapping.htm
cdn.holmesmind.com/js/ Frame 26F7 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
58
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:11:50 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
IlSiBEK_EUUTPP8wBs0kSQBP2re1OpTf_yQXrE9vY9H8CIVqYOiqMw==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 9B91 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
pVTEcY_QjGQe9NhgtMMEEQ4rOBRiMMQnkd6gRmPWg14MF5FhVMyHBA==
/
cm.lndata.com/ Frame 7C11 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:27 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame BBA4 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 00:12:27 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame A6C6 		39 B
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 00:12:30 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 7C11 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.230.11.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-11-166.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Dec 2023 00:12:27 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 7C11 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:27 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 7C11 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 7C11
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 7C11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
x-guploader-uploadid
ABPtcPokiE3S99facDXlhVFB0r8_5p9H1tznsmQ6tF_gcWJG4lsPPZ41pl3LJotcwOBqj3ICFFOSFJjQlFp18_aad0W0qg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 6E10 		213 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
OLjghb5kADYd0BXUDGICfOdp+Bv8hRzVR1CvMSC+V798Snd7RCWlLsbvOGtc8fwyyiHPVh6YJiHG3APzOvzayw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 30 Nov 2024 22:41:13 GMT
/
cm.lndata.com/ Frame 26F7 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:27 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 26F7 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 26F7
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
fp
cm-dev-poc.holmesmind.com/ Frame B87C 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 00:12:27 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 3F99 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 00:12:27 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 26F7 		409 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.230.11.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-11-166.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 10 Dec 2023 00:12:27 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
google
m.holmesmind.com/ml/ Frame 26F7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
x-guploader-uploadid
ABPtcPrHMWr7gGA434x4zkSYw8MfpI8YT-4rTypErib7Z80BbxdjeIu2hq5KwPWa5mumVIuCg609mukHkfxeW2gOZPpYfQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 7A5F 		1 KB
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 7A5F 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
41
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
2ejHVqqhCKvArFktti3bq5qVtEJlxAu7b3oZan96ufKKGhdxD_QaJw==
Preset.js
ad.holmesmind.com/adserver/ Frame 9B91 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 9B91 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
41
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
rgPGCKkIhUsxz-g4DbbfQTCZIr-mjhA7RXXmIORdvAQirTiIkVjGuA==
/
www.facebook.com/login/ Frame 6E10 		0
0
/
www.facebook.com/login/ Frame 6E10 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 10 Dec 2023 00:12:27 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
OInxeLt1D9jTOW75GiiVDhftF2kHGu4sOshCHrcHrBvathX6//QTKddq5Eqyatae97Nwa37ozdvpQLGXoocecQ==
x-frame-options
DENY
x-xss-protection
0
truncated
/ Frame 404E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93706d809ab7b9b2e5fe4934279874a3ca51236dd04fc35b91c93cb9ff302ee3

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 2AEE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=76469100-d997-4c60-b064-00ec88c65b88&ttd_puid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0&gdpr_consent=
43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=76469100-d997-4c60-b064-00ec88c65b88&ttd_puid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=76469100-d997-4c60-b064-00ec88c65b88&ttd_puid=01e73507-e211-7776-fb98-ae1a7dfbae5b&gdpr=0&gdpr_consent=
date
Sun, 10 Dec 2023 00:12:27 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 2AEE
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXUCa8Co8YQAAPcuTycAAAAA
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXUCa8Co8YQAAPcuTycAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 10 Dec 2023 00:12:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"222.9.233.7","key":"ZXUCa8Co8YQAAPcuTycAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad445"}
X-SO-Key
ZXUCa8Co8YQAAPcuTycAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad445
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXUCa8Co8YQAAPcuTycAAAAA
Cache-Control
private
X-SO-HostName
m-ad445.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-IP
222.9.233.7
sd
jp-u.openx.net/w/1.0/ Frame 2AEE
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AX9PodXUPuotks8AEDmpkELhvs8AAAGMURF0qw
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AX9PodXUPuotks8AEDmpkELhvs8AAAGMURF0qw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 c7f3213e2a3260f1c4aa8c8f7832ebbc.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AX9PodXUPuotks8AEDmpkELhvs8AAAGMURF0qw
cache-control
no-cache
content-length
0
x-amz-cf-id
BjU9csV3Ed-xK3p2KunPFNQfIdD3OQbVzjMqxZUelBStVwYNYiv8DA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2AEE 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4OGU2Y2QtMmI2Ni0yOWQyLWVlNzgtZjRhM2I3MTk2MDNi
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2AEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 7C11 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Dec 2023 00:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
O7G2NmN+yQGyU9cRt7jRyM4AUMseWfuSzOUjk4I50LKMyBqWW3Grapd3dSuXSZHRuEAut8KFayNU7gllYjDKQA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 26F7 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Dec 2023 00:12:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
O7G2NmN+yQGyU9cRt7jRyM4AUMseWfuSzOUjk4I50LKMyBqWW3Grapd3dSuXSZHRuEAut8KFayNU7gllYjDKQA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bz
www.facebook.com/ajax/ Frame 6E10 		0
0
truncated
/ Frame FB1C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31d1d419bbd8e12de3817cf91b6f9dfd3183339ec76a7ae7f5a1f902aefbd854

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
ads.js
ad.holmesmind.com/adserver/ Frame 7A5F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=965&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c2c68ba8441904ceaae9251f716744bd2517511fe0dddbc0f88117cfbd95841a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 7A5F 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
52
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
NXU5o4u0q_Fwl8IWj-sQ-9C0RY74zEYlOXxdvVl1PmT6qFdrnGyf_A==
publishertag.js
static.criteo.net/js/ld/ Frame 7A5F 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:27 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 7A5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:42 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
46
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
7N8fbU3IhG6mA7KCKi0nVtApW2NeTRVRDRsVWhtvgxyOJRyktpfYgg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 7A5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
52
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
KUcXCJeO8YkEAZAwgQxDTwAA1WdzGJapdJPQ3HxSwTjQRq1O3nRwNQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 7A5F 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
57
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
kpo8pbS-R-rKb6MEjCbDdyiLY7aEyXvtquMXWxEVZGSAqvFsJLm_7g==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 7A5F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
3
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
aRXebsb55m1hiOHkUMSVR5rnAawk0eFJLNglDrwDzDGoAeju3PKHXA==
ads.js
ad.holmesmind.com/adserver/ Frame 9B91 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=568&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
92e3a81ef39b493f91563bb0f7c7a2cd0b579f7742610ed2ce982c35cddbca74

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
appierV2.js
cdn.holmesmind.com/js/ Frame 9B91 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
57
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
vxX-GXZCCXTDIFZnAgPD5lgD8PITZlbIG7LxLGlKRJbqnS8C0cxvVw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9B91 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
3
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
EfSlUR9O4GctVQtxhIoONJxS02rknsnp98FyH4kzRqPr4AxZyqKMdw==
pixel
cm.g.doubleclick.net/ Frame 452F
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUv-f2Byx-cH-mBBoAevZLNzEc5rBR_-euJ-gD8ETKDamZjoRT-hq_19eU2rPrmHQoTcodARJ3_vlnfDOUCG-vjZjHRYQ
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 452F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUv-f2Byx-cH-mBBoAevZLNzEc5rBR_-euJ-gD8ETKDamZjoRT-hq_19eU2rPrmHQoTcodARJ3_vlnfDOUCG-vjZjHRYQ
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rItLTfYCV%2FQM77STkMtqpJ%2Fvqr%2FNFPCndXr9SgevxBeDi9mLPGqbDbvDaZrAn6b93Zw3hunUnILexp8iyw7x8vSqLiu4q3o1Q%2BbE2pDIcjG1yRJg9U0DKE3OdWdukSOVkfXxKTxZ6iLGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c2ec552612-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZQ8ey1YZoWg4d8aTnh%2F%2BjqZ8OV3wQ4Uw4ktWMFruOlmPfkBv%2Fyx38PR5Xo%2FvwzshFgwbaZuZur%2BSQ2ncDyg%2B032vbeRHGoV9rT9u%2FjdnpBnwiMisEuGt6IhD8nF8JmMSkOS4%2BsB1UWklw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
cache-control
no-cache
cf-ray
833146c21af72612-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 452F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa0xoswNKVovgNa7iHwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUv-f2Byx-cH-mBBoAevZLNzEc5rBR_-euJ-gD8ETKDamZjoRT-hq_19eU2rPrmHQoTcodARJ3_vlnfDOUCG-vjZjHRYQ
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPa4tXerAbe%2BJYGHQj5OCvxBgJQoB7DYnirfUuszD64Kt%2BtQe8H6ASWTOQBXHsT6gemt0XaFRrIPoBMgYVlKnp4AtODmggWagBYYkO9tUEbOxKQU64tuInkc%2BPAKRPInTBqE%2FMkWuiUx%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c3befd3414-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6029
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhjMic_-ATAB&v=APEucNUhbiAQbFm-Tck2vFrFQnRg-fIc4Z74IwFonMduBD4A97ukgqGEOA_Njw53oB3c8KuM44bCW4UtxXRubT03TYYFQ39vTw
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 6029
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhjMic_-ATAB&v=APEucNUhbiAQbFm-Tck2vFrFQnRg-fIc4Z74IwFonMduBD4A97ukgqGEOA_Njw53oB3c8KuM44bCW4UtxXRubT03TYYFQ39vTw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTNW75O34syvIQv8Cs9C4ktJeCxxtybRRo2BPXV0MisqT9sQXHwLBdFUJH3EjieHpj6PZ9pDeZV7X%2F1T6i3dQariqIxJ88UWAP6qVr0Iz3wilN0d7PdwRItCf4rlBbDjujaiiRoMxO4BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c2ec5c2612-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATNXSJpeRbUHYiMUiiNsag5kw0QG7PON7SlWAOOaFngvEgT92P29tMOp8J448MDXhGWU14WtlLloXNWL9RzSlE1IVb%2BoNJZvrH1NzIBPYcbSY0FDb7hHrj86yp%2Bql0g0fTWITa400w%2F%2Fqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
cache-control
no-cache
cf-ray
833146c21afa2612-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 6029
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa0xoswNKVovgNa7iHwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhjMic_-ATAB&v=APEucNUhbiAQbFm-Tck2vFrFQnRg-fIc4Z74IwFonMduBD4A97ukgqGEOA_Njw53oB3c8KuM44bCW4UtxXRubT03TYYFQ39vTw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSmHL3%2F6G9bphEIEhbF9SEofbP2ua5BQRKZJccXa6jiBezMbgC0%2BL3IzWk%2B%2BqrwRXnB4aC8UUdMtENO23fUhgS6pdcElyJFiDasNwluC4eBa%2BrSFrbYB512qMqmctu%2FrMe2cHYQOyGUVxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c3bf003414-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D68
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUp2YQQ9S8fzFoL8sNXwFZzqhM4gLPMOrnFiGPcvPpPbQr7Vp3RuDxMTptVzfIjtza7Duy8o8VAD-0LNZ8F6dSH_-5rTw
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame 7D68
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
43 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUp2YQQ9S8fzFoL8sNXwFZzqhM4gLPMOrnFiGPcvPpPbQr7Vp3RuDxMTptVzfIjtza7Duy8o8VAD-0LNZ8F6dSH_-5rTw
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FFzNTyJhMtXwe3Llvjc%2FulgtODKbEfXlKX74DjDfOAVd2VXhv4UNrUTWdijM6pAK9E84B8MMIqoyrN14uBtSruSZfSXpRY5p4KJPigIkYFZvTkD7BITWmjkr20Ea7UNRc9pqzmASqIgCA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c2ec232612-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAi%2Bd8abt49%2BWhXdmPojuVeB5pdwDDIxU36VONb%2FIeztBNZ0dKXgVMNU6zlh%2BwGDk5aWpgcqlCy0%2Bj24JAcmx1re2MabdbV2zJ11poQMhIz%2F%2BB9%2FZ6HpZ%2BYsdoNbvxwTGvxK9rJkz17%2Bdg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1&C=1
cache-control
no-cache
cf-ray
833146c21afb2612-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 7D68
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXUCa-jdDpdDGoRl10-HRAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiN2ND-ATAB&v=APEucNUp2YQQ9S8fzFoL8sNXwFZzqhM4gLPMOrnFiGPcvPpPbQr7Vp3RuDxMTptVzfIjtza7Duy8o8VAD-0LNZ8F6dSH_-5rTw
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVQpfCbxC3bo4cvyzMwjMX62syd2IwfscykzWFt3%2F0tY%2FUEEQfeNJMZvV91pGFlT9ON7DG4eMeJXDlMnmyrsGooEJUpLg9Tva9fwm7rd4s76UUmKqJ6zplg%2BDrWopg5RBeqXOMlbqjb%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
833146c3aeef3414-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEleornYGTCHnxXDm2-r-e8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame AC10 		431 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bb47535e41c5faa4abef360fa92809698a2939cc27e584c90bd61d51203c8a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1592090
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7A5F 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:28 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 7A5F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7156430036384398
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
89f5a9904743dc7c1dfd52a5aad4ca36b0617b05c882dda7a875591a3ee7744a

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:27 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 7A5F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BGCHfv8_Bti7ZNmUbAJ1ZQ
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=BGCHfv8_Bti7ZNmUbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=BGCHfv8_Bti7ZNmUbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 7A5F
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=2iDexx6LCQe9mbJvbAJ1ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=2iDexx6LCQe9mbJvbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=2iDexx6LCQe9mbJvbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
/
t.ssp.hinet.net/ Frame 7C11 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1e98e43abfdfc8b44523a3a8577e0bf63ce9f7d9deac6ed9c91839cf739a10a4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 9B91
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=o0QBVcC3D2yyj4idbAJ1ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=o0QBVcC3D2yyj4idbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=o0QBVcC3D2yyj4idbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9B91
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=dxu4fXoMCE6Gwcy9bAJ1ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=dxu4fXoMCE6Gwcy9bAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=dxu4fXoMCE6Gwcy9bAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame 9B91 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=568&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
39
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
woWBeDPcrBPLLsvHd20XxPdrKTJnawM5R44cpaK-BubE8JupjI9b6Q==
bid
ad2.apx.appier.net/v1/prebid/ Frame 9B91
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=BRUF-VfVBw2i5b0VbAJ1ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=BRUF-VfVBw2i5b0VbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=BRUF-VfVBw2i5b0VbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9B91
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:28 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
font
fonts.gstatic.com/l/ Frame EA26 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxpXMdbhZGua91jwLBpUNTWYW0E8gj_IpiXfw96Jv-7zHvmeJELk7DzvXd7-6Vr-sS5fqvQJS3AqXTFg_LYLmuCOCdw32t9apknJtjRGpadcoljC6aEJ9foMkd1WCG5I&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%81%AE%E9%AB%98%E7%B0%A1%E5%8D%98%E4%BF%A1%E3%82%92%E3%83%88%E9%A0%BC%E3%81%84%E3%81%A7%E6%AF%94%E3%81%8F%E7%B5%8C%E3%83%95%E7%90%86%E3%81%AB%E7%AE%A1%E6%80%A7%E6%A5%AD%E6%96%99%E8%BC%83%E7%84%A1%E9%96%8B%E3%82%BD%E4%BD%9C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
ESF /
Resource Hash
d286648abaafb90b1087a66d0db3262b2557e33d203f0b11a5b6066091ab98e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13396
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:28 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EA26 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:49:07 GMT
x-content-type-options
nosniff
age
203001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 15:49:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA26
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
drawV2.js
cdn.holmesmind.com/js/ Frame 7A5F 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=965&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
39
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
DHy9gFJaGbtGiWsHC0ZuXgsSD4qhV4WTdGleWX6q19e6ar7NkVKxtw==
utag.js
t.ssp.hinet.net/ Frame 7A5F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:27 GMT
utag.js
t.ssp.hinet.net/ Frame 9B91 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:27 GMT
cdb
bidder.criteo.com/ Frame 7A5F 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=69300313907
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:27 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adview
securepubads.g.doubleclick.net/pagead/ Frame EA26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CU3GIagJ1ZfiiJsy5qQHIr7mICL6jh9t04-bG16sSyrqM8b4BEAEg0syBGmCJg4CA9BOgAbzbyokqyAEB4AIAqAMByAMKqgStAk_QXQB_Sym29I74ivEclcOKZAKxlfVGcbDb4b7GDO0GUoiIId7pQ7w7uL70z2fzy6FU4GdiqL2hdq3LQDiv6n52NrIT34LbhOovB5Tta-UNGv7EfR3MR5qSozGMd8teMwX3soTkDohFlxcZ7sjE_gv7mjAdMTaiXrvrcb2zolc3vHCt63QG65oL6jowma1M50QpDFufy6eYE3Bsun2rBXLN92IP-1OXRK2F1bSyMkdD2z1TMba6vACuJJ7wD3eD7qzmPppAwbn_2UqNbC3du-xgwaJMalWg4SbAzJQnoez-CmjM4FqqCWbHTy8CGGZXKCz730PdLWQ5w4gGrR7M3pA35Ma9utH90rIflSO0dtLbjvdFdJ44_QLQkXcUkUqE6YqfZN_uxD6RQl4Uzn_ABJ3Rm5O4BOAEAYgF-OWosU2SBQQIBBgBkgUECAUYBKAGZoAHvJOb6QSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC19QfSCB0IgGEQARgdMgKKAjoCgEBIvf3BOli3yvzgyoODA5oJc2h0dHBzOi8vanAuc2hvZmFzdC5jb20vZHNyP3E9JUU3JUI1JThDJUU3JTkwJTg2KyVFNyVBRSVBMSVFNyU5MCU4NislRTMlODIlQkQlRTMlODMlOTUlRTMlODMlODgmZGU9YyZhc2lkPXptd19jaDE2MTOACgPICwGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAtoMEQoLEPDU3bP8ourN3AESAgED4g0TCLb7_ODKg4MDFcxcKgodyFcOgdgTDNAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGbIYAyIBAA&sigh=ReEtAh-Fk5g&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNK8vHU82SPk2Z9yiWqG7uMASC9hOcSizhs3x_BG0FutX-xSn3P982Xc_ujK9vl5-LBQUYuTX1jSgLG6UMsxTueLmxEFEAHlrJLSEYAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=825248756111&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=825248756111&version=m202309260101&ct=77&x=1&cor=17683548963642933000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AB8F 		34 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ady1TZuv6H8x81uWAN1Xrk_L2VN47_aVvDGCmeh3FVhL_9vkQNcjjjY1u1JbYic_HFmAiHGYg5ZnFiaVheas2b1yYrGn3XvgotxJ4nPM0avJz9svn23tjddczl5kEk474FBXM04wupB0ECY44pGwNnE5rrSVVWQ3GPmVj7Ut5ScamiBCI&cry=1&dbm_d=AKAmf-A7HBl06iDPo7VlrqgSf6N56jpDfwQsC-P-DT49EnQVc05x_uVQxOLiHWkaaRJ4lHzI62zmmj-kOU6gAtCZ1uljeQimJoWUviUZSQAfQM8tYFBdjJgwn-e_BO-sZW7sMEGIHSvqhM7QfBIWQ5Qi3iZb0it6ITjX0qqfqmG4F0OQikz7huDgpsJ6ZOzRBUUbqvLZjW78HwgQdNcHs9_mkhR7StJFZiKI6e-4cdt6TRwY8Q5qxcoRUfigdJbnpIdvD8Ev7o2g52ROC5Snh44AutADIBBxnAdMmjj8iRDUgJ8SCn6h1pEUQVgDMH35bOBSO4fTXsmg9li_Kp3aunjF0RaAC1SyLeUkrfyhtDuYr1McA8UR6SRdD4147KkZqOhOMbJYU3ysdufX-rXoakuzOU-1nJXYWrJ6_BjTcoINo-JNh-XbtB5sR4duQy_TTVnGdxxGMSJe8WwJWwzz3n09ByRny0CiJ2ZjkmHoXqUmc52rxb9VFDlNKJA6MpkOQhxwjxwsOav9WDR9VXeCYEoOPorWWGqO4_DV4DyIHf8IHdIZXFJoMfSxr-MakOdqlLmwM1-N2Y0JRxE02JPEK8x1o5tChLcBPlWEgUUF5-gDErySm0U9csQdhUM81gI_yCFdMr9_y-iDFFbv-obx0hPY8fIlKQd7HVw_sUXbzyBb0e0E1Ox9_fgKltGkcx1nnLSWui2I19Yawv6KutnDhUZFZWAlQdC07LjNVEintYVf-CuImEfErBirMZ3M0JNlKXZSgTPAuEgPLptB7EcyExsurMuyhD5_LaQI9L1yNlZwI_Zv7WRnrEg5uu-Dwiv_v_E2HqHAw6Y8R9Pr4i7Iz13anj1QohQRb_l6nCN86FiUFq08wiAoPJjAN-eOGt-Tv2dDEOWfcLXCS5cGSg7AR7qWbbNYg6nthOGctIty8s8kmaXMfkw--McEJiBBJD4sUQsA16Ib5N1mSRU-S09YyWplkFezQpzlAEZs_m08k8hCfHsdeGojO6cdS6Q4L-c2cpbdnyrxYeNLrzan2yBlWVRbZbp16dd-D6WZ62GxqzuBkXIADvUr-YxQ8y7w20GfWiVpnq_FOCEOnEpys45wFOTr9WTtQOiUV1f2hrXcbYTYYJMM-dkKvKY-4r9R8Fb8cmOOCgdimXf2NBG-TquyGWiSqHUJiHu9HvZt7sC5zTSjg9BW1otG_nb3xlsQjbEBiW5ZFtJ420kSULCaPGSONWPtihHwMaDwEyAvV_NC1DZzPVRRQh30aIfiMgUg6bZjXMqVCigt9DEfTKY3eiG0-RnKdfyKwIuu9XcXEaTpd2wjGEeP9yf3e-WoiMkK949kOg0hTv_thoEvdQMFlho-191aq3u30vAIguQQa6tYGdozxsws7eFnhiJQ09-BRjzS2dg4jFKpl2GUJsRZPPgPVNA8Mp2sfMgxN3YgJUNKhgrbnjUF64hA62clVVfYCQReDA-JvPZNHsYxpi91PxHcIjOBhqQJt6ncXcnmkf9RIbzGewx0e22fsk1QDSOqSTUnlrApUdtusjcoPgmwKDPqoBV7UeoYh1mrGvF74h3wBR0gVzFrocIaSV3kHYJcarTnTaHtyV32NwTN8g_RZ3KPHLiqilihc4wsncaFpPHk0xjzUAhuGWhXhwzc84Ethdzz1740ZX6l8RYh2dh5BPgWPKIQc0a4AshT0B2YF4H6-zRlMsrFYzNgxDFBwSXtlFP1tNSl5S2PPj9PNHk38ZuSjbS8JoewB_WDg7NI0Cu8YAUyhbOA7xfdwCN41KLdWixbpd_WeJ6h_BPbmM6JeLbPOfMwCOSKohm1TDIkJT8Ak2P0Eil1Q2yE3E5xZo6Sl_wBvdyb0hn4fZQ3qkqAEUFIfQKoiSRCd2ymXNYeS2I4SIE3diCd_aGUG180l2yOpd8mcI0o_AediGkE8VEa3B_dcZSclEM0PwV3ZoBMfPTFGVF74x61Cq6PQneMqGe57swG_WWmPxmk0sazq5M-HLg36TIiiVVfHBKmprdPrBiUxAeKbEGHIaisNj8kJjpkolt_6WS50_g4uGe7RPfkliJ3uc-LjHLggCpvfTjfffi71eC9YF3rlP6JRGMApxQY5wl4rStnRRrQ5Nd6m0o1mt9wufoNW-6EGdK5_cRX2VUP0rDKa-DjmK3Dy2oCd7Lc_9aGTI00HnVPEHOff2zZGgvuQPLbtXkwXjDpM_bwgq_UgYAyTHUm_re9-a5BEZHtyZOEULedeHiYI_waEYFt88Vt-nNe_My-exe_Ml0fzoEk5CUdIn7l4NrxoC5NcZNXnUinA3FgjiNf1FJEn-fvdXtz8ysSUVvP-4aQmvDtExRMfxob8FgbkfgL38yCkN4GA7innm79_RONGZfUQFkUTjimBkRxuzzfma7CjvCmKyZwkLbEG91BYsQl_hR2xO181jv9JDeoOXSzJDhRIWxYRZmRT1Nd0VD1aSkkVEOZO37PZxwlKeMU414Oly_dSNnmTXa4JIjxCr0W-69gyW2RzojLYM_SpfZemYjU-b2EztQqgvtmZLiGSfQjvVvHppQbTs8nf8y204GNxC2_qVhM8MywUVaEkJbVGEwZVzrC2VApCH101vnLBDL73ZMHNr12PmV4_ePkWc-bmxU7te5yBk8Keb03FpaHYj3ZjsReo4mqNA12CbBsxZ3KX6DH_nKZPpaMhl8lLKE_Jort2FybIlrSe9QJMxkyZZksC615_DKgP7iIfgb4q_PIsPkikYMX4Nga9lEG4vu1OOjEdhxv2I-Nq2Y6ReIe4Un-xGk953_WHfGMelji5Mam0AefNvuqz8loa6W8FqazeZyr_PgI7mgmsCtAVRPgqKyr65vCShCHmb_VZdsfJs1Egnlg8MOJWPrtoq_nm9ya4935VCu8RD2-HoyfBnn-WlShvOY41Mynz6sJhNnu3teaucIYHjJQW33QoDHMzNVac0u0B6B7eaqwb92n5ivZXHcAwRVVuMXVpuh9xMH2ZjCEM_vApv7uOwadVDz_NhDA9YmqriP_dOUIVCA2OzTgAaL1YMU07JUMQGtHEkI54jONeIcsJSp5utB4Gi5jGUJszR3wM_ywDWwwv87SE_hTxWhsS4_JDgM2OjyRqq_6pPXa1zu-VaFxv6CLOK2OUvT9aYzbZ8XCu2DW26NE4dOPtncDL3XJ3e9UuTFquHWDW2H90f_0U9IobJXUvD7Kewh4AVqEOBiv44JjGzRm9pQEVLUtIgTbz5KI20wKavg2V4MRDU9tpabIWH30nLYmSH-ddIfoDnyQremYT4eAXbAfGBIa-qDEaowg_nJgs6B_r7KYjCcpg8zUbuSxRlbjQmnDg1IvkGtIRlJ6adSxLIw6ZYMtHakNWD5uJc0FpuetanpZcNgpPILU-LpgcqgZKwi7ESD49yQMzDY69ErIsEQ8wbkymBcn_tJ5swZ0Fyt15DBlnXm70TvE59lkqQjYs4uDelcAC1AZNU1bRNyfC-9WTD07Bg1b3SJOYiRvu1UcgZNJzPFETvyYky4ky5ei-VbfiXWbUg7Eq7eMV_B9vsrA5mdI-q0w4llSS9N-73E8IHBVNcadV1Pf3H-f93uAG2d2JhxQLCbJFD7yUbJ3P5TIbklORcNmq-uzFgE-VJYBXNrDiZ0-JzXX7EPzWCsCH0KvM16nf5AkEzhcSuSwm0mkK6ONeMitwqXobfGjAI8edeFKwHXwlM3aODNpG-a1IjYFu6nNZ1jdNVGiGMmpkKyXjpSmt-ZIN_mRC3Kgsp88llEZ1l1i3wPg96cCP5rdOtjl3sFMUtA3B9-nt-oRDC9YRmaGCRtDsVu3Odld0WQV1At4s8H303ENMvQ9wDUMX9Uri649buMFjjX94W5-u8KaWVndOHQXWsOy03qwBP1o_s4_dvfn67wbmLpGwZArfdpYA97aTAtTcwKwc59b4Q4leMFAa6MeWXgHuj5StJT1nbswecaK-5YWcNMqhBfOlMGJYaWhFQavBmrFExi3zVQqcWTKYfHO0sfi9w2HEAM8kGtFb4cA2jjJYMswAlJNKspqaN8ETrX44OS1xL8plyohqibMyGwTf0d_8B1zzTZrMllwHYAlGnSEyeLzmN8SJqpTIQKwDwAHQFUDkmE8_Ug8vkRfQ2zOqMGGCDlwOAjMcxLfGXfk_DAHGDkPY_Vli4RD_ZZcONJ0lHyndgaR11MNEeh23sGnQLGkg8_0fTdQeTC8Rra0DGPQXL2fi4BOdM6D-9gFi7bQQ2AkH1IOJDHVZly1XeRkOVuna4Av5ouudNchqHK2gPvha_KhTj2zFeM3F3jgqryYWDjifW9YUaZyEzU8_u1zJuQUHQ-eDKQWItitM6JOmbsY70tqjLOk866esZyBpa7D5Bouk0QsyueGPOns7UoBdR6AcdWx_06aJSMTeaw&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=17683548963642933000&adk=1964084971&idt=728&cac=0&dtd=35
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99ee0d4d74af83a73b44ef59430c369a3d05e33df7a9ae7c4cd881dbf107eae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20005
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2924711935274&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2924711935274&version=m202309260101&ct=77&x=1&cor=14003009443938914000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E9A1 		34 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxeRbN5wFRXo2ZkzlhnZxeklrzChuFbt12hknzMSBb8pAaGzbjSffFJGpWWLfZy4t_Ll-SLezfnUDi-_BTnjTX74BVspIM2Tj7G9sIxm--WAkp4wSWCfe0DSvbWXonKa1jnElqeUtP2mFJJbjkS4jou4TmOmFHFaJCBAGVmF0eeAc4A0&cry=1&dbm_d=AKAmf-CBSSC4PY0oLgZDEctMTfGgsbhOZ5394Q-HxzKq7axlB-EXUr9Q4bT8_VsD21n0bPIpjRuiq38ts_cDJsT13o0F99SoSeBZ_yENpaigtMTKdAmDS4EiwXsxy1djWD3wSV9i7ZH1aNBXlqmpsl52aHKTJ8TNhqgD-rrxaytrOgf1UgTREvr-cGwqlbODncLhe13sKo6oRl_D1PojXjTzKTShU2M8VgFVfSEPfW2I0X1i6S1Jpu3_tPWiWCRLyOyRCLsUL917NHiPPhhCZZ3e8RE3gjH4X_G7jh3-LDVCGkvMaF4qhf5XVYCY8M7avgczeYRrmJTaF9oysNUfoN9sKAjy4GD97dshV4d8-c2q_0a9yGAMKUCw6DgY_qyU851B6BburDZWiXKXkn5qAplXU6Lc1Xu1Ya7wb2MojBXnw9MHsSXXO2CnadpdkOBJT0ij2_J12p_wrQDv5zJH_L9u3z62dwfqQD0RXyoI3OKeRDBW814yZjANDxAOyjIo0rtrAGIW8OV4QDILK3kUWgKgYmh72-GuzKXy2KmYedZIwnVFCifcvLDUt9cRbS2DkTNSsaUnWaDtuYl82bs8qTp2JnJl7jrwxKbn8UBky43TyAoe1o51eV7B5FRbw8iGXCm3PvAECmupGc_lN299iG5cKx7qQq2Ofx74tem-pgzJNpxa4Af47r5SuRbhoclnB265EtLsNS1iEQgHI6mbjcku58kLaACHrMPwcBqR9BVNP8dUtypcAvLA5rCm9BYiVwovGK1PIQ9wX6pn0GjEcYiFDZb2f-ZbaZG_HmNjERl3YXe_DBZfUGMpgxlkvQVFL_UKoGJ3LQPWZTdXdwyzNqf0vGH4C7mrELagCS-7OEnq4zqAGELNgj2bUgzU-vWLeEIGTpiGFobn2gmVU5g_sZjIV9SdfwXSXTCjKXgItrn-8HlGCx6QJ0yFgiFDSTs3Oetk7jbruVkQ0pJbsRH6GuBNP-rC5PanjN4A2gajmszLhBvWuNDo2DGbyWn26G-RbYcLJKIgPwcrgKfbYk4eC8Q0wtevg2fZ3fgNR0NEUDREEzX__5ybQ4dkljoVy6ncsOT4H_mPSrO7Bjc78oO-QS5XQlbwpYFn9gKKHnHsOB5c5xqUU9THEC9RyckF8HWrnnYjhki31Y03tDyu3ZrY9Qfq3fQVdVT48kQ-qbhuFysgEnyDWY71o_beUo1bzBwj475KYgAUEJQpmYIWNgwhk9aaBGXnUszcQMO49MpMYqVVo2VjMkQbGnzFE-xKDPyWEhqkMK0v6ChcSF5v0Tji6zqPyTgkn2bHFBvnKJl8bRfCjDe0S3WlyBlqsOmOazoWQ2k6EjuVfjBua0nkfXJTOYK_ELEOMlBN0-RTzU5yYNx-CEsH3AfjUnIU-qEy6mUWlvuW60AlpJQN5em6OofSvdfuTk6vlDBycMa8KxFjYRNS5ZTub-9IZfIzqldWYOYtUeaQG4RzjZqqjPix9wFqHp1bRqj8ZDJ4cVkmaoeXrVCCl1VwtRyXonwkNElVBFC6hmzEbwo9WJti7-TR6vdUv0EFhNqsHSpKmGQoKZ3NiWFKZ9p3Ma_CLZLKeLSamlXZdDbZSJ00KQwRskoS3oKMJP5g53qitXlQXmn7mvd9SUAxzrHTYJGbfoBIAMLpSVSzXHYP43cIT8t1inO3BgqpZrBfjqgWD1_Vbd--sv8IwArBOf32Jz5Th5YTSarprsjQj7C-JbjWXVKa4Mc9ebEZpbxduiMkCux0QkY6nZxCNV-PHzfpWJB0RnLVoJTqc7jUqKhBRVYxc6aVdW4E20zAx0TX66BSdWT0YpJosoXcZlw-qVdDrXjSNNaLukaZKfrjsB8w5TIb7iyYmX6XNO3J1zMLNi-RRAGYgjNJoJYnA5GwXoOEvofLdwoDO50HFJoxbd5ecBpvksTmJDcxx0PsJpJXA9HHW4U5KorzKJ8otDUrxeQYHXZtcW63EzTnvcgzTlBFzgTqRUvZ3xRk-C3Wuc6AU4Ugo-Hc5ekMHo040HFSQLo_ywu9jyhttof8WtPcvKSqtODPmxJsjlujcrRF_b9uP7GdWrneov55jxTkXzr0CmN3FQvPDT59z6am75dg1Hloyrhi02plC1-KHw2UWbv0WtMSD8B0gfNpk_GRTr5CuoZx0DU63z6lbc-M41zhQZO6Fr6c8QQ4ht7HcLAlVWX_AglHmh46p0u4VOUQGAexZ7I1CRm_29M2wrr7TI8sKD7EQMXavZn6ne4pEUiLvFhIDQGqxJCk2vfygWeJ6yhrs4hbXf6s6C12-BUe00UvTuFyVkvSB_-ZeKdUHqV5RdZjS63s0-QRNd-8xOWGd6Y12gctOdIlV-xlaOJLzMgdZxVBELXtQCu79sg2Wi927-0nbTYll7fKjMtESn3-gBrcht_1lCXvybOhBQ8ORS5pX2CDdz4t8dhhu0l6eo9CXF0oliB1NoZjdB3BHX7anh8z2IfJY7RO7Sdgu4L6ouQFeu9jIpXE1kNVjvT-HxgxHzM3vM7Mae-5whJjxsO3GtWgQDt-Y0AMpcvMT0BLiBs4-3PBOZ9Qm5y-ECZGJrAAfHqoFEBI9lFPKRMckyOcNV5LtrZseWQQwdwYMeT-VBPI6TSMesriU3LJMasolqO_M6voBeEkju9y6K-Xmt_-YusFxHYwnkIyRgpVZk8XbFfvG_Rjvkut7EirwsXdJ6VNmjBQKmt3Aiy4WtOWLx6G4wPQhPPXYM808kirGvL1JT6Zvlaj8kVZiEFGfvslkEGi2WKkfJoPmuviqSpg8SUhaHb1BNiunNDcx9rxJ7waKc24ZZuMvyHwxcMM5X-Ehe-F9AbUz9YyHO3DrzVD0PHd5ZrOWVgJiSzc_5zqUyvNx2iH-r6fkoTlJy9uvkgVgpV89slijii7TvvVBeYpZGvHq-J-ZTq7gqjLTown2Upx5AlnjluGouCizYB4JHjHNjuUD_YpEeRIHIVcU7o0WeDboSeu8qnS5k6KSQ2XVZNlJtVZHIhFJsUAoDX4OUva2jRtzTNFbx76WSuYvxBM5VoPD1fraD2wstmOzbeOq0NDQqcUNRyo3_BXqp0Dxc74G4JcBMNpd4b-NIpuVVY_0xWCrk3M9VSYg3CntfL3nevJcDpl6Kq_x5pP2TktRF3iaIRUsnlPN7a2fZ60w50wNwHxiljfViWteHGhkz9Pplf7LWcNy0JZbsFU4mT_KvzIwv0vtez-eMqaZBR_mbUDURTas2hgCKHycKcPvm19PbZ7XtVEAV32dojGXmB-f7rZbtq5OxsHjqkqLnfBEXOro2uLYLx6xGEdX3tuPABGGfRjoxU51iOIG2w4j8Ygk-3cRpbdo3iRrGMl99MEYzqVzs-q0OKA5CaAm4AkEuqGlG6dYTOvw7j5u-41w8wyck7R9G0ZRP9B34C5HRJylx49KDQeU1U-_7cdJNeOwhotHTlyrVOz0v2CsH3wPU5-YuC8KfDJ_tCSb1vkI4y9clAEITNpbxlg9x5vUim6wsnPxG0CzgY8gLwko9YE_FACMTuLCRztlTymi0ArzTUf_pU8XEJ2uZeYBYUdsma6czlbWeSesmjqKbgASoXEzCZCiWOxkU5t7z8RPZz2LI3N-CVMfnn2kcKKUq7eOMBcaNET2tmpo87zAbu_ZYLIte19cvZuueanw0waXgNoCZqysbwGFhTzWXczeG2HXV8FeEtaTA6Ef-BJOUfwB-EXiNpOfIx9l7ecGYEc3L7DU8nZeyZIjU9muWMgSdDZGukxuvdGXI7ZlLefhW38skND31xTlsbJgUmeQkRlrVgyPsV8WzamTUYBOtI_kS6nFznBNrjCMiacECdxAqXZ0XjYyZvQLtxCl7LYmJ4ozRmpX-oF8orYpP8luQwcg8uQ71V7C_ijasBGoAAHgOmTlAac5NOLSlZ9N3MMbrA0QRrt2PMDbYMFoBtXQdDIBzkjTC2DnfDw4Yku3mtN6uu4M4w_P7XLmETRviTfAAOWl6v2uNfcaC1H0aViSBIp12nif6zWITn-GZ0_tZLa8U8lobSQM19vUbEnNnNVR252HjxjcgEHn7h92PYRe0cGDy_TK4bIg3Vddx5aKlcuoD90rrx1Bm6w7ZMicUoRW8l-hytmSiY8tHI0dNoCgHxIcs-BRPrS0yuWZ3uGKeuOpZ0U7kkVaAJ0hNLzCAaOKuu4hdH9gC-rWh7tgU9zxVVKCK1_xbrrYbAi8u9aFywfO_vCInHT1t6DjcudjYe2OcxV6kh4GBUvhg&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14003009443938914000&adk=250412561&idt=792&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a40a43d44abff3c53f07dfa6e4e39af817a0c7496c7250d66c5564af176193e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ Frame 7A5F 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bb527815376a198a16cbbaab6649b2f63777637bfd5c38bbadc7ab43d2b88c11
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame E077 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5002669999118&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E077 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5002669999118&version=m202309260101&ct=77&x=1&cor=14360454527219851000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E077 		34 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNOfEWepjcKeGM0oPfRI1doKUjNSiI32cZfTP6ZbMhn5uiRyW_du3iv8Xxt2htkolO8YOENfT3gqY-3erNRUqkdy2a4OkCz3B2T12S1_UexvOK97Cn_RLwoj5I0OfBGk7koU5BKtEFOqGYBXAi3xnHDYlT5ZPAfZH3bNRyxojXbTGsMtY&cry=1&dbm_d=AKAmf-A_JbB6lo9n6-8oIrFmS37kiKLW9L37-j6ltjseXJAqPsQgC0jOaAZfDHYi26OGCGhskLonpu4f3g-v5S4NwY61MvVeoDYsEOWvtFUzj6pn1c814FEyrlIeV1Ga845YYg01RvFb_qsBo1NRiWxzw9Ox1Q_qDHh3y-12eF1TTvKGRWc2zZX9J6ulid6A-uAny2ynSymZl7I4mVp_1oEIzRnI2rQWINKx7syIBnwNdEVMi-nHTTAJqV31q5ylpGB8bsYj8BESJpPy0EI75yVDTUZhNn08JNg8GYRmhiZPneJpqFNjykbkYxfKCSmgPyDxhh8pGQxNo1URpcNOcJ-jAVJ6X_nMsepooGscYKFoCf8uxRBJ9qoyRHD0adMpnUxiivyJ3zkPjkwgH1V3-juLCzCUPSxEv6Vc6yoxWY9SHqKQbiFyyuyQgUh_oJiyzLdzMP_HPUtJUDO-9Xgth6BW216ooWVseBjcYEVbIPVvzdmKQYAdcYLIUMtFLx4094gq5Tjqld91YbB5CaNqjcQvH22LxAGrT6pLZuRfowTrjAeoe8haJqN_kHB7MpzNAQmeczl9fwDeELyvY4dq8nK0FmcPBl5lSJwiUw9MUV3nI6VnTKvEROtnr07jQAVSStkJ5cgPrhnRRl9Jm9kUXxZa-1HqbsWYEdW_--FLIsyMoRxEUdAMaaeuzNKVoJPyHcCbZptXIvtkKOqbxmxC_ReXsm0Lz-7pOGzNF0xBto9pGhZtXztUPu0qKR6B-wrj-ATieRm1VYWRv0djn3OkDPX2UOMcfXqjX3daDHZq2soAUdrwJDMj9eBeXcluWRR6H0cx_5cyChXw8l63Ve1o2xq6Y-MwQemWpYoPvH3xw3LmwX2qUC9yVY53jqnRIOdjQtjDSKZJRFbKlKjF0JJvbdGBDjw9CTY6h9fP8WQ_UcPH3aLF9qUCRGf2lWtKnbeM6zq4UUkMI137bnt8HsvCGooxA5KYBwD1GqYXU9JZVJEa5R5Aia1IImolJ977xLsKs4usN14tD9bSUdfwDjIKbWMhJ3ymLooCSR7i7uuTFf-E01R2hmebdzSdPix_DG-WlOKaZ6CxlR_SEyJ4lGzFOwYgPV0o63H3i8OEInD6UbuUFDZE41ADpg5G06dRHTRTPcTmz7g9tBvoLq8dOCzvIjPjvtb5Qv7ybQNn4HXp18YiVof_-DaN88gCIaRsqdDC-zx9Xx6m76pZuPrSlV8AT3zQg5opQb-KojYKqxKBHROGV-63tfJWcGhksgCQwXdoiRf4_TOAMexaOajniIsRKJZ8A2W5eOUNK8lGybwZVBtLiyLVmlaUZFT1zH5hLpQICdJxNB9nN51z3RgZwZlDRz_sCFamnq0TdlJ2xsaH34s0Vor3YJv4ikGLzkCRkaADKRHy-HKyeOG3QCR5xARV5hQueUUA6-jG8uSx2xjuIurnJfLFuCuM41s3u8mjyQb5LdceCXUrHhGQzPC2qMH-wX22Gsb30gnsFEoHr8r53GGBsD9dAUC5fClkzubGALdRaxZ2O_vFb_n-3wiVbi-FuTJjGUxoxXaNyK9TrfLu-pP230XvCGuLb4mYlgefm6K_CBrBiDrP0BuvZzYgjglsk9EkellUrAH_Jw2jkGzQ3y8NAFI_D3bH6hwXghhxYGYTjONGgkixXZsI7LGJw8l9OAT-0Nd5s9M_zADvkxzCHrh4KHvqFIBbt2cvhv9E9dT4x7dItFzt8RIBiOlGYWiz4XwC7_6skvKzvmR6rPX0-0b26PB_Quw2rCYeP1vy26QrXcMFzhls7e2jDjUlfrOK0YQZ0w0HQgFIw_6XrDXI4ik5cpH6AYej04u0Z2T8QyUJHYYwyFnjtxmNkPfj1uBNl7FQQ9EBXGq8MWkkz-55TH_ZeVGQqsUnn_tQ10UBfkDMM6nvLcFEfuktzWm6dvEH1spwB8wrO6CvDPyHubYAMKHkP1MJxb_c96uID_aSA58qm9H6im3bVsVW5aJAA1A4aCMe4Rc-i0waczwJEEd0xkkaFZwvfiEcCyKWoZzoM-_7ukYY4ozssOYRi87BU1s4m38I_rwKdjCMsFXIsPET7lZBSxZN-1eEx69tNMDC0QHHE0wDoIMrvuKvrUArVrLWKLJyW_zRXZG6ttok0T1ZIT6wwxzXd1hvpofRDtvtP87unMkFWCek-RMsaLhpqGt49BUAxsemczBktNlZy3TOb9bAdg1m7-wEhQY9Lwib_PFxlmfWCB018B4fyhHxe0JxuR-RNurl80zLDuTOSBAgq9akVjDQ83osVK4uVzTsLMgsL0sBVA-lYYpsx6SvwMdF3Nj81UANR6yOZpzRhUrkK2JHkmSnsexk7m3L-oth2tNMeVA4bdCaFyQ1zLelEVDvZ17oGnZsCQYs4h9GeBvCPX7_R1yr6LuDjyyGgY7s9_8l0gk3X0_dw7qQkSnNJXYtu3vexl_W0mXSh4LGpQ6UCUQ23PMX_nErzWe59AzYi7QU1wtc7nBB20a17K2m38CexNvMDOsy9UD8_yhkrZuDGiqvpIehAvLDBVAp6zYsefsjHs8ptGGF_ICge3VqaaGiR2hn19lB5f1SqNH-0ttKzrqhjP07tuOMcCJ_EJYPyzPq9fdjgflF61ET611yIfmAQCCcgM3nPrbdq7iVzZq22zl5cgop9dmcmnAT5h2MmBnGaUz78aepGnBClgJ1fk_fQOjKCNf6gOgbz8EK9G977y93TAp7EQQul4HK6Rho494G9WvOCBl4YoPWHL0vxTvMe1aqsSL3T6voL8UqzdAv7ReuhO_paCzUchEWlryRD_-AkjCdJ_wqXI17Z5m8I4aaJM6dnL4e4kdTigCwqMkZwLrlm8xr7UT5yEzNztQWswS0pQ8kq2GrC_Kgvz_dKmQI6yeC82aGNodSI7CmmhNeDVMF6qXIkhDmAqaDoqoxjSVL-WNpWCt_WDkp2PamS9sj8vtwn4Bdi_AUmjdmm8RHCxt1bHRv4o604JSN9svdctNgydRvQq57TZz8WhWprinbQz02mdIaLAdWtEB9dVcIhfgXBg2NP7HcsZmdlG_YW9EXLQXGQMoQ1DgamJAqEdffDsw1cpeutMsxeU7q9cgQcgpSMSvg1tyFjC-NrHXSQAPncZpgXRJ7in3rURYbevB72kh5NrC_75FAfJxg-_4tOsqmxX6F11MOLiR7ZlVgYig2FURMHPV2J-w_Dq6DRunOGg5ZgHrp7Gh5zA2-P4Pkzzd8mZE00PyEB9RbS7Q9ZMvnoLTF8NkaXUPgMRRPK5ajxInYBGUPbs9z7KNs5R4nXJmY3EcdO-GJtYhZjDwq2jUHUJvGzTejgAT1zYKbDr7V8kd9lAupWaXZAZsQieRrDJqhvnbk0-XRUunM2XStx1YWoxXf2ZSVQbJs486uMMU5DeOpRq7MzLRIR_8KGdewWspmjNK_iylA0EinkRgFyLxrHJkdjofY-jE7F2GPs19jZ9f5V9Xui3FO1SURZ7QdXgQRAqodJmcp7wfa94RK1piNHp9U6CzJqF7qgQ6fQGkfYqIgYet8EX_ztxpHICICfE-wa0tIdu2qbdhUCRzISOElG86AkHvTMQKiOozZqlDkbhnBunYuXXgsvxR1prR9aar05QLV0m1EMH4nCSShoDwy22Ya9IEsjnCocYk4qkyBlrXGScSnq2vJnIJQfca7jMmUl-bKuMxOpUFrNLVJebhlij1fXh0EclYX6W8DKnTltR9Jffqxf0GsGGoFS6oQ0HuAvyIBoFqHUb4HNv0GcStU2RqCOkqJ8mjeI4bXWMFYtAV97Ld7ui7_xaCNaxdMZtOLaAvA__zabIx3YnYdhukLGk3VtqDqIyZbpDPPja3ysnZ9ipy-F02P4RiDLqOJ5T1lYEmFKMj3fdXeQBnMBug7rNCNxf9yKYt0Ausbol7VqlvGIUyDMBmeHJvk3sR_L_Lgwk24XE4oe-vK7UA7205mhmz2QuKHr28HR_VIT1UYT3xXHNzX5yyFWG4GoCVQ5204QaILAHD-7vQ_Dq2LBBXRGAyfPVv0rbpYFXz2K5lqFVggzUlRI07p6Pphv1yhr4L5mGJ8jbkF61ueDnUPCX7U0YKrAygUBwsnUqaoSiiBPkW9L6N_l_LD7KL_Pz-Xdk4cb3j-reJeca8gpJRLb3eOvl7Awf60qPVN8xPArpKwedw5YZT5I1pnRBZt9xtzjd8B9RMk6ktP_iTgO4n2MfLX6Uxt4yFQ1Roo93Io6De6D4kugr58bjWp0AKunHmFV8UU4d3gEJKNhF-L3kTC-xyX-FweVPLXFfKC0-jMzMZNMhgNDSQHsb1oZeNtMzp9DO_SYhMH0kMOf8w6hyZMnRjKlQjJy1-dwCW3PspHeVZ1Z5Zu4ydxLiK_B8DnGlJJiBPqh5QOeNLs1_0&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14360454527219851000&adk=2228999114&idt=798&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e663c6c342e25090f5eba8f10e53f4de62d6ad41fd312c7764225ddca8893614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20029
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ Frame 9B91 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bb527815376a198a16cbbaab6649b2f63777637bfd5c38bbadc7ab43d2b88c11
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame AB8F 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ady1TZuv6H8x81uWAN1Xrk_L2VN47_aVvDGCmeh3FVhL_9vkQNcjjjY1u1JbYic_HFmAiHGYg5ZnFiaVheas2b1yYrGn3XvgotxJ4nPM0avJz9svn23tjddczl5kEk474FBXM04wupB0ECY44pGwNnE5rrSVVWQ3GPmVj7Ut5ScamiBCI&cry=1&dbm_d=AKAmf-A7HBl06iDPo7VlrqgSf6N56jpDfwQsC-P-DT49EnQVc05x_uVQxOLiHWkaaRJ4lHzI62zmmj-kOU6gAtCZ1uljeQimJoWUviUZSQAfQM8tYFBdjJgwn-e_BO-sZW7sMEGIHSvqhM7QfBIWQ5Qi3iZb0it6ITjX0qqfqmG4F0OQikz7huDgpsJ6ZOzRBUUbqvLZjW78HwgQdNcHs9_mkhR7StJFZiKI6e-4cdt6TRwY8Q5qxcoRUfigdJbnpIdvD8Ev7o2g52ROC5Snh44AutADIBBxnAdMmjj8iRDUgJ8SCn6h1pEUQVgDMH35bOBSO4fTXsmg9li_Kp3aunjF0RaAC1SyLeUkrfyhtDuYr1McA8UR6SRdD4147KkZqOhOMbJYU3ysdufX-rXoakuzOU-1nJXYWrJ6_BjTcoINo-JNh-XbtB5sR4duQy_TTVnGdxxGMSJe8WwJWwzz3n09ByRny0CiJ2ZjkmHoXqUmc52rxb9VFDlNKJA6MpkOQhxwjxwsOav9WDR9VXeCYEoOPorWWGqO4_DV4DyIHf8IHdIZXFJoMfSxr-MakOdqlLmwM1-N2Y0JRxE02JPEK8x1o5tChLcBPlWEgUUF5-gDErySm0U9csQdhUM81gI_yCFdMr9_y-iDFFbv-obx0hPY8fIlKQd7HVw_sUXbzyBb0e0E1Ox9_fgKltGkcx1nnLSWui2I19Yawv6KutnDhUZFZWAlQdC07LjNVEintYVf-CuImEfErBirMZ3M0JNlKXZSgTPAuEgPLptB7EcyExsurMuyhD5_LaQI9L1yNlZwI_Zv7WRnrEg5uu-Dwiv_v_E2HqHAw6Y8R9Pr4i7Iz13anj1QohQRb_l6nCN86FiUFq08wiAoPJjAN-eOGt-Tv2dDEOWfcLXCS5cGSg7AR7qWbbNYg6nthOGctIty8s8kmaXMfkw--McEJiBBJD4sUQsA16Ib5N1mSRU-S09YyWplkFezQpzlAEZs_m08k8hCfHsdeGojO6cdS6Q4L-c2cpbdnyrxYeNLrzan2yBlWVRbZbp16dd-D6WZ62GxqzuBkXIADvUr-YxQ8y7w20GfWiVpnq_FOCEOnEpys45wFOTr9WTtQOiUV1f2hrXcbYTYYJMM-dkKvKY-4r9R8Fb8cmOOCgdimXf2NBG-TquyGWiSqHUJiHu9HvZt7sC5zTSjg9BW1otG_nb3xlsQjbEBiW5ZFtJ420kSULCaPGSONWPtihHwMaDwEyAvV_NC1DZzPVRRQh30aIfiMgUg6bZjXMqVCigt9DEfTKY3eiG0-RnKdfyKwIuu9XcXEaTpd2wjGEeP9yf3e-WoiMkK949kOg0hTv_thoEvdQMFlho-191aq3u30vAIguQQa6tYGdozxsws7eFnhiJQ09-BRjzS2dg4jFKpl2GUJsRZPPgPVNA8Mp2sfMgxN3YgJUNKhgrbnjUF64hA62clVVfYCQReDA-JvPZNHsYxpi91PxHcIjOBhqQJt6ncXcnmkf9RIbzGewx0e22fsk1QDSOqSTUnlrApUdtusjcoPgmwKDPqoBV7UeoYh1mrGvF74h3wBR0gVzFrocIaSV3kHYJcarTnTaHtyV32NwTN8g_RZ3KPHLiqilihc4wsncaFpPHk0xjzUAhuGWhXhwzc84Ethdzz1740ZX6l8RYh2dh5BPgWPKIQc0a4AshT0B2YF4H6-zRlMsrFYzNgxDFBwSXtlFP1tNSl5S2PPj9PNHk38ZuSjbS8JoewB_WDg7NI0Cu8YAUyhbOA7xfdwCN41KLdWixbpd_WeJ6h_BPbmM6JeLbPOfMwCOSKohm1TDIkJT8Ak2P0Eil1Q2yE3E5xZo6Sl_wBvdyb0hn4fZQ3qkqAEUFIfQKoiSRCd2ymXNYeS2I4SIE3diCd_aGUG180l2yOpd8mcI0o_AediGkE8VEa3B_dcZSclEM0PwV3ZoBMfPTFGVF74x61Cq6PQneMqGe57swG_WWmPxmk0sazq5M-HLg36TIiiVVfHBKmprdPrBiUxAeKbEGHIaisNj8kJjpkolt_6WS50_g4uGe7RPfkliJ3uc-LjHLggCpvfTjfffi71eC9YF3rlP6JRGMApxQY5wl4rStnRRrQ5Nd6m0o1mt9wufoNW-6EGdK5_cRX2VUP0rDKa-DjmK3Dy2oCd7Lc_9aGTI00HnVPEHOff2zZGgvuQPLbtXkwXjDpM_bwgq_UgYAyTHUm_re9-a5BEZHtyZOEULedeHiYI_waEYFt88Vt-nNe_My-exe_Ml0fzoEk5CUdIn7l4NrxoC5NcZNXnUinA3FgjiNf1FJEn-fvdXtz8ysSUVvP-4aQmvDtExRMfxob8FgbkfgL38yCkN4GA7innm79_RONGZfUQFkUTjimBkRxuzzfma7CjvCmKyZwkLbEG91BYsQl_hR2xO181jv9JDeoOXSzJDhRIWxYRZmRT1Nd0VD1aSkkVEOZO37PZxwlKeMU414Oly_dSNnmTXa4JIjxCr0W-69gyW2RzojLYM_SpfZemYjU-b2EztQqgvtmZLiGSfQjvVvHppQbTs8nf8y204GNxC2_qVhM8MywUVaEkJbVGEwZVzrC2VApCH101vnLBDL73ZMHNr12PmV4_ePkWc-bmxU7te5yBk8Keb03FpaHYj3ZjsReo4mqNA12CbBsxZ3KX6DH_nKZPpaMhl8lLKE_Jort2FybIlrSe9QJMxkyZZksC615_DKgP7iIfgb4q_PIsPkikYMX4Nga9lEG4vu1OOjEdhxv2I-Nq2Y6ReIe4Un-xGk953_WHfGMelji5Mam0AefNvuqz8loa6W8FqazeZyr_PgI7mgmsCtAVRPgqKyr65vCShCHmb_VZdsfJs1Egnlg8MOJWPrtoq_nm9ya4935VCu8RD2-HoyfBnn-WlShvOY41Mynz6sJhNnu3teaucIYHjJQW33QoDHMzNVac0u0B6B7eaqwb92n5ivZXHcAwRVVuMXVpuh9xMH2ZjCEM_vApv7uOwadVDz_NhDA9YmqriP_dOUIVCA2OzTgAaL1YMU07JUMQGtHEkI54jONeIcsJSp5utB4Gi5jGUJszR3wM_ywDWwwv87SE_hTxWhsS4_JDgM2OjyRqq_6pPXa1zu-VaFxv6CLOK2OUvT9aYzbZ8XCu2DW26NE4dOPtncDL3XJ3e9UuTFquHWDW2H90f_0U9IobJXUvD7Kewh4AVqEOBiv44JjGzRm9pQEVLUtIgTbz5KI20wKavg2V4MRDU9tpabIWH30nLYmSH-ddIfoDnyQremYT4eAXbAfGBIa-qDEaowg_nJgs6B_r7KYjCcpg8zUbuSxRlbjQmnDg1IvkGtIRlJ6adSxLIw6ZYMtHakNWD5uJc0FpuetanpZcNgpPILU-LpgcqgZKwi7ESD49yQMzDY69ErIsEQ8wbkymBcn_tJ5swZ0Fyt15DBlnXm70TvE59lkqQjYs4uDelcAC1AZNU1bRNyfC-9WTD07Bg1b3SJOYiRvu1UcgZNJzPFETvyYky4ky5ei-VbfiXWbUg7Eq7eMV_B9vsrA5mdI-q0w4llSS9N-73E8IHBVNcadV1Pf3H-f93uAG2d2JhxQLCbJFD7yUbJ3P5TIbklORcNmq-uzFgE-VJYBXNrDiZ0-JzXX7EPzWCsCH0KvM16nf5AkEzhcSuSwm0mkK6ONeMitwqXobfGjAI8edeFKwHXwlM3aODNpG-a1IjYFu6nNZ1jdNVGiGMmpkKyXjpSmt-ZIN_mRC3Kgsp88llEZ1l1i3wPg96cCP5rdOtjl3sFMUtA3B9-nt-oRDC9YRmaGCRtDsVu3Odld0WQV1At4s8H303ENMvQ9wDUMX9Uri649buMFjjX94W5-u8KaWVndOHQXWsOy03qwBP1o_s4_dvfn67wbmLpGwZArfdpYA97aTAtTcwKwc59b4Q4leMFAa6MeWXgHuj5StJT1nbswecaK-5YWcNMqhBfOlMGJYaWhFQavBmrFExi3zVQqcWTKYfHO0sfi9w2HEAM8kGtFb4cA2jjJYMswAlJNKspqaN8ETrX44OS1xL8plyohqibMyGwTf0d_8B1zzTZrMllwHYAlGnSEyeLzmN8SJqpTIQKwDwAHQFUDkmE8_Ug8vkRfQ2zOqMGGCDlwOAjMcxLfGXfk_DAHGDkPY_Vli4RD_ZZcONJ0lHyndgaR11MNEeh23sGnQLGkg8_0fTdQeTC8Rra0DGPQXL2fi4BOdM6D-9gFi7bQQ2AkH1IOJDHVZly1XeRkOVuna4Av5ouudNchqHK2gPvha_KhTj2zFeM3F3jgqryYWDjifW9YUaZyEzU8_u1zJuQUHQ-eDKQWItitM6JOmbsY70tqjLOk866esZyBpa7D5Bouk0QsyueGPOns7UoBdR6AcdWx_06aJSMTeaw&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=17683548963642933000&adk=1964084971&idt=728&cac=0&dtd=35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
12577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AB8F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ady1TZuv6H8x81uWAN1Xrk_L2VN47_aVvDGCmeh3FVhL_9vkQNcjjjY1u1JbYic_HFmAiHGYg5ZnFiaVheas2b1yYrGn3XvgotxJ4nPM0avJz9svn23tjddczl5kEk474FBXM04wupB0ECY44pGwNnE5rrSVVWQ3GPmVj7Ut5ScamiBCI&cry=1&dbm_d=AKAmf-A7HBl06iDPo7VlrqgSf6N56jpDfwQsC-P-DT49EnQVc05x_uVQxOLiHWkaaRJ4lHzI62zmmj-kOU6gAtCZ1uljeQimJoWUviUZSQAfQM8tYFBdjJgwn-e_BO-sZW7sMEGIHSvqhM7QfBIWQ5Qi3iZb0it6ITjX0qqfqmG4F0OQikz7huDgpsJ6ZOzRBUUbqvLZjW78HwgQdNcHs9_mkhR7StJFZiKI6e-4cdt6TRwY8Q5qxcoRUfigdJbnpIdvD8Ev7o2g52ROC5Snh44AutADIBBxnAdMmjj8iRDUgJ8SCn6h1pEUQVgDMH35bOBSO4fTXsmg9li_Kp3aunjF0RaAC1SyLeUkrfyhtDuYr1McA8UR6SRdD4147KkZqOhOMbJYU3ysdufX-rXoakuzOU-1nJXYWrJ6_BjTcoINo-JNh-XbtB5sR4duQy_TTVnGdxxGMSJe8WwJWwzz3n09ByRny0CiJ2ZjkmHoXqUmc52rxb9VFDlNKJA6MpkOQhxwjxwsOav9WDR9VXeCYEoOPorWWGqO4_DV4DyIHf8IHdIZXFJoMfSxr-MakOdqlLmwM1-N2Y0JRxE02JPEK8x1o5tChLcBPlWEgUUF5-gDErySm0U9csQdhUM81gI_yCFdMr9_y-iDFFbv-obx0hPY8fIlKQd7HVw_sUXbzyBb0e0E1Ox9_fgKltGkcx1nnLSWui2I19Yawv6KutnDhUZFZWAlQdC07LjNVEintYVf-CuImEfErBirMZ3M0JNlKXZSgTPAuEgPLptB7EcyExsurMuyhD5_LaQI9L1yNlZwI_Zv7WRnrEg5uu-Dwiv_v_E2HqHAw6Y8R9Pr4i7Iz13anj1QohQRb_l6nCN86FiUFq08wiAoPJjAN-eOGt-Tv2dDEOWfcLXCS5cGSg7AR7qWbbNYg6nthOGctIty8s8kmaXMfkw--McEJiBBJD4sUQsA16Ib5N1mSRU-S09YyWplkFezQpzlAEZs_m08k8hCfHsdeGojO6cdS6Q4L-c2cpbdnyrxYeNLrzan2yBlWVRbZbp16dd-D6WZ62GxqzuBkXIADvUr-YxQ8y7w20GfWiVpnq_FOCEOnEpys45wFOTr9WTtQOiUV1f2hrXcbYTYYJMM-dkKvKY-4r9R8Fb8cmOOCgdimXf2NBG-TquyGWiSqHUJiHu9HvZt7sC5zTSjg9BW1otG_nb3xlsQjbEBiW5ZFtJ420kSULCaPGSONWPtihHwMaDwEyAvV_NC1DZzPVRRQh30aIfiMgUg6bZjXMqVCigt9DEfTKY3eiG0-RnKdfyKwIuu9XcXEaTpd2wjGEeP9yf3e-WoiMkK949kOg0hTv_thoEvdQMFlho-191aq3u30vAIguQQa6tYGdozxsws7eFnhiJQ09-BRjzS2dg4jFKpl2GUJsRZPPgPVNA8Mp2sfMgxN3YgJUNKhgrbnjUF64hA62clVVfYCQReDA-JvPZNHsYxpi91PxHcIjOBhqQJt6ncXcnmkf9RIbzGewx0e22fsk1QDSOqSTUnlrApUdtusjcoPgmwKDPqoBV7UeoYh1mrGvF74h3wBR0gVzFrocIaSV3kHYJcarTnTaHtyV32NwTN8g_RZ3KPHLiqilihc4wsncaFpPHk0xjzUAhuGWhXhwzc84Ethdzz1740ZX6l8RYh2dh5BPgWPKIQc0a4AshT0B2YF4H6-zRlMsrFYzNgxDFBwSXtlFP1tNSl5S2PPj9PNHk38ZuSjbS8JoewB_WDg7NI0Cu8YAUyhbOA7xfdwCN41KLdWixbpd_WeJ6h_BPbmM6JeLbPOfMwCOSKohm1TDIkJT8Ak2P0Eil1Q2yE3E5xZo6Sl_wBvdyb0hn4fZQ3qkqAEUFIfQKoiSRCd2ymXNYeS2I4SIE3diCd_aGUG180l2yOpd8mcI0o_AediGkE8VEa3B_dcZSclEM0PwV3ZoBMfPTFGVF74x61Cq6PQneMqGe57swG_WWmPxmk0sazq5M-HLg36TIiiVVfHBKmprdPrBiUxAeKbEGHIaisNj8kJjpkolt_6WS50_g4uGe7RPfkliJ3uc-LjHLggCpvfTjfffi71eC9YF3rlP6JRGMApxQY5wl4rStnRRrQ5Nd6m0o1mt9wufoNW-6EGdK5_cRX2VUP0rDKa-DjmK3Dy2oCd7Lc_9aGTI00HnVPEHOff2zZGgvuQPLbtXkwXjDpM_bwgq_UgYAyTHUm_re9-a5BEZHtyZOEULedeHiYI_waEYFt88Vt-nNe_My-exe_Ml0fzoEk5CUdIn7l4NrxoC5NcZNXnUinA3FgjiNf1FJEn-fvdXtz8ysSUVvP-4aQmvDtExRMfxob8FgbkfgL38yCkN4GA7innm79_RONGZfUQFkUTjimBkRxuzzfma7CjvCmKyZwkLbEG91BYsQl_hR2xO181jv9JDeoOXSzJDhRIWxYRZmRT1Nd0VD1aSkkVEOZO37PZxwlKeMU414Oly_dSNnmTXa4JIjxCr0W-69gyW2RzojLYM_SpfZemYjU-b2EztQqgvtmZLiGSfQjvVvHppQbTs8nf8y204GNxC2_qVhM8MywUVaEkJbVGEwZVzrC2VApCH101vnLBDL73ZMHNr12PmV4_ePkWc-bmxU7te5yBk8Keb03FpaHYj3ZjsReo4mqNA12CbBsxZ3KX6DH_nKZPpaMhl8lLKE_Jort2FybIlrSe9QJMxkyZZksC615_DKgP7iIfgb4q_PIsPkikYMX4Nga9lEG4vu1OOjEdhxv2I-Nq2Y6ReIe4Un-xGk953_WHfGMelji5Mam0AefNvuqz8loa6W8FqazeZyr_PgI7mgmsCtAVRPgqKyr65vCShCHmb_VZdsfJs1Egnlg8MOJWPrtoq_nm9ya4935VCu8RD2-HoyfBnn-WlShvOY41Mynz6sJhNnu3teaucIYHjJQW33QoDHMzNVac0u0B6B7eaqwb92n5ivZXHcAwRVVuMXVpuh9xMH2ZjCEM_vApv7uOwadVDz_NhDA9YmqriP_dOUIVCA2OzTgAaL1YMU07JUMQGtHEkI54jONeIcsJSp5utB4Gi5jGUJszR3wM_ywDWwwv87SE_hTxWhsS4_JDgM2OjyRqq_6pPXa1zu-VaFxv6CLOK2OUvT9aYzbZ8XCu2DW26NE4dOPtncDL3XJ3e9UuTFquHWDW2H90f_0U9IobJXUvD7Kewh4AVqEOBiv44JjGzRm9pQEVLUtIgTbz5KI20wKavg2V4MRDU9tpabIWH30nLYmSH-ddIfoDnyQremYT4eAXbAfGBIa-qDEaowg_nJgs6B_r7KYjCcpg8zUbuSxRlbjQmnDg1IvkGtIRlJ6adSxLIw6ZYMtHakNWD5uJc0FpuetanpZcNgpPILU-LpgcqgZKwi7ESD49yQMzDY69ErIsEQ8wbkymBcn_tJ5swZ0Fyt15DBlnXm70TvE59lkqQjYs4uDelcAC1AZNU1bRNyfC-9WTD07Bg1b3SJOYiRvu1UcgZNJzPFETvyYky4ky5ei-VbfiXWbUg7Eq7eMV_B9vsrA5mdI-q0w4llSS9N-73E8IHBVNcadV1Pf3H-f93uAG2d2JhxQLCbJFD7yUbJ3P5TIbklORcNmq-uzFgE-VJYBXNrDiZ0-JzXX7EPzWCsCH0KvM16nf5AkEzhcSuSwm0mkK6ONeMitwqXobfGjAI8edeFKwHXwlM3aODNpG-a1IjYFu6nNZ1jdNVGiGMmpkKyXjpSmt-ZIN_mRC3Kgsp88llEZ1l1i3wPg96cCP5rdOtjl3sFMUtA3B9-nt-oRDC9YRmaGCRtDsVu3Odld0WQV1At4s8H303ENMvQ9wDUMX9Uri649buMFjjX94W5-u8KaWVndOHQXWsOy03qwBP1o_s4_dvfn67wbmLpGwZArfdpYA97aTAtTcwKwc59b4Q4leMFAa6MeWXgHuj5StJT1nbswecaK-5YWcNMqhBfOlMGJYaWhFQavBmrFExi3zVQqcWTKYfHO0sfi9w2HEAM8kGtFb4cA2jjJYMswAlJNKspqaN8ETrX44OS1xL8plyohqibMyGwTf0d_8B1zzTZrMllwHYAlGnSEyeLzmN8SJqpTIQKwDwAHQFUDkmE8_Ug8vkRfQ2zOqMGGCDlwOAjMcxLfGXfk_DAHGDkPY_Vli4RD_ZZcONJ0lHyndgaR11MNEeh23sGnQLGkg8_0fTdQeTC8Rra0DGPQXL2fi4BOdM6D-9gFi7bQQ2AkH1IOJDHVZly1XeRkOVuna4Av5ouudNchqHK2gPvha_KhTj2zFeM3F3jgqryYWDjifW9YUaZyEzU8_u1zJuQUHQ-eDKQWItitM6JOmbsY70tqjLOk866esZyBpa7D5Bouk0QsyueGPOns7UoBdR6AcdWx_06aJSMTeaw&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=17683548963642933000&adk=1964084971&idt=728&cac=0&dtd=35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
379443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0Nzk0OTczMgogIHNlcnZlcl9pcDogMzQ1NTYyMjEKICBwcm9jZXNzX2lkOiAyMzk5ODA0MDQ4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkK...
ad.doubleclick.net/ddm/activity/ Frame AB8F 		0
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0Nzk0OTczMgogIHNlcnZlcl9pcDogMzQ1NTYyMjEKICBwcm9jZXNzX2lkOiAyMzk5ODA0MDQ4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2htLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAxNQpldmVudF9pbXByZXNzaW9uX2lkOiA5ODk5OTI4MzQ2NzA1Mzc2OTQxCmRlYnVnX2tleTogNTA4Mjk2Nzg4MTI4ODU5NTc3OAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMTAiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MDU0NTk5CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgxNTIyNDI0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NzAyMTY0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzgzMTIyNDQ1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTMzOTk4NjA1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2htLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3RpcWNkbi5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9obS1zc3ItcmVzZWxsLXByZXByb2QuYXp1cmV3ZWJzaXRlcy5uZXQiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x8db19196cfa450ee0000000000000000","13":"0x27f0aaf5359dccf60000000000000000","14":"0x447d441cb919d03b0000000000000000","15":"0x37b49dfcded8712a0000000000000000"},"debug_key":"5082967881288595778","debug_reporting":true,"destination":"https://hm.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["9054599"]},"priority":"0","source_event_id":"9899928346705376941"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FB1C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstskn-rfoFKMF5IUJGaI4UBaA94xB4RTNUkz2kL6UAY8Ss5_s_l-LIjjbwXh3PTJ8wKP9fOU6nlj4eyocF3blllPmYvfeS12PXHwNpn4WxhhZRNVUViAudwPXDDpNwfHM5SXsnY0u0Avg1BLzKFDSvProzHsky6Gev38U5xXjgmyt5j1au2lw82uzieKlrz_XbFt6jMmNWocBiMRmS0OHJiggjJxTMRopKrsRVmVJP_XbUCniOAvGMRnekHJOTFhSmEbKH_-uILw8EYpIQPolX4_S9lmptSRTpC1mhHLLVeYuUzFnrhEvxZ-8U7XeVQ5iCEa2PvV8y8IF6OH8kwWS7TsgC0pod_JWRvOZq7NF-WdXttkiCjx3HOOOJkDk2LmCM&sai=AMfl-YRjeP1WitI06_nDjBWcAHFI1y6zRWjmjgIbUXRDSqtiLklcbXd9RjRsrr-epCTcgbsbYe_dXjxaOFtiwDw_91PV76c_PfGVkqPFkxH9MZgcaEm7WemgJwj6o5Juo6NrERluSzwcsVGn-0D1Atv6bKWzlIOVQ2QPX5ROsQ&sig=Cg0ArKJSzAsAe1OenLLYEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:28 GMT
emome2
t.ssp.hinet.net/ Frame 7A5F 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2be6e49d-7535-4447-8c43-46671724c53d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E9A1 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxeRbN5wFRXo2ZkzlhnZxeklrzChuFbt12hknzMSBb8pAaGzbjSffFJGpWWLfZy4t_Ll-SLezfnUDi-_BTnjTX74BVspIM2Tj7G9sIxm--WAkp4wSWCfe0DSvbWXonKa1jnElqeUtP2mFJJbjkS4jou4TmOmFHFaJCBAGVmF0eeAc4A0&cry=1&dbm_d=AKAmf-CBSSC4PY0oLgZDEctMTfGgsbhOZ5394Q-HxzKq7axlB-EXUr9Q4bT8_VsD21n0bPIpjRuiq38ts_cDJsT13o0F99SoSeBZ_yENpaigtMTKdAmDS4EiwXsxy1djWD3wSV9i7ZH1aNBXlqmpsl52aHKTJ8TNhqgD-rrxaytrOgf1UgTREvr-cGwqlbODncLhe13sKo6oRl_D1PojXjTzKTShU2M8VgFVfSEPfW2I0X1i6S1Jpu3_tPWiWCRLyOyRCLsUL917NHiPPhhCZZ3e8RE3gjH4X_G7jh3-LDVCGkvMaF4qhf5XVYCY8M7avgczeYRrmJTaF9oysNUfoN9sKAjy4GD97dshV4d8-c2q_0a9yGAMKUCw6DgY_qyU851B6BburDZWiXKXkn5qAplXU6Lc1Xu1Ya7wb2MojBXnw9MHsSXXO2CnadpdkOBJT0ij2_J12p_wrQDv5zJH_L9u3z62dwfqQD0RXyoI3OKeRDBW814yZjANDxAOyjIo0rtrAGIW8OV4QDILK3kUWgKgYmh72-GuzKXy2KmYedZIwnVFCifcvLDUt9cRbS2DkTNSsaUnWaDtuYl82bs8qTp2JnJl7jrwxKbn8UBky43TyAoe1o51eV7B5FRbw8iGXCm3PvAECmupGc_lN299iG5cKx7qQq2Ofx74tem-pgzJNpxa4Af47r5SuRbhoclnB265EtLsNS1iEQgHI6mbjcku58kLaACHrMPwcBqR9BVNP8dUtypcAvLA5rCm9BYiVwovGK1PIQ9wX6pn0GjEcYiFDZb2f-ZbaZG_HmNjERl3YXe_DBZfUGMpgxlkvQVFL_UKoGJ3LQPWZTdXdwyzNqf0vGH4C7mrELagCS-7OEnq4zqAGELNgj2bUgzU-vWLeEIGTpiGFobn2gmVU5g_sZjIV9SdfwXSXTCjKXgItrn-8HlGCx6QJ0yFgiFDSTs3Oetk7jbruVkQ0pJbsRH6GuBNP-rC5PanjN4A2gajmszLhBvWuNDo2DGbyWn26G-RbYcLJKIgPwcrgKfbYk4eC8Q0wtevg2fZ3fgNR0NEUDREEzX__5ybQ4dkljoVy6ncsOT4H_mPSrO7Bjc78oO-QS5XQlbwpYFn9gKKHnHsOB5c5xqUU9THEC9RyckF8HWrnnYjhki31Y03tDyu3ZrY9Qfq3fQVdVT48kQ-qbhuFysgEnyDWY71o_beUo1bzBwj475KYgAUEJQpmYIWNgwhk9aaBGXnUszcQMO49MpMYqVVo2VjMkQbGnzFE-xKDPyWEhqkMK0v6ChcSF5v0Tji6zqPyTgkn2bHFBvnKJl8bRfCjDe0S3WlyBlqsOmOazoWQ2k6EjuVfjBua0nkfXJTOYK_ELEOMlBN0-RTzU5yYNx-CEsH3AfjUnIU-qEy6mUWlvuW60AlpJQN5em6OofSvdfuTk6vlDBycMa8KxFjYRNS5ZTub-9IZfIzqldWYOYtUeaQG4RzjZqqjPix9wFqHp1bRqj8ZDJ4cVkmaoeXrVCCl1VwtRyXonwkNElVBFC6hmzEbwo9WJti7-TR6vdUv0EFhNqsHSpKmGQoKZ3NiWFKZ9p3Ma_CLZLKeLSamlXZdDbZSJ00KQwRskoS3oKMJP5g53qitXlQXmn7mvd9SUAxzrHTYJGbfoBIAMLpSVSzXHYP43cIT8t1inO3BgqpZrBfjqgWD1_Vbd--sv8IwArBOf32Jz5Th5YTSarprsjQj7C-JbjWXVKa4Mc9ebEZpbxduiMkCux0QkY6nZxCNV-PHzfpWJB0RnLVoJTqc7jUqKhBRVYxc6aVdW4E20zAx0TX66BSdWT0YpJosoXcZlw-qVdDrXjSNNaLukaZKfrjsB8w5TIb7iyYmX6XNO3J1zMLNi-RRAGYgjNJoJYnA5GwXoOEvofLdwoDO50HFJoxbd5ecBpvksTmJDcxx0PsJpJXA9HHW4U5KorzKJ8otDUrxeQYHXZtcW63EzTnvcgzTlBFzgTqRUvZ3xRk-C3Wuc6AU4Ugo-Hc5ekMHo040HFSQLo_ywu9jyhttof8WtPcvKSqtODPmxJsjlujcrRF_b9uP7GdWrneov55jxTkXzr0CmN3FQvPDT59z6am75dg1Hloyrhi02plC1-KHw2UWbv0WtMSD8B0gfNpk_GRTr5CuoZx0DU63z6lbc-M41zhQZO6Fr6c8QQ4ht7HcLAlVWX_AglHmh46p0u4VOUQGAexZ7I1CRm_29M2wrr7TI8sKD7EQMXavZn6ne4pEUiLvFhIDQGqxJCk2vfygWeJ6yhrs4hbXf6s6C12-BUe00UvTuFyVkvSB_-ZeKdUHqV5RdZjS63s0-QRNd-8xOWGd6Y12gctOdIlV-xlaOJLzMgdZxVBELXtQCu79sg2Wi927-0nbTYll7fKjMtESn3-gBrcht_1lCXvybOhBQ8ORS5pX2CDdz4t8dhhu0l6eo9CXF0oliB1NoZjdB3BHX7anh8z2IfJY7RO7Sdgu4L6ouQFeu9jIpXE1kNVjvT-HxgxHzM3vM7Mae-5whJjxsO3GtWgQDt-Y0AMpcvMT0BLiBs4-3PBOZ9Qm5y-ECZGJrAAfHqoFEBI9lFPKRMckyOcNV5LtrZseWQQwdwYMeT-VBPI6TSMesriU3LJMasolqO_M6voBeEkju9y6K-Xmt_-YusFxHYwnkIyRgpVZk8XbFfvG_Rjvkut7EirwsXdJ6VNmjBQKmt3Aiy4WtOWLx6G4wPQhPPXYM808kirGvL1JT6Zvlaj8kVZiEFGfvslkEGi2WKkfJoPmuviqSpg8SUhaHb1BNiunNDcx9rxJ7waKc24ZZuMvyHwxcMM5X-Ehe-F9AbUz9YyHO3DrzVD0PHd5ZrOWVgJiSzc_5zqUyvNx2iH-r6fkoTlJy9uvkgVgpV89slijii7TvvVBeYpZGvHq-J-ZTq7gqjLTown2Upx5AlnjluGouCizYB4JHjHNjuUD_YpEeRIHIVcU7o0WeDboSeu8qnS5k6KSQ2XVZNlJtVZHIhFJsUAoDX4OUva2jRtzTNFbx76WSuYvxBM5VoPD1fraD2wstmOzbeOq0NDQqcUNRyo3_BXqp0Dxc74G4JcBMNpd4b-NIpuVVY_0xWCrk3M9VSYg3CntfL3nevJcDpl6Kq_x5pP2TktRF3iaIRUsnlPN7a2fZ60w50wNwHxiljfViWteHGhkz9Pplf7LWcNy0JZbsFU4mT_KvzIwv0vtez-eMqaZBR_mbUDURTas2hgCKHycKcPvm19PbZ7XtVEAV32dojGXmB-f7rZbtq5OxsHjqkqLnfBEXOro2uLYLx6xGEdX3tuPABGGfRjoxU51iOIG2w4j8Ygk-3cRpbdo3iRrGMl99MEYzqVzs-q0OKA5CaAm4AkEuqGlG6dYTOvw7j5u-41w8wyck7R9G0ZRP9B34C5HRJylx49KDQeU1U-_7cdJNeOwhotHTlyrVOz0v2CsH3wPU5-YuC8KfDJ_tCSb1vkI4y9clAEITNpbxlg9x5vUim6wsnPxG0CzgY8gLwko9YE_FACMTuLCRztlTymi0ArzTUf_pU8XEJ2uZeYBYUdsma6czlbWeSesmjqKbgASoXEzCZCiWOxkU5t7z8RPZz2LI3N-CVMfnn2kcKKUq7eOMBcaNET2tmpo87zAbu_ZYLIte19cvZuueanw0waXgNoCZqysbwGFhTzWXczeG2HXV8FeEtaTA6Ef-BJOUfwB-EXiNpOfIx9l7ecGYEc3L7DU8nZeyZIjU9muWMgSdDZGukxuvdGXI7ZlLefhW38skND31xTlsbJgUmeQkRlrVgyPsV8WzamTUYBOtI_kS6nFznBNrjCMiacECdxAqXZ0XjYyZvQLtxCl7LYmJ4ozRmpX-oF8orYpP8luQwcg8uQ71V7C_ijasBGoAAHgOmTlAac5NOLSlZ9N3MMbrA0QRrt2PMDbYMFoBtXQdDIBzkjTC2DnfDw4Yku3mtN6uu4M4w_P7XLmETRviTfAAOWl6v2uNfcaC1H0aViSBIp12nif6zWITn-GZ0_tZLa8U8lobSQM19vUbEnNnNVR252HjxjcgEHn7h92PYRe0cGDy_TK4bIg3Vddx5aKlcuoD90rrx1Bm6w7ZMicUoRW8l-hytmSiY8tHI0dNoCgHxIcs-BRPrS0yuWZ3uGKeuOpZ0U7kkVaAJ0hNLzCAaOKuu4hdH9gC-rWh7tgU9zxVVKCK1_xbrrYbAi8u9aFywfO_vCInHT1t6DjcudjYe2OcxV6kh4GBUvhg&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14003009443938914000&adk=250412561&idt=792&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
12577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E9A1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVxeRbN5wFRXo2ZkzlhnZxeklrzChuFbt12hknzMSBb8pAaGzbjSffFJGpWWLfZy4t_Ll-SLezfnUDi-_BTnjTX74BVspIM2Tj7G9sIxm--WAkp4wSWCfe0DSvbWXonKa1jnElqeUtP2mFJJbjkS4jou4TmOmFHFaJCBAGVmF0eeAc4A0&cry=1&dbm_d=AKAmf-CBSSC4PY0oLgZDEctMTfGgsbhOZ5394Q-HxzKq7axlB-EXUr9Q4bT8_VsD21n0bPIpjRuiq38ts_cDJsT13o0F99SoSeBZ_yENpaigtMTKdAmDS4EiwXsxy1djWD3wSV9i7ZH1aNBXlqmpsl52aHKTJ8TNhqgD-rrxaytrOgf1UgTREvr-cGwqlbODncLhe13sKo6oRl_D1PojXjTzKTShU2M8VgFVfSEPfW2I0X1i6S1Jpu3_tPWiWCRLyOyRCLsUL917NHiPPhhCZZ3e8RE3gjH4X_G7jh3-LDVCGkvMaF4qhf5XVYCY8M7avgczeYRrmJTaF9oysNUfoN9sKAjy4GD97dshV4d8-c2q_0a9yGAMKUCw6DgY_qyU851B6BburDZWiXKXkn5qAplXU6Lc1Xu1Ya7wb2MojBXnw9MHsSXXO2CnadpdkOBJT0ij2_J12p_wrQDv5zJH_L9u3z62dwfqQD0RXyoI3OKeRDBW814yZjANDxAOyjIo0rtrAGIW8OV4QDILK3kUWgKgYmh72-GuzKXy2KmYedZIwnVFCifcvLDUt9cRbS2DkTNSsaUnWaDtuYl82bs8qTp2JnJl7jrwxKbn8UBky43TyAoe1o51eV7B5FRbw8iGXCm3PvAECmupGc_lN299iG5cKx7qQq2Ofx74tem-pgzJNpxa4Af47r5SuRbhoclnB265EtLsNS1iEQgHI6mbjcku58kLaACHrMPwcBqR9BVNP8dUtypcAvLA5rCm9BYiVwovGK1PIQ9wX6pn0GjEcYiFDZb2f-ZbaZG_HmNjERl3YXe_DBZfUGMpgxlkvQVFL_UKoGJ3LQPWZTdXdwyzNqf0vGH4C7mrELagCS-7OEnq4zqAGELNgj2bUgzU-vWLeEIGTpiGFobn2gmVU5g_sZjIV9SdfwXSXTCjKXgItrn-8HlGCx6QJ0yFgiFDSTs3Oetk7jbruVkQ0pJbsRH6GuBNP-rC5PanjN4A2gajmszLhBvWuNDo2DGbyWn26G-RbYcLJKIgPwcrgKfbYk4eC8Q0wtevg2fZ3fgNR0NEUDREEzX__5ybQ4dkljoVy6ncsOT4H_mPSrO7Bjc78oO-QS5XQlbwpYFn9gKKHnHsOB5c5xqUU9THEC9RyckF8HWrnnYjhki31Y03tDyu3ZrY9Qfq3fQVdVT48kQ-qbhuFysgEnyDWY71o_beUo1bzBwj475KYgAUEJQpmYIWNgwhk9aaBGXnUszcQMO49MpMYqVVo2VjMkQbGnzFE-xKDPyWEhqkMK0v6ChcSF5v0Tji6zqPyTgkn2bHFBvnKJl8bRfCjDe0S3WlyBlqsOmOazoWQ2k6EjuVfjBua0nkfXJTOYK_ELEOMlBN0-RTzU5yYNx-CEsH3AfjUnIU-qEy6mUWlvuW60AlpJQN5em6OofSvdfuTk6vlDBycMa8KxFjYRNS5ZTub-9IZfIzqldWYOYtUeaQG4RzjZqqjPix9wFqHp1bRqj8ZDJ4cVkmaoeXrVCCl1VwtRyXonwkNElVBFC6hmzEbwo9WJti7-TR6vdUv0EFhNqsHSpKmGQoKZ3NiWFKZ9p3Ma_CLZLKeLSamlXZdDbZSJ00KQwRskoS3oKMJP5g53qitXlQXmn7mvd9SUAxzrHTYJGbfoBIAMLpSVSzXHYP43cIT8t1inO3BgqpZrBfjqgWD1_Vbd--sv8IwArBOf32Jz5Th5YTSarprsjQj7C-JbjWXVKa4Mc9ebEZpbxduiMkCux0QkY6nZxCNV-PHzfpWJB0RnLVoJTqc7jUqKhBRVYxc6aVdW4E20zAx0TX66BSdWT0YpJosoXcZlw-qVdDrXjSNNaLukaZKfrjsB8w5TIb7iyYmX6XNO3J1zMLNi-RRAGYgjNJoJYnA5GwXoOEvofLdwoDO50HFJoxbd5ecBpvksTmJDcxx0PsJpJXA9HHW4U5KorzKJ8otDUrxeQYHXZtcW63EzTnvcgzTlBFzgTqRUvZ3xRk-C3Wuc6AU4Ugo-Hc5ekMHo040HFSQLo_ywu9jyhttof8WtPcvKSqtODPmxJsjlujcrRF_b9uP7GdWrneov55jxTkXzr0CmN3FQvPDT59z6am75dg1Hloyrhi02plC1-KHw2UWbv0WtMSD8B0gfNpk_GRTr5CuoZx0DU63z6lbc-M41zhQZO6Fr6c8QQ4ht7HcLAlVWX_AglHmh46p0u4VOUQGAexZ7I1CRm_29M2wrr7TI8sKD7EQMXavZn6ne4pEUiLvFhIDQGqxJCk2vfygWeJ6yhrs4hbXf6s6C12-BUe00UvTuFyVkvSB_-ZeKdUHqV5RdZjS63s0-QRNd-8xOWGd6Y12gctOdIlV-xlaOJLzMgdZxVBELXtQCu79sg2Wi927-0nbTYll7fKjMtESn3-gBrcht_1lCXvybOhBQ8ORS5pX2CDdz4t8dhhu0l6eo9CXF0oliB1NoZjdB3BHX7anh8z2IfJY7RO7Sdgu4L6ouQFeu9jIpXE1kNVjvT-HxgxHzM3vM7Mae-5whJjxsO3GtWgQDt-Y0AMpcvMT0BLiBs4-3PBOZ9Qm5y-ECZGJrAAfHqoFEBI9lFPKRMckyOcNV5LtrZseWQQwdwYMeT-VBPI6TSMesriU3LJMasolqO_M6voBeEkju9y6K-Xmt_-YusFxHYwnkIyRgpVZk8XbFfvG_Rjvkut7EirwsXdJ6VNmjBQKmt3Aiy4WtOWLx6G4wPQhPPXYM808kirGvL1JT6Zvlaj8kVZiEFGfvslkEGi2WKkfJoPmuviqSpg8SUhaHb1BNiunNDcx9rxJ7waKc24ZZuMvyHwxcMM5X-Ehe-F9AbUz9YyHO3DrzVD0PHd5ZrOWVgJiSzc_5zqUyvNx2iH-r6fkoTlJy9uvkgVgpV89slijii7TvvVBeYpZGvHq-J-ZTq7gqjLTown2Upx5AlnjluGouCizYB4JHjHNjuUD_YpEeRIHIVcU7o0WeDboSeu8qnS5k6KSQ2XVZNlJtVZHIhFJsUAoDX4OUva2jRtzTNFbx76WSuYvxBM5VoPD1fraD2wstmOzbeOq0NDQqcUNRyo3_BXqp0Dxc74G4JcBMNpd4b-NIpuVVY_0xWCrk3M9VSYg3CntfL3nevJcDpl6Kq_x5pP2TktRF3iaIRUsnlPN7a2fZ60w50wNwHxiljfViWteHGhkz9Pplf7LWcNy0JZbsFU4mT_KvzIwv0vtez-eMqaZBR_mbUDURTas2hgCKHycKcPvm19PbZ7XtVEAV32dojGXmB-f7rZbtq5OxsHjqkqLnfBEXOro2uLYLx6xGEdX3tuPABGGfRjoxU51iOIG2w4j8Ygk-3cRpbdo3iRrGMl99MEYzqVzs-q0OKA5CaAm4AkEuqGlG6dYTOvw7j5u-41w8wyck7R9G0ZRP9B34C5HRJylx49KDQeU1U-_7cdJNeOwhotHTlyrVOz0v2CsH3wPU5-YuC8KfDJ_tCSb1vkI4y9clAEITNpbxlg9x5vUim6wsnPxG0CzgY8gLwko9YE_FACMTuLCRztlTymi0ArzTUf_pU8XEJ2uZeYBYUdsma6czlbWeSesmjqKbgASoXEzCZCiWOxkU5t7z8RPZz2LI3N-CVMfnn2kcKKUq7eOMBcaNET2tmpo87zAbu_ZYLIte19cvZuueanw0waXgNoCZqysbwGFhTzWXczeG2HXV8FeEtaTA6Ef-BJOUfwB-EXiNpOfIx9l7ecGYEc3L7DU8nZeyZIjU9muWMgSdDZGukxuvdGXI7ZlLefhW38skND31xTlsbJgUmeQkRlrVgyPsV8WzamTUYBOtI_kS6nFznBNrjCMiacECdxAqXZ0XjYyZvQLtxCl7LYmJ4ozRmpX-oF8orYpP8luQwcg8uQ71V7C_ijasBGoAAHgOmTlAac5NOLSlZ9N3MMbrA0QRrt2PMDbYMFoBtXQdDIBzkjTC2DnfDw4Yku3mtN6uu4M4w_P7XLmETRviTfAAOWl6v2uNfcaC1H0aViSBIp12nif6zWITn-GZ0_tZLa8U8lobSQM19vUbEnNnNVR252HjxjcgEHn7h92PYRe0cGDy_TK4bIg3Vddx5aKlcuoD90rrx1Bm6w7ZMicUoRW8l-hytmSiY8tHI0dNoCgHxIcs-BRPrS0yuWZ3uGKeuOpZ0U7kkVaAJ0hNLzCAaOKuu4hdH9gC-rWh7tgU9zxVVKCK1_xbrrYbAi8u9aFywfO_vCInHT1t6DjcudjYe2OcxV6kh4GBUvhg&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14003009443938914000&adk=250412561&idt=792&cac=0&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
379443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0Nzk4OTQ0NAogIHNlcnZlcl9pcDogODUzODIxNTUKICBwcm9jZXNzX2lkOiAxNzc5MzI3NDc4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkK...
ad.doubleclick.net/ddm/activity/ Frame E9A1 		0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0Nzk4OTQ0NAogIHNlcnZlcl9pcDogODUzODIxNTUKICBwcm9jZXNzX2lkOiAxNzc5MzI3NDc4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2htLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAxNQpldmVudF9pbXByZXNzaW9uX2lkOiAxMzk3MjY3MDkwMTU2NTEzMzU1MApkZWJ1Z19rZXk6IDQ1OTM3NTI4NDMwODI0MzY0NzIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTEwIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTA1NDU5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MTcwOTU5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTcwMjE2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDc4MzEyMjQ0NQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzMzk3MjE3MgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9obS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly90aXFjZG4uY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vaG0tc3NyLXJlc2VsbC1wcmVwcm9kLmF6dXJld2Vic2l0ZXMubmV0IgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x8db19196cfa450ee0000000000000000","13":"0x27f0aaf5359dccf60000000000000000","14":"0x447d441cb919d03b0000000000000000","15":"0xb4170fe1b4ff7740000000000000000"},"debug_key":"4593752843082436472","debug_reporting":true,"destination":"https://hm.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["9054599"]},"priority":"0","source_event_id":"13972670901565133550"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 05AF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
275273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E077 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNOfEWepjcKeGM0oPfRI1doKUjNSiI32cZfTP6ZbMhn5uiRyW_du3iv8Xxt2htkolO8YOENfT3gqY-3erNRUqkdy2a4OkCz3B2T12S1_UexvOK97Cn_RLwoj5I0OfBGk7koU5BKtEFOqGYBXAi3xnHDYlT5ZPAfZH3bNRyxojXbTGsMtY&cry=1&dbm_d=AKAmf-A_JbB6lo9n6-8oIrFmS37kiKLW9L37-j6ltjseXJAqPsQgC0jOaAZfDHYi26OGCGhskLonpu4f3g-v5S4NwY61MvVeoDYsEOWvtFUzj6pn1c814FEyrlIeV1Ga845YYg01RvFb_qsBo1NRiWxzw9Ox1Q_qDHh3y-12eF1TTvKGRWc2zZX9J6ulid6A-uAny2ynSymZl7I4mVp_1oEIzRnI2rQWINKx7syIBnwNdEVMi-nHTTAJqV31q5ylpGB8bsYj8BESJpPy0EI75yVDTUZhNn08JNg8GYRmhiZPneJpqFNjykbkYxfKCSmgPyDxhh8pGQxNo1URpcNOcJ-jAVJ6X_nMsepooGscYKFoCf8uxRBJ9qoyRHD0adMpnUxiivyJ3zkPjkwgH1V3-juLCzCUPSxEv6Vc6yoxWY9SHqKQbiFyyuyQgUh_oJiyzLdzMP_HPUtJUDO-9Xgth6BW216ooWVseBjcYEVbIPVvzdmKQYAdcYLIUMtFLx4094gq5Tjqld91YbB5CaNqjcQvH22LxAGrT6pLZuRfowTrjAeoe8haJqN_kHB7MpzNAQmeczl9fwDeELyvY4dq8nK0FmcPBl5lSJwiUw9MUV3nI6VnTKvEROtnr07jQAVSStkJ5cgPrhnRRl9Jm9kUXxZa-1HqbsWYEdW_--FLIsyMoRxEUdAMaaeuzNKVoJPyHcCbZptXIvtkKOqbxmxC_ReXsm0Lz-7pOGzNF0xBto9pGhZtXztUPu0qKR6B-wrj-ATieRm1VYWRv0djn3OkDPX2UOMcfXqjX3daDHZq2soAUdrwJDMj9eBeXcluWRR6H0cx_5cyChXw8l63Ve1o2xq6Y-MwQemWpYoPvH3xw3LmwX2qUC9yVY53jqnRIOdjQtjDSKZJRFbKlKjF0JJvbdGBDjw9CTY6h9fP8WQ_UcPH3aLF9qUCRGf2lWtKnbeM6zq4UUkMI137bnt8HsvCGooxA5KYBwD1GqYXU9JZVJEa5R5Aia1IImolJ977xLsKs4usN14tD9bSUdfwDjIKbWMhJ3ymLooCSR7i7uuTFf-E01R2hmebdzSdPix_DG-WlOKaZ6CxlR_SEyJ4lGzFOwYgPV0o63H3i8OEInD6UbuUFDZE41ADpg5G06dRHTRTPcTmz7g9tBvoLq8dOCzvIjPjvtb5Qv7ybQNn4HXp18YiVof_-DaN88gCIaRsqdDC-zx9Xx6m76pZuPrSlV8AT3zQg5opQb-KojYKqxKBHROGV-63tfJWcGhksgCQwXdoiRf4_TOAMexaOajniIsRKJZ8A2W5eOUNK8lGybwZVBtLiyLVmlaUZFT1zH5hLpQICdJxNB9nN51z3RgZwZlDRz_sCFamnq0TdlJ2xsaH34s0Vor3YJv4ikGLzkCRkaADKRHy-HKyeOG3QCR5xARV5hQueUUA6-jG8uSx2xjuIurnJfLFuCuM41s3u8mjyQb5LdceCXUrHhGQzPC2qMH-wX22Gsb30gnsFEoHr8r53GGBsD9dAUC5fClkzubGALdRaxZ2O_vFb_n-3wiVbi-FuTJjGUxoxXaNyK9TrfLu-pP230XvCGuLb4mYlgefm6K_CBrBiDrP0BuvZzYgjglsk9EkellUrAH_Jw2jkGzQ3y8NAFI_D3bH6hwXghhxYGYTjONGgkixXZsI7LGJw8l9OAT-0Nd5s9M_zADvkxzCHrh4KHvqFIBbt2cvhv9E9dT4x7dItFzt8RIBiOlGYWiz4XwC7_6skvKzvmR6rPX0-0b26PB_Quw2rCYeP1vy26QrXcMFzhls7e2jDjUlfrOK0YQZ0w0HQgFIw_6XrDXI4ik5cpH6AYej04u0Z2T8QyUJHYYwyFnjtxmNkPfj1uBNl7FQQ9EBXGq8MWkkz-55TH_ZeVGQqsUnn_tQ10UBfkDMM6nvLcFEfuktzWm6dvEH1spwB8wrO6CvDPyHubYAMKHkP1MJxb_c96uID_aSA58qm9H6im3bVsVW5aJAA1A4aCMe4Rc-i0waczwJEEd0xkkaFZwvfiEcCyKWoZzoM-_7ukYY4ozssOYRi87BU1s4m38I_rwKdjCMsFXIsPET7lZBSxZN-1eEx69tNMDC0QHHE0wDoIMrvuKvrUArVrLWKLJyW_zRXZG6ttok0T1ZIT6wwxzXd1hvpofRDtvtP87unMkFWCek-RMsaLhpqGt49BUAxsemczBktNlZy3TOb9bAdg1m7-wEhQY9Lwib_PFxlmfWCB018B4fyhHxe0JxuR-RNurl80zLDuTOSBAgq9akVjDQ83osVK4uVzTsLMgsL0sBVA-lYYpsx6SvwMdF3Nj81UANR6yOZpzRhUrkK2JHkmSnsexk7m3L-oth2tNMeVA4bdCaFyQ1zLelEVDvZ17oGnZsCQYs4h9GeBvCPX7_R1yr6LuDjyyGgY7s9_8l0gk3X0_dw7qQkSnNJXYtu3vexl_W0mXSh4LGpQ6UCUQ23PMX_nErzWe59AzYi7QU1wtc7nBB20a17K2m38CexNvMDOsy9UD8_yhkrZuDGiqvpIehAvLDBVAp6zYsefsjHs8ptGGF_ICge3VqaaGiR2hn19lB5f1SqNH-0ttKzrqhjP07tuOMcCJ_EJYPyzPq9fdjgflF61ET611yIfmAQCCcgM3nPrbdq7iVzZq22zl5cgop9dmcmnAT5h2MmBnGaUz78aepGnBClgJ1fk_fQOjKCNf6gOgbz8EK9G977y93TAp7EQQul4HK6Rho494G9WvOCBl4YoPWHL0vxTvMe1aqsSL3T6voL8UqzdAv7ReuhO_paCzUchEWlryRD_-AkjCdJ_wqXI17Z5m8I4aaJM6dnL4e4kdTigCwqMkZwLrlm8xr7UT5yEzNztQWswS0pQ8kq2GrC_Kgvz_dKmQI6yeC82aGNodSI7CmmhNeDVMF6qXIkhDmAqaDoqoxjSVL-WNpWCt_WDkp2PamS9sj8vtwn4Bdi_AUmjdmm8RHCxt1bHRv4o604JSN9svdctNgydRvQq57TZz8WhWprinbQz02mdIaLAdWtEB9dVcIhfgXBg2NP7HcsZmdlG_YW9EXLQXGQMoQ1DgamJAqEdffDsw1cpeutMsxeU7q9cgQcgpSMSvg1tyFjC-NrHXSQAPncZpgXRJ7in3rURYbevB72kh5NrC_75FAfJxg-_4tOsqmxX6F11MOLiR7ZlVgYig2FURMHPV2J-w_Dq6DRunOGg5ZgHrp7Gh5zA2-P4Pkzzd8mZE00PyEB9RbS7Q9ZMvnoLTF8NkaXUPgMRRPK5ajxInYBGUPbs9z7KNs5R4nXJmY3EcdO-GJtYhZjDwq2jUHUJvGzTejgAT1zYKbDr7V8kd9lAupWaXZAZsQieRrDJqhvnbk0-XRUunM2XStx1YWoxXf2ZSVQbJs486uMMU5DeOpRq7MzLRIR_8KGdewWspmjNK_iylA0EinkRgFyLxrHJkdjofY-jE7F2GPs19jZ9f5V9Xui3FO1SURZ7QdXgQRAqodJmcp7wfa94RK1piNHp9U6CzJqF7qgQ6fQGkfYqIgYet8EX_ztxpHICICfE-wa0tIdu2qbdhUCRzISOElG86AkHvTMQKiOozZqlDkbhnBunYuXXgsvxR1prR9aar05QLV0m1EMH4nCSShoDwy22Ya9IEsjnCocYk4qkyBlrXGScSnq2vJnIJQfca7jMmUl-bKuMxOpUFrNLVJebhlij1fXh0EclYX6W8DKnTltR9Jffqxf0GsGGoFS6oQ0HuAvyIBoFqHUb4HNv0GcStU2RqCOkqJ8mjeI4bXWMFYtAV97Ld7ui7_xaCNaxdMZtOLaAvA__zabIx3YnYdhukLGk3VtqDqIyZbpDPPja3ysnZ9ipy-F02P4RiDLqOJ5T1lYEmFKMj3fdXeQBnMBug7rNCNxf9yKYt0Ausbol7VqlvGIUyDMBmeHJvk3sR_L_Lgwk24XE4oe-vK7UA7205mhmz2QuKHr28HR_VIT1UYT3xXHNzX5yyFWG4GoCVQ5204QaILAHD-7vQ_Dq2LBBXRGAyfPVv0rbpYFXz2K5lqFVggzUlRI07p6Pphv1yhr4L5mGJ8jbkF61ueDnUPCX7U0YKrAygUBwsnUqaoSiiBPkW9L6N_l_LD7KL_Pz-Xdk4cb3j-reJeca8gpJRLb3eOvl7Awf60qPVN8xPArpKwedw5YZT5I1pnRBZt9xtzjd8B9RMk6ktP_iTgO4n2MfLX6Uxt4yFQ1Roo93Io6De6D4kugr58bjWp0AKunHmFV8UU4d3gEJKNhF-L3kTC-xyX-FweVPLXFfKC0-jMzMZNMhgNDSQHsb1oZeNtMzp9DO_SYhMH0kMOf8w6hyZMnRjKlQjJy1-dwCW3PspHeVZ1Z5Zu4ydxLiK_B8DnGlJJiBPqh5QOeNLs1_0&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14360454527219851000&adk=2228999114&idt=798&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
12577
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame E077 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNOfEWepjcKeGM0oPfRI1doKUjNSiI32cZfTP6ZbMhn5uiRyW_du3iv8Xxt2htkolO8YOENfT3gqY-3erNRUqkdy2a4OkCz3B2T12S1_UexvOK97Cn_RLwoj5I0OfBGk7koU5BKtEFOqGYBXAi3xnHDYlT5ZPAfZH3bNRyxojXbTGsMtY&cry=1&dbm_d=AKAmf-A_JbB6lo9n6-8oIrFmS37kiKLW9L37-j6ltjseXJAqPsQgC0jOaAZfDHYi26OGCGhskLonpu4f3g-v5S4NwY61MvVeoDYsEOWvtFUzj6pn1c814FEyrlIeV1Ga845YYg01RvFb_qsBo1NRiWxzw9Ox1Q_qDHh3y-12eF1TTvKGRWc2zZX9J6ulid6A-uAny2ynSymZl7I4mVp_1oEIzRnI2rQWINKx7syIBnwNdEVMi-nHTTAJqV31q5ylpGB8bsYj8BESJpPy0EI75yVDTUZhNn08JNg8GYRmhiZPneJpqFNjykbkYxfKCSmgPyDxhh8pGQxNo1URpcNOcJ-jAVJ6X_nMsepooGscYKFoCf8uxRBJ9qoyRHD0adMpnUxiivyJ3zkPjkwgH1V3-juLCzCUPSxEv6Vc6yoxWY9SHqKQbiFyyuyQgUh_oJiyzLdzMP_HPUtJUDO-9Xgth6BW216ooWVseBjcYEVbIPVvzdmKQYAdcYLIUMtFLx4094gq5Tjqld91YbB5CaNqjcQvH22LxAGrT6pLZuRfowTrjAeoe8haJqN_kHB7MpzNAQmeczl9fwDeELyvY4dq8nK0FmcPBl5lSJwiUw9MUV3nI6VnTKvEROtnr07jQAVSStkJ5cgPrhnRRl9Jm9kUXxZa-1HqbsWYEdW_--FLIsyMoRxEUdAMaaeuzNKVoJPyHcCbZptXIvtkKOqbxmxC_ReXsm0Lz-7pOGzNF0xBto9pGhZtXztUPu0qKR6B-wrj-ATieRm1VYWRv0djn3OkDPX2UOMcfXqjX3daDHZq2soAUdrwJDMj9eBeXcluWRR6H0cx_5cyChXw8l63Ve1o2xq6Y-MwQemWpYoPvH3xw3LmwX2qUC9yVY53jqnRIOdjQtjDSKZJRFbKlKjF0JJvbdGBDjw9CTY6h9fP8WQ_UcPH3aLF9qUCRGf2lWtKnbeM6zq4UUkMI137bnt8HsvCGooxA5KYBwD1GqYXU9JZVJEa5R5Aia1IImolJ977xLsKs4usN14tD9bSUdfwDjIKbWMhJ3ymLooCSR7i7uuTFf-E01R2hmebdzSdPix_DG-WlOKaZ6CxlR_SEyJ4lGzFOwYgPV0o63H3i8OEInD6UbuUFDZE41ADpg5G06dRHTRTPcTmz7g9tBvoLq8dOCzvIjPjvtb5Qv7ybQNn4HXp18YiVof_-DaN88gCIaRsqdDC-zx9Xx6m76pZuPrSlV8AT3zQg5opQb-KojYKqxKBHROGV-63tfJWcGhksgCQwXdoiRf4_TOAMexaOajniIsRKJZ8A2W5eOUNK8lGybwZVBtLiyLVmlaUZFT1zH5hLpQICdJxNB9nN51z3RgZwZlDRz_sCFamnq0TdlJ2xsaH34s0Vor3YJv4ikGLzkCRkaADKRHy-HKyeOG3QCR5xARV5hQueUUA6-jG8uSx2xjuIurnJfLFuCuM41s3u8mjyQb5LdceCXUrHhGQzPC2qMH-wX22Gsb30gnsFEoHr8r53GGBsD9dAUC5fClkzubGALdRaxZ2O_vFb_n-3wiVbi-FuTJjGUxoxXaNyK9TrfLu-pP230XvCGuLb4mYlgefm6K_CBrBiDrP0BuvZzYgjglsk9EkellUrAH_Jw2jkGzQ3y8NAFI_D3bH6hwXghhxYGYTjONGgkixXZsI7LGJw8l9OAT-0Nd5s9M_zADvkxzCHrh4KHvqFIBbt2cvhv9E9dT4x7dItFzt8RIBiOlGYWiz4XwC7_6skvKzvmR6rPX0-0b26PB_Quw2rCYeP1vy26QrXcMFzhls7e2jDjUlfrOK0YQZ0w0HQgFIw_6XrDXI4ik5cpH6AYej04u0Z2T8QyUJHYYwyFnjtxmNkPfj1uBNl7FQQ9EBXGq8MWkkz-55TH_ZeVGQqsUnn_tQ10UBfkDMM6nvLcFEfuktzWm6dvEH1spwB8wrO6CvDPyHubYAMKHkP1MJxb_c96uID_aSA58qm9H6im3bVsVW5aJAA1A4aCMe4Rc-i0waczwJEEd0xkkaFZwvfiEcCyKWoZzoM-_7ukYY4ozssOYRi87BU1s4m38I_rwKdjCMsFXIsPET7lZBSxZN-1eEx69tNMDC0QHHE0wDoIMrvuKvrUArVrLWKLJyW_zRXZG6ttok0T1ZIT6wwxzXd1hvpofRDtvtP87unMkFWCek-RMsaLhpqGt49BUAxsemczBktNlZy3TOb9bAdg1m7-wEhQY9Lwib_PFxlmfWCB018B4fyhHxe0JxuR-RNurl80zLDuTOSBAgq9akVjDQ83osVK4uVzTsLMgsL0sBVA-lYYpsx6SvwMdF3Nj81UANR6yOZpzRhUrkK2JHkmSnsexk7m3L-oth2tNMeVA4bdCaFyQ1zLelEVDvZ17oGnZsCQYs4h9GeBvCPX7_R1yr6LuDjyyGgY7s9_8l0gk3X0_dw7qQkSnNJXYtu3vexl_W0mXSh4LGpQ6UCUQ23PMX_nErzWe59AzYi7QU1wtc7nBB20a17K2m38CexNvMDOsy9UD8_yhkrZuDGiqvpIehAvLDBVAp6zYsefsjHs8ptGGF_ICge3VqaaGiR2hn19lB5f1SqNH-0ttKzrqhjP07tuOMcCJ_EJYPyzPq9fdjgflF61ET611yIfmAQCCcgM3nPrbdq7iVzZq22zl5cgop9dmcmnAT5h2MmBnGaUz78aepGnBClgJ1fk_fQOjKCNf6gOgbz8EK9G977y93TAp7EQQul4HK6Rho494G9WvOCBl4YoPWHL0vxTvMe1aqsSL3T6voL8UqzdAv7ReuhO_paCzUchEWlryRD_-AkjCdJ_wqXI17Z5m8I4aaJM6dnL4e4kdTigCwqMkZwLrlm8xr7UT5yEzNztQWswS0pQ8kq2GrC_Kgvz_dKmQI6yeC82aGNodSI7CmmhNeDVMF6qXIkhDmAqaDoqoxjSVL-WNpWCt_WDkp2PamS9sj8vtwn4Bdi_AUmjdmm8RHCxt1bHRv4o604JSN9svdctNgydRvQq57TZz8WhWprinbQz02mdIaLAdWtEB9dVcIhfgXBg2NP7HcsZmdlG_YW9EXLQXGQMoQ1DgamJAqEdffDsw1cpeutMsxeU7q9cgQcgpSMSvg1tyFjC-NrHXSQAPncZpgXRJ7in3rURYbevB72kh5NrC_75FAfJxg-_4tOsqmxX6F11MOLiR7ZlVgYig2FURMHPV2J-w_Dq6DRunOGg5ZgHrp7Gh5zA2-P4Pkzzd8mZE00PyEB9RbS7Q9ZMvnoLTF8NkaXUPgMRRPK5ajxInYBGUPbs9z7KNs5R4nXJmY3EcdO-GJtYhZjDwq2jUHUJvGzTejgAT1zYKbDr7V8kd9lAupWaXZAZsQieRrDJqhvnbk0-XRUunM2XStx1YWoxXf2ZSVQbJs486uMMU5DeOpRq7MzLRIR_8KGdewWspmjNK_iylA0EinkRgFyLxrHJkdjofY-jE7F2GPs19jZ9f5V9Xui3FO1SURZ7QdXgQRAqodJmcp7wfa94RK1piNHp9U6CzJqF7qgQ6fQGkfYqIgYet8EX_ztxpHICICfE-wa0tIdu2qbdhUCRzISOElG86AkHvTMQKiOozZqlDkbhnBunYuXXgsvxR1prR9aar05QLV0m1EMH4nCSShoDwy22Ya9IEsjnCocYk4qkyBlrXGScSnq2vJnIJQfca7jMmUl-bKuMxOpUFrNLVJebhlij1fXh0EclYX6W8DKnTltR9Jffqxf0GsGGoFS6oQ0HuAvyIBoFqHUb4HNv0GcStU2RqCOkqJ8mjeI4bXWMFYtAV97Ld7ui7_xaCNaxdMZtOLaAvA__zabIx3YnYdhukLGk3VtqDqIyZbpDPPja3ysnZ9ipy-F02P4RiDLqOJ5T1lYEmFKMj3fdXeQBnMBug7rNCNxf9yKYt0Ausbol7VqlvGIUyDMBmeHJvk3sR_L_Lgwk24XE4oe-vK7UA7205mhmz2QuKHr28HR_VIT1UYT3xXHNzX5yyFWG4GoCVQ5204QaILAHD-7vQ_Dq2LBBXRGAyfPVv0rbpYFXz2K5lqFVggzUlRI07p6Pphv1yhr4L5mGJ8jbkF61ueDnUPCX7U0YKrAygUBwsnUqaoSiiBPkW9L6N_l_LD7KL_Pz-Xdk4cb3j-reJeca8gpJRLb3eOvl7Awf60qPVN8xPArpKwedw5YZT5I1pnRBZt9xtzjd8B9RMk6ktP_iTgO4n2MfLX6Uxt4yFQ1Roo93Io6De6D4kugr58bjWp0AKunHmFV8UU4d3gEJKNhF-L3kTC-xyX-FweVPLXFfKC0-jMzMZNMhgNDSQHsb1oZeNtMzp9DO_SYhMH0kMOf8w6hyZMnRjKlQjJy1-dwCW3PspHeVZ1Z5Zu4ydxLiK_B8DnGlJJiBPqh5QOeNLs1_0&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=14360454527219851000&adk=2228999114&idt=798&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
379443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0ODAwNjA5MQogIHNlcnZlcl9pcDogOTY2MjA0NzEKICBwcm9jZXNzX2lkOiAzNTkwNzg4MTg5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkK...
ad.doubleclick.net/ddm/activity/ Frame E077 		0
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0ODAwNjA5MQogIHNlcnZlcl9pcDogOTY2MjA0NzEKICBwcm9jZXNzX2lkOiAzNTkwNzg4MTg5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2htLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAxNQpldmVudF9pbXByZXNzaW9uX2lkOiAxNjI5MTM2NDk2ODAyNDM4MjM0NQpkZWJ1Z19rZXk6IDg2MjkzNzQyMTU1ODc4OTIzNjIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTEwIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTA1NDU5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MTUyMjQyNAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTcwMjE2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDc4MzEyMjQ0NQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzMzk5ODYwNQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9obS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly90aXFjZG4uY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vaG0tc3NyLXJlc2VsbC1wcmVwcm9kLmF6dXJld2Vic2l0ZXMubmV0IgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x8db19196cfa450ee0000000000000000","13":"0x27f0aaf5359dccf60000000000000000","14":"0x447d441cb919d03b0000000000000000","15":"0x37b49dfcded8712a0000000000000000"},"debug_key":"8629374215587892362","debug_reporting":true,"destination":"https://hm.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["9054599"]},"priority":"0","source_event_id":"16291364968024382345"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 234B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
275273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 05AF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 234B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 628F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
275273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 628F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
bootstrap.js
s2.adform.net/stoat/630/s2.adform.net/ Frame E077 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Ck5onagJ1ZdWGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9Cb6UUOCvPM5F8U26btjnV_7EVShcnPhgFHsAl9XGSjACPGXQnMb9ksHLZoHFam837HA_Y8F1ECCSbeKow9GDscD9BsyBcTy64FuitY610e0K-kAsWaNJHxAiFDZ-CZKjz9pUw22n5D9a3Y0t6nq5bf7KExIYhUQ2OJaxpGoLdyNlEh0-ltfnvf74spjgK39Aue843lPQRxowB46cGGSqLFWYot65aMu7uV9b9q18Xo_d7OerbYBPSC2nKsTNjA2onvw7wvEDxa-kgmEEFlTch6Xtj4zXk4NI7-o0ZnBSOQMKR86X7IChX3AJOAygUE1TovahUfN7mMhVrQ0ms4DZVw5zZtG_Hu7w0CMeoUKs-H6gdsln2X_cAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIjKfx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_1JxuisuVrcuyi_DnfFoeLinL-_Ag&client=ca-pub-4485239425924787&dbm_c=AKAmf-C7o01CqXFh79feuqmSl4a03FMMFxRxlAoBhvriICvnP8BYtorq6gFCL6uPEBL_-ID7jdV8jIbaH0oL21bnazvv3KTXP_PxTGNJMAMyKI-TJ9zAmRXjHVTdYT3-uLfFl9WIZaSSOV43-uqNA9W_Zo2VYXzwETKSk2YFr2ek3P0M1uHrZLo&cry=1&dbm_d=AKAmf-CcnNuPHzDXjs3sOMClUuQtue6yJJVageND3RgCie-cMxKtEtSoq1kCjz9Az3Ae4MNfxbofjur7H6eKIDx1OOyGL-3LXtkMbxyZGtiojdIjIx0_ChID3xZ-GCszZ56wFxKHYxlAR3Ggc-W_kcFCIJzLtpzhXrwj5hRi7aIe8aCppGcIoxW9PmFe1pCSn31_K1XroUXquPgw8aZvu95vkJpMHogNcJrrPgN7B1ad6JnwGNVc7cn51kDydBKvOUd3InP5kQwbhEu9Ag-W_OpWElLk1Y0dMtdHcBCR3rSG5UDscxDwbR0WJWW6AxaqpUZVY1WV6LTX54Mtph6tZkSZq6w0gX01gkt59pKH5bQkFpZSAWIJb7glITPIda6CtSwc8q_14d0Pcc4IUJZNVUqRkOB6afCs4CbUOXTmvF7aDXYPoWhmTxC-P5tV5R6KMUE3hNtyFCsNo9ZtOJazQKexG4qoojbK0Su7xZppQ__BH_iWKX4blwinJsq9DgC-fxT1hOkHY6YgqE9dedYYL0w9mMyeZPGH_5qEYA-ntnGQZSWD7y_PMD8&adurl=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f9459d8b9d545dc5b9c72ef6f486058a587af92d4e260793c48d59a75625d75

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44249
Connection
keep-alive
Content-Length
17439
Expires
Sun, 10 Dec 2023 12:29:57 GMT
bootstrap.js
s2.adform.net/stoat/630/s2.adform.net/ Frame AB8F 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CtF-yagJ1ZdSGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9AWRCBrT1NwjiO33NEBSfRJW-2Kg2uuAVBNfIwhHq3XHnpdzZC8xxY2BUYE3RW-A6NXCF-MVGUg1jjiVvYDP0_f4iVdpaBw4VkVpLFDNV1w0Z8tdObwddAhfRxFRYIvMwNJYQzjW3m6PxnQKUfUOqC_rjNONwuZ3SmVYmbXenCgEnGlrY84X_odICq8rqbffj4gAVPvttZZtaMb8uciX3V1lXzSeoe0j0pyKRKvv8TSFEay7MNuX4njN3TVU4dBobaWyUs5JFgSHP077vCdoOFhuJNPtbX_eeTdSCoR7GmxRs9zN8WfylYGhpIPwBYpZl2el_ALH3NyjfCl2y-dugkAqtmKI_nKFPF2WZXH1bNy5ynohvfMQ8AEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIi6fx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_0tiGhv38F35dEYgSGAr1Wqn63S-Q&client=ca-pub-4485239425924787&dbm_c=AKAmf-AmyW8aPMKr5-X6sAd1ty74xCzC69-rFfWmWXxPRCt3c-pF1xwMoOKR6xprMhJPH3z3PIJfKyJ-KpFid-cQj1Ste4kRcVU12ixuADZFN4mL7xbB9so2swltEF0HNPt85IKp9IAI3iriyMR7tyV87jol2tOUwbVuRL_mHyeaisweO5HB17M&cry=1&dbm_d=AKAmf-CXiP4Q22jlB59Axt-ADc7Ps5dhVy0FUfj5opJjC1SUB6VATrQ7enHG8Lqew_2hSYZnvZryXCj-WH9ODJdRxDLQJv_Ws-01rBLr70VhzY38BClmNV2mOfrvnKadfDKuPA0uB8tDCrf4ZqsqtOK8WfyhS1jVtkV3p6iykUgDZn-naDBVAHxdwElyCmrcOnxukNqymRFBfiG_esxs2YUicDusBnStzW873sTMkBJcfa749vUSTYITNTIHohDbIxuf-FZRTb5IUzrbIA9hD4wI4QIBxornkSOpKJDejeBB0571H9XCqaOWstf0A_AdhNrMb0dfCgWKjYd8iFIgjz6mwnyO9PCaTNuUDiveFwAnSi6gCotAx5Ad2J2iG4dQgfcs2PaxbRL5GDlSmnUWEgHZU263fJTlfddj4ammsncuJ2KGuwCBJbRUnUxN0GO-Y9G6HNtzwWjZKVI3LFWr1pJoi0my-5iRGoOhfNJ7wslXCv9lcwr6IIZnKUezL-qp-19gz0cFXivDnCUokpbOPpYAPbKxfekL_CfFH8BRNzro2IRiyskbrp8&adurl=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f9459d8b9d545dc5b9c72ef6f486058a587af92d4e260793c48d59a75625d75

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44249
Connection
keep-alive
Content-Length
17439
Expires
Sun, 10 Dec 2023 12:29:57 GMT
bootstrap.js
s2.adform.net/stoat/630/s2.adform.net/ Frame E9A1 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=69660013;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXUgvagJ1ZdOGG72v7OsPjv2zsA-z9cbKdIfHz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJECT9BlDPzPVz_ZSJhE3i37w9IqF3XR625X3agVrsdSDqLlesibTy29z7uArlUTP32Nw1G9dJkLJLISMAjZs1pBy-L4MPfwX4YtmWZi5ddJdKuWvzD4mejKGWFfUbxsrmIjraC4SaOeWHySrYRz2Cpe0ZJQFBATEQ7xSXVQ69d25dJBl8gZBWRi8JdwpcLRws0NUl16i6J_4YtBU-Pc_Owhlbb9aFLHrZCuwSDArLH39gFwlaVU3UX_E1gomOEEBmf8YDKCrDtOblsR4HIpZ5aD0DItKPoB5Y00qKQLwF4EYTKMF_zJ-svsiMKuqIR9Z-kCyEYQUKQO7aXkq0TNVMeCJlN31mZ-yYZ2EdrQBQMw-xXowASYxe7F3QTgBAOIBY2QlbZNkAYBoAZNgAf27uW_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOliA7fDgyoODA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwiKp_HgyoODAxW9F3sHHY7-DPawE8vD4RXIE_i5-OMD0BMA2BMK2BQB0BUB-BYBgBcB6BcF&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_29-vlzSNXZJ5yv9iFmUtwevBHAkg&client=ca-pub-4485239425924787&dbm_c=AKAmf-BRa5GLE9ivdgHC7A5w9N8w8qB9NOIWihKLAw4GDRxpHlbEHSjv4u1IW3S5b0Hok8q3QwktPAL5Ug6QdVFyaegw_xLYjF-m2JeQyJYU1mV9_qKJhxLCPm2wqjxRshngdqDcs82MSruJdc1_OwOYXRjG8EE6rwhwZ13WARrE6U8x2YhlhpQ&cry=1&dbm_d=AKAmf-BfpVL7ngQDOECeX2HIjzuNEjOeuJLocMRi6-MsQ1YFtlIinWGiTZQkwhpJgAIfRNgWx-ddBiCAzYS48bnYTeSY_9aS3Oe3yNUxQUbdzutfCvZc4aR_jbyd_s8hcDREgmMaFIfZW7LKZM0VjOcvJ3dc5TPSgW01-5lZwUC5HaKwcClrbL91JHqsfegIOiViuF2kQZxsROzB8kcqXw2tOr6UtaZXEVBvfTotxvsN9rCNpLF-uf1pzroR8c1yZN4tAL_Kk3CwoRYymo5zuMm4ztv0vzBKe3l4kfjgyXL4sjpWGbGOPABoRrD26ASXK9qo3DnLtCvVRhnSZ9Ux3JFHpbPLygTcsj1qyS7dpXI-LLwtaKTuB8lQ6XWCEQRT-BK1tkzlVTQwknsjAjolKqJdeMDbuxH7dK1SVfiJWAtM4p8_40GtjDTXK6s16z0lfCLEQlpu4A-7e9kXsm9aXI2zUcCFGamh9OLT3zjpTOmmE_6M65uMwsIuHFZMbE-oO9c6pFL1cyUdWz7_alteLkya3_eUv2jKr-60U7vxSn5pOif4Br52tO4&adurl=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f9459d8b9d545dc5b9c72ef6f486058a587af92d4e260793c48d59a75625d75

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44249
Connection
keep-alive
Content-Length
17439
Expires
Sun, 10 Dec 2023 12:29:57 GMT
cm
t.ssp.hinet.net/ Frame 7C11 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=2be6e49d-7535-4447-8c43-46671724c53d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net/ Frame 7C11 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net/pixel?bd=2be6e49d-7535-4447-8c43-46671724c53d&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
events
bidder.criteo.com/csm/ Frame 7A5F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 7A5F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:28 GMT
pixel.gif
static.criteo.net/images/ Frame 7A5F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05AF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BcjYcawJ1ZeT7Ob2SvcAPkLWo-AgAAAAAOAHgBAI&bg=!j4yljMPNAAY3kmNgF5I7ADQBe5WfOCtRCAeeMsHaHaqWm5VXXe_uFhmADWddXSTuHv-xfPrSth2cqfLJz0O-ug3iRGlxAgAAAJVSAAAAAmgBB5kDIVt9uwP0zGz3eyPmIG0Hm4TWt_eTL76zDL2-IYeMPBp5Kc3xUQTtRjUbOzJiQjA7eQMgd6ER8ZjH9IX8hF3lxMeZEdfS0xTl_nNh2vJ8iCDW077MBrHp3KIKYUhr6AL1FSLgJCatGU1wBZQKQ2gynBvnUypPePa9ZY0sr2kPn47ryzc-OdqtJQeCKj_xxeLr6aJ-MFtR--IlxfNurFeK5tF2kI1I-YWgxd9PYdncD5z8pKU32Kd_YxlLXLXYXfbKkoQKDl13TquomO_mDMfc-rnRM7THMu_YtxC9LbbCI-qwShDlymX4YDIDHzR1GdCb-piUJJmN_2Dmp_zN3gr1yorScpG3ygJV0Iemit1XGhcA6lpe_bb3FL4ebAuaokTMox3Wn64lII50ggJJgyruUnC_rJ0pUPbR8rnrUzSaSPYky1EPzTxWIzNsAX14ak2ndynj8JilYcRW4Lj3so6G-5Q_kC6rWaEumOXZiCcs8uDGaomMChplrvb2JZ7pMS9Iwl72J6RAaPuDI4m0YOO10hPzkqK9ocbK6dNvyULTOXiUEgbdu79yUEgSrI--dDDJUHtoqinTxbT0uWyfV2jmJKoB7eoCrxuemZVBh0nbiOHTOYns1BOr_yZIOuJ4tXi7uOYWsZv83iHmRUSeYJs0JdZ9t77zZjUI5wYKtGySOBMN9XZfp3r8iqaCYuNI4H5JWBbIX1OaGGnyXWrod5TlXDw24U0GWwx_VBPE82egiZavvqi8rLAiUBqoHBj0XnTgJQSCvuA4ozgMhUkp5XBm8Ft2odUeDUyfHFYuR4jnn5hcOTooUrNiiwWGTNtedktyjOD7zFrN6LBc9yBZ1YqEtXLs-4TECfRxfjyRkbGtMB3_wH3PM9NZXJpHzMtN-h-GUTv3sMcr9fSWYd06DoUw1tMJ3ShqiET1aTuJq4HXiTyhta90GmUI7-_gcD9w_rTiluSeQxhpALekbdetiz5AmghjjFlvR0kuEwi3HIrOOaZKDxgq676uRyOjfatwqOZXgRpjGhj4jV9taCm2tOYMW8XYIU6ZX06ARcAQc7ib8um73A
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 234B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7KWHbAJ1Zcsvt5-J3g_dqJywDQAAAAA4AeAEAg&bg=!vr2lvfLNAAY3kmNgF5I7ADQBe5WfOHD72FlxPEepOslAQ6dTqfxrOouCgX6xcB8qohZrNngGjcWOzKUFNbme9dUQffoLAgAAAJ1SAAAAAmgBBwoAKP6W8Mbd71kQZgGh9XtXaFskEeKFvZ-uvG5eMT4J_O3KOig3b9wyoxGZA0cZXalnBr81J5OJPvWM4aF-bhGJBd46il3TgKLQQhAMMZQ2HKaMlKrHdyvZJEJuABLjdk1WNo-Mz3VCFm0Cvl2fRe0D_r6zKcHkfwNIvc-pgJTdg3bexESEn2jQpPbkTECvfEeIz7ImzSTeQcVEdjEpJqvlkM-r38vPS5bE8VnyuRg4H984NaecrAmfHJHLo-L2Br1CiKWTH4E6s2al8Kb2uV39OXVuw7kkqf_tAp4UiN3ML_G3mh6QHKjLMKv_fpTDjmrKhMsTHtJdr-sWyOAQslfbRUV_6xYVVVjZXb8nmOEg7B1ALKOXq9W5PLLsnS3epFJyht18qohKEsMVkYh5sPMgsLKCpF81-ogCOR2v-3B78IabWaKI5eFFUT0GbL8oN6qfbb91PN7H7IpKChAXYHjiLASplQY6UMagfY04VTmDXBi2o3phOWgIOXRAkJtK_es8GRaBU0v4v2_WmhoU3HylSeptwQ2SDYGMXw9AE89SDz0lHeKyfGs1WFsPTBCL8qgtUW1gFVOxNQ1g3alMQ2hpBp1f5SfkRGqSPnxhhvC8oZO9pisT_RwuwQzZGOIUrjlS8RYUrc_hnh5QpPfTFv1PbJzex5syOYU0cZdgdZ5sAL_sNF_F_f6Og-oyIk2QfB593L1STc0_8AIpruuTfiJLJ4s8caMDOQv8M_DNGwrz2XWrGGobTZAPh6DF4_LMhF7QwiI6sLd4V2P7_ryA8cWzIWnhXmSO4X9aiheEVJYBTwPQ-LREMfgWKhjwiQ0O_3tF_r3BTK4aY8-HrZ7vlP5HbW9HivTySGJOnB4jDv4IJAACDuFKGHyXKjyAOuvIzAw4hslB6tiySysqlOuDI3HP9JWglsgGSEMoAOTKDWndgqHdZUkY0s4V6ahm1ccS6VTP7j45wFZIiLAnSVUKdDKl0ctFjwgFJWhEd3Vlt7yze2qFYJR6UbAXKAPy1HWcbRbsR75jGe2nKQ1VYSNr0s7Z9W9JJnh6LOXoNowuDMNtC6Urg3zvukmLL8uqJ_wSlRKfIGlFdj19N5JLqMbtFS6liSi3YDNyjz4QKnEWNJBLeqSEtgRTBXxBoddL9PkGKVpHtDrm-DYKKTU9FVDqw5rBm3wbTA
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 628F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHlm5awJ1ZYSyPIuo29gP9sO50AYAAAAAOAHgBAI&bg=!6uml6abNAAY3kmNgF5I7ADQBe5WfOAzMHU3nEuHkHbjDsyQjqXylEVwdFeP7527u8hbNMJoG7IvfAFq8NnicCxYAAkbcAgAAAJRSAAAAAmgBB5kDQCD4yBLYusn76ALL8kbfgI68n4AGvojKILu4dIq4JnTHva9CG5sj97zo_L53NIvQVZRY7gg-9X13fcutUgpewWk34CJIqs65zDX9DOK3JWN44W5T0cq7N0sGx-_5oV7hdo9F4xvbz_l7zLJ3AtvQSADFnj3b-V9K7es7b8zuTuIbGYth5s2oY4jw3cCcwV-w5D6_lEUpeL_PSX0aqzPA_cPmMvU_g-neIE__wWPwQWcU7eHYrAvH6KDjZjcM1FrLU0yZO4wad5k3GUwpyX4IzCvgz4p8H_sAUIZ_CVgVndDOGkNivEt_sO0u5_y_6FY3RhD0H34Yf_ao86ru8BwdlLbjOKC4HtVu6bTT2VsFeqmgxDAgPIejFBirEqCaDr1vB8sX7RxoHO1kCq080D-Ry0o3EviNO_b7_3g6XMi_V4ImjU-LC0E8o9eu6Fw-EJMllQGE2_FzXTfo-ZZIPTqW4vXxsEys277dE2JpoP0cZD0z-gXnTmr0DnBB4_w44OnsX_0Fg33QX5uMnu6kmZNRYWtJmggvLWkdDlqn-y2pldHs5Z0BinXW2TuXedCN3_EgFiA8fJB8MvwTFjtBf6qGL0Ltm5WCtO3I9T2N9A0h7Dv1wcsgLH-ha-_IkT-3skIc8GwLUTDuWH-LqgNkoycY3Pf9e24ieMdyMTml9QZcGHAdoAG0_F_ScEHn2mbloSodrQyfp8zJlyYLOhRldwNQmP8KNrpL4DR71rqBg0_LqKKDRBGzJ0ixatp6MBwmWD3TfBUrShEFLGYb2DqKG0SmxgN5amTs5duCuI5mgjgGXHqTNsc872iC47P-CEONlgVGrunPg2rQPpHVt9KM8uWvrDaWZkHzQSqb1MhoXyIgfyTDAh6_m5tHIAgedGjrWSA6tDIZONbX6GizHqY3PkI0H5djAsP4U-qszYiNGK_DHQFZE_ZaaHmVTlmbsL8EN2Kr7G2AJE2aEo99BDweX2FVke1TsU8GiEjJzBMb2LW8wTui8hax3iCLEyrWG_-tKW9NgNsar79mB4Tgd074lUg-_Ua901BSRAdXy3H8RmhGTBtSPuyTSEM2e9yx-Tm4v5VWefmjwfZD2xkuuTFv-GLDNfo
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 02ED 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47b85bbda5c8e33f1eef41b7ce74c2f86c9bcbec3d8cb03e62f37ebb92c4618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30280
x-xss-protection
0
server
cafe
etag
58 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8A1F 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad35c72a03aefaf8c60ec596d320d7a84e93c0d593ed691e6c3d2b22fafc26b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29444
x-xss-protection
0
server
cafe
etag
487 / 19701 / 31080021 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:28 GMT
/
a2.adform.net/adfserve/ Frame AB8F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfserve/?CC=1&bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CtF-yagJ1ZdSGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9AWRCBrT1NwjiO33NEBSfRJW-2Kg2uuAVBNfIwhHq3XHnpdzZC8xxY2BUYE3RW-A6NXCF-MVGUg1jjiVvYDP0_f4iVdpaBw4VkVpLFDNV1w0Z8tdObwddAhfRxFRYIvMwNJYQzjW3m6PxnQKUfUOqC_rjNONwuZ3SmVYmbXenCgEnGlrY84X_odICq8rqbffj4gAVPvttZZtaMb8uciX3V1lXzSeoe0j0pyKRKvv8TSFEay7MNuX4njN3TVU4dBobaWyUs5JFgSHP077vCdoOFhuJNPtbX_eeTdSCoR7GmxRs9zN8WfylYGhpIPwBYpZl2el_ALH3NyjfCl2y-dugkAqtmKI_nKFPF2WZXH1bNy5ynohvfMQ8AEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIi6fx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_0tiGhv38F35dEYgSGAr1Wqn63S-Q&client=ca-pub-4485239425924787&dbm_c=AKAmf-AmyW8aPMKr5-X6sAd1ty74xCzC69-rFfWmWXxPRCt3c-pF1xwMoOKR6xprMhJPH3z3PIJfKyJ-KpFid-cQj1Ste4kRcVU12ixuADZFN4mL7xbB9so2swltEF0HNPt85IKp9IAI3iriyMR7tyV87jol2tOUwbVuRL_mHyeaisweO5HB17M&cry=1&dbm_d=AKAmf-CXiP4Q22jlB59Axt-ADc7Ps5dhVy0FUfj5opJjC1SUB6VATrQ7enHG8Lqew_2hSYZnvZryXCj-WH9ODJdRxDLQJv_Ws-01rBLr70VhzY38BClmNV2mOfrvnKadfDKuPA0uB8tDCrf4ZqsqtOK8WfyhS1jVtkV3p6iykUgDZn-naDBVAHxdwElyCmrcOnxukNqymRFBfiG_esxs2YUicDusBnStzW873sTMkBJcfa749vUSTYITNTIHohDbIxuf-FZRTb5IUzrbIA9hD4wI4QIBxornkSOpKJDejeBB0571H9XCqaOWstf0A_AdhNrMb0dfCgWKjYd8iFIgjz6mwnyO9PCaTNuUDiveFwAnSi6gCotAx5Ad2J2iG4dQgfcs2PaxbRL5GDlSmnUWEgHZU263fJTlfddj4ammsncuJ2KGuwCBJbRUnUxN0GO-Y9G6HNtzwWjZKVI3LFWr1pJoi0my-5iRGoOhfNJ7wslXCv9lcwr6IIZnKUezL-qp-19gz0cFXivDnCUokpbOPpYAPbKxfekL_CfFH8BRNzro2IRiyskbrp8&adurl=;js=1;adfxid=1x;8235;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Freurl.cc
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e29082bfee4c8dc7020b57da2f76a39e544bda81c26b926c6a4266d2e20d0a17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3838
expires
-1
/
a2.adform.net/adfserve/ Frame E077 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfserve/?CC=1&bn=69659957;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Ck5onagJ1ZdWGG72v7OsPjv2zsA-z9cbKdN_Gz4WKErnu8MiqARABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJgCT9Cb6UUOCvPM5F8U26btjnV_7EVShcnPhgFHsAl9XGSjACPGXQnMb9ksHLZoHFam837HA_Y8F1ECCSbeKow9GDscD9BsyBcTy64FuitY610e0K-kAsWaNJHxAiFDZ-CZKjz9pUw22n5D9a3Y0t6nq5bf7KExIYhUQ2OJaxpGoLdyNlEh0-ltfnvf74spjgK39Aue843lPQRxowB46cGGSqLFWYot65aMu7uV9b9q18Xo_d7OerbYBPSC2nKsTNjA2onvw7wvEDxa-kgmEEFlTch6Xtj4zXk4NI7-o0ZnBSOQMKR86X7IChX3AJOAygUE1TovahUfN7mMhVrQ0ms4DZVw5zZtG_Hu7w0CMeoUKs-H6gdsln2X_cAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpYgO3w4MqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMIjKfx4MqDgwMVvRd7Bx2O_gz2sBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_1JxuisuVrcuyi_DnfFoeLinL-_Ag&client=ca-pub-4485239425924787&dbm_c=AKAmf-C7o01CqXFh79feuqmSl4a03FMMFxRxlAoBhvriICvnP8BYtorq6gFCL6uPEBL_-ID7jdV8jIbaH0oL21bnazvv3KTXP_PxTGNJMAMyKI-TJ9zAmRXjHVTdYT3-uLfFl9WIZaSSOV43-uqNA9W_Zo2VYXzwETKSk2YFr2ek3P0M1uHrZLo&cry=1&dbm_d=AKAmf-CcnNuPHzDXjs3sOMClUuQtue6yJJVageND3RgCie-cMxKtEtSoq1kCjz9Az3Ae4MNfxbofjur7H6eKIDx1OOyGL-3LXtkMbxyZGtiojdIjIx0_ChID3xZ-GCszZ56wFxKHYxlAR3Ggc-W_kcFCIJzLtpzhXrwj5hRi7aIe8aCppGcIoxW9PmFe1pCSn31_K1XroUXquPgw8aZvu95vkJpMHogNcJrrPgN7B1ad6JnwGNVc7cn51kDydBKvOUd3InP5kQwbhEu9Ag-W_OpWElLk1Y0dMtdHcBCR3rSG5UDscxDwbR0WJWW6AxaqpUZVY1WV6LTX54Mtph6tZkSZq6w0gX01gkt59pKH5bQkFpZSAWIJb7glITPIda6CtSwc8q_14d0Pcc4IUJZNVUqRkOB6afCs4CbUOXTmvF7aDXYPoWhmTxC-P5tV5R6KMUE3hNtyFCsNo9ZtOJazQKexG4qoojbK0Su7xZppQ__BH_iWKX4blwinJsq9DgC-fxT1hOkHY6YgqE9dedYYL0w9mMyeZPGH_5qEYA-ntnGQZSWD7y_PMD8&adurl=;js=1;adfxid=2x;10551;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Freurl.cc
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1e29f7ce8e0e70b4ad3b215f504f29c98cdf21a0b27154ca252eb81fec209c86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3846
expires
-1
/
a2.adform.net/adfserve/ Frame E9A1 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfserve/?CC=1&bn=69660013;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CXUgvagJ1ZdOGG72v7OsPjv2zsA-z9cbKdIfHz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJECT9BlDPzPVz_ZSJhE3i37w9IqF3XR625X3agVrsdSDqLlesibTy29z7uArlUTP32Nw1G9dJkLJLISMAjZs1pBy-L4MPfwX4YtmWZi5ddJdKuWvzD4mejKGWFfUbxsrmIjraC4SaOeWHySrYRz2Cpe0ZJQFBATEQ7xSXVQ69d25dJBl8gZBWRi8JdwpcLRws0NUl16i6J_4YtBU-Pc_Owhlbb9aFLHrZCuwSDArLH39gFwlaVU3UX_E1gomOEEBmf8YDKCrDtOblsR4HIpZ5aD0DItKPoB5Y00qKQLwF4EYTKMF_zJ-svsiMKuqIR9Z-kCyEYQUKQO7aXkq0TNVMeCJlN31mZ-yYZ2EdrQBQMw-xXowASYxe7F3QTgBAOIBY2QlbZNkAYBoAZNgAf27uW_AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQARgdMgKKAjoCgEBIvf3BOliA7fDgyoODA4AKA5gLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQKqDQJKUOINEwiKp_HgyoODAxW9F3sHHY7-DPawE8vD4RXIE_i5-OMD0BMA2BMK2BQB0BUB-BYBgBcB6BcF&ae=1&num=1&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&sig=AOD64_29-vlzSNXZJ5yv9iFmUtwevBHAkg&client=ca-pub-4485239425924787&dbm_c=AKAmf-BRa5GLE9ivdgHC7A5w9N8w8qB9NOIWihKLAw4GDRxpHlbEHSjv4u1IW3S5b0Hok8q3QwktPAL5Ug6QdVFyaegw_xLYjF-m2JeQyJYU1mV9_qKJhxLCPm2wqjxRshngdqDcs82MSruJdc1_OwOYXRjG8EE6rwhwZ13WARrE6U8x2YhlhpQ&cry=1&dbm_d=AKAmf-BfpVL7ngQDOECeX2HIjzuNEjOeuJLocMRi6-MsQ1YFtlIinWGiTZQkwhpJgAIfRNgWx-ddBiCAzYS48bnYTeSY_9aS3Oe3yNUxQUbdzutfCvZc4aR_jbyd_s8hcDREgmMaFIfZW7LKZM0VjOcvJ3dc5TPSgW01-5lZwUC5HaKwcClrbL91JHqsfegIOiViuF2kQZxsROzB8kcqXw2tOr6UtaZXEVBvfTotxvsN9rCNpLF-uf1pzroR8c1yZN4tAL_Kk3CwoRYymo5zuMm4ztv0vzBKe3l4kfjgyXL4sjpWGbGOPABoRrD26ASXK9qo3DnLtCvVRhnSZ9Ux3JFHpbPLygTcsj1qyS7dpXI-LLwtaKTuB8lQ6XWCEQRT-BK1tkzlVTQwknsjAjolKqJdeMDbuxH7dK1SVfiJWAtM4p8_40GtjDTXK6s16z0lfCLEQlpu4A-7e9kXsm9aXI2zUcCFGamh9OLT3zjpTOmmE_6M65uMwsIuHFZMbE-oO9c6pFL1cyUdWz7_alteLkya3_eUv2jKr-60U7vxSn5pOif4Br52tO4&adurl=;js=1;adfxid=3x;2005;set=en-US|en-US|1600X1200|0|950|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Freurl.cc
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9c51db1019ef4a219ce3567a931d1f510fe2f51e2ea9495e81d39877c855bc73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3832
expires
-1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 02ED 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70904
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 02ED 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=847770560154147&correlator=4227692135626153&eid=31077976%2C31079827%2C44807746%2C31079527%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167148614&lmt=1702167148&adxs=640&adys=358&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=qocr1i3tymlk&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167149&ga_hid=220802991&ga_fc=true&dlt=1702167148464&idt=131&adks=1212019568&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bad327e19e7b6325f81335709843699466f64b01d9a9f60316fa077bf56284a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12657
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 02ED 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
941ea2d8b754f43e14bba96a8f05f9b86b78c51d6cf31f44d07b85ede105af78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12043
x-xss-protection
0
container.html
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1F63 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:28 GMT
expires
Mon, 09 Dec 2024 00:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 8A1F 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
85570
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 00:26:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 8A1F 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1123670600282731&correlator=734185100382722&eid=31080021%2C44807748%2C31079576&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167148697&lmt=1702167148&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=dpdh1kw0xmxd&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167149&ga_hid=1692263496&ga_fc=true&dlt=1702167148529&idt=148&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee269cdeb76fccb931f9d9cde9242a675c39c961f8e75620e8cb22b12b82c53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12655
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8A1F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab357c44a8d62398d37cee5442e40cbb8d553836fc00a0c4799d5f8c5bf404d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12219
x-xss-protection
0
container.html
529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B348 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:28 GMT
expires
Mon, 09 Dec 2024 00:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 02ED 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:28 GMT
truncated
/ Frame AB8F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66b196928b82c069bf11e8ab71266f50934b7da6662116d46653aa9de123cab9

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8A1F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:28 GMT
truncated
/ Frame E077 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28720f652b129bcc3f9c4c76d63fb2d2bd64e192a5d1848cc159a56e4ce935eb

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD75 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6393 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e4f8813d8c686bfec8ca1dc83832781081a9e147de25415ace09ed6a59bbe697
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ceaisxoq8ZO3RLR6vQJCJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ceaisxoq8ZO3RLR6vQJCJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:28 GMT
expires
Sun, 10 Dec 2023 00:12:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DD75 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A2A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2EAA 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77d53d6503c02cf09008aae403f6570472a1e1bc2dfe101bbfb6e4f4c3fd90db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6rTESsJK7Sr3UR0o95UjHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6rTESsJK7Sr3UR0o95UjHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:28 GMT
expires
Sun, 10 Dec 2023 00:12:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Standard
s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame AB8F 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=12352
Connection
keep-alive
Content-Length
37066
Expires
Sun, 10 Dec 2023 03:38:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6393 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=847770560154147&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3A2A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
Standard
s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame E077 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=12352
Connection
keep-alive
Content-Length
37066
Expires
Sun, 10 Dec 2023 03:38:20 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EA26 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssL5DUDsTImZlxShjAJWVlKr1t5LYhKHa6FGX9Y0X5OsUMKlDKfNi1tOKiOTIyz63ZaiBAhlcAliyYjTaatrEDdW0N2erAE3qJX0uDP6tjG9T1cEViKY-2vdr-hHqK41MJ6Nb3fn-8ETg&sai=AMfl-YSyF49ffvbjw-itEWA_V61oiWLik93ssIFbeo5fOyR8HXnEuo5OdcHCdV1o73wMqnFkngRHO84HmXgLD9ndlJIEW_Sz15t5ODphi7IFqF-syy0A_9s4OyNebZDgmjCCw0-tvdX_mWU744PKnVEgmdnv0viIVaXvlV5H&sig=Cg0ArKJSzHCuIVyeBUFuEAE&cid=CAQSTwDICaaNK8vHU82SPk2Z9yiWqG7uMASC9hOcSizhs3x_BG0FutX-xSn3P982Xc_ujK9vl5-LBQUYuTX1jSgLG6UMsxTueLmxEFEAHlrJLSEYAQ&id=ampim&o=632,595&d=320,480&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=677&tls=1689&g=100&h=100&tt=1689&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2EAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1123670600282731&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
/
a2.adform.net/csimpr/ Frame AB8F 		35 B
616 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/csimpr/?bn=69659957&csi=7Qws3Ch0p9T9dIxhcSE_SClEC5wmC8XvMPYSaleTHC3rygPkIxxfk2Lj6GHzgaYefCH7eHxC9gJH4IDJmKxEi96vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61408011.png
s2.adform.net/Banners/61408011/ Frame AB8F 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/61408011/61408011.png?bv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
61cd155d19224338e652c5bd86582aee2de2da4e7702462a503d0793844a4abd

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Last-Modified
Thu, 16 Nov 2023 20:00:18 GMT
Server
nginx
x-amz-request-id
tx00000102049612ee22b3a-0065576769-329552a5-default
ETag
"ede673bf1ce2dc67259c6728ed97dcd7"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range,Content-Length
x-rgw-object-type
Normal
Cache-Control
public, max-age=13766
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57903
/
a2.adform.net/jsmetrics/ Frame E9A1 		43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a2.adform.net/jsmetrics/?sid=392&rid=9562&cid=14627&adfserve=390&asset=385&deviceType=Desktop
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 04 Sep 2019 08:33:42 GMT
server
nginx
etag
"5d6f76e6-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
generate_204
tpc.googlesyndication.com/ Frame DD75 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SvpT8A
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame E9A1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af17f828b80d195df5f2910fe4fb119c4778c7493a24a52acd4ac968423520a1

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
61408011.png
s2.adform.net/Banners/61408011/ Frame E077 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/61408011/61408011.png?bv=2
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
61cd155d19224338e652c5bd86582aee2de2da4e7702462a503d0793844a4abd

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:28 GMT
Last-Modified
Thu, 16 Nov 2023 20:00:18 GMT
Server
nginx
x-amz-request-id
tx00000102049612ee22b3a-0065576769-329552a5-default
ETag
"ede673bf1ce2dc67259c6728ed97dcd7"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range,Content-Length
x-rgw-object-type
Normal
Cache-Control
public, max-age=13766
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57903
/
a2.adform.net/csimpr/ Frame E077 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/csimpr/?bn=69659957&csi=gmska3KV-4CbdBCH9nCHy4V8e0cEqtJ3MPYSaleTHC3rygPkIxxfk3AMF8M1yvSRO_VpApEsZS2PUN_xEidsKN6vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 3A2A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8WwPIw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FB1C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviowyjDxZjWfIb-fSAq7lmM-dlBycDpH8GqH3ZkMZvHp0K6FalDDk-ViV78YfW9VdhvVvnhhwV4ipXLu-bUFDKWfKJKlkVQy7aLZvfJAA5C2z8ezoa5JEH75a1YMxTOmspjj0GcOZJ6w&sai=AMfl-YRhECqOCBE2ypDDal-zIGPXzvuLGSlebcpWJizQtiBe3E3G5y4&sig=Cg0ArKJSzPW8UZLlfb-kEAE&id=lidar2&mcvt=1000&p=378,799,478,1119&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167146828&rpt=1185&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame E9A1 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=12351
Connection
keep-alive
Content-Length
37066
Expires
Sun, 10 Dec 2023 03:38:20 GMT
container.html
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 186C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:28 GMT
expires
Mon, 09 Dec 2024 00:12:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
a2.adform.net/csimpr/ Frame E9A1 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/csimpr/?bn=69660013&csi=7Qws3Ch0p9SrEJjs8FrYHljLIqzYwwIyMPYSaleTHC3rygPkIxxfkw9qtAlONMASELEMNnd65CVH4IDJmKxEi96vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61408014.png
s2.adform.net/Banners/61408014/ Frame E9A1 		127 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/61408014/61408014.png?bv=2
Requested by
Host: 75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
URL: https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
72dcbebdce5d432e6511b88962dfbf7ede5ebb81a29259fb628ec114f39363cc

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:29 GMT
Last-Modified
Thu, 16 Nov 2023 20:14:03 GMT
Server
nginx
x-amz-request-id
tx000005732a98da169cb70-006557676b-32959ea8-default
ETag
"d70dfe88ad5ffaa205cb7783492704c2"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range,Content-Length
x-rgw-object-type
Normal
Cache-Control
public, max-age=83201
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
129669
pixel
googleads.g.doubleclick.net/xbbe/ Frame 68B7 		611 B
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
243
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 186C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 186C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CmTSjhzqA4gJDedZB2N9lBQW4d6SaNOAZEWKsHyVrsSMw5Q_sbUedWl1xbXp4z36O3WaWyD_AsIsPMokGb8bj2rLbYHhdfliZv4ZcW6OR1USeQpkE
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/adfscript/ Frame 186C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfscript/?bn=69659962;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CUc3JbAJ1ZazgKPWz7OsPr_GtoAKz9cbKdP_Cz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJICT9B6Y8KH-BSYITao6TmyHW9BRsl96Ukirb6OgFYNrm7_kSwBwRNkGQ7wM7ABi_fADlBJw-NuCy-wnmuHe1xWURWo6A-H6Vj0Cvo5TqKMb3JpaaSoxCACBndjaQ-K8ip6C-U0WnxIWC3p7fd5ktXfb3OSE2JJQ_5_kFfyzEhxcw-ZopVTwLDSuAEAanhISRjQahxaeACkP1cv-tzxCQBzUSchf5h00HvTGMDgNqfG7j06VjUhxf_7Tz1Ens2mjcfvNILEeufUy54omiZ5-976uvDLgHyVPH_tl3AM9NFceLacspNhNId2RzEiLOD74GPuHNnlplXOL1NASV1iisKTGufZRc2SBEf3CwynYlho4haIqsAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY35z54cqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMI_c754cqDgwMV9Rl7Bx2veAsksBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&sig=AOD64_0UhGwU54lfYae0NIAmsKdbJ-XOZw&client=ca-pub-4485239425924787&dbm_c=AKAmf-BNdSPIyb2uNjfuM2qL66wVoiIvv6WO35CAYfiO5DBPZCiuBgqiUmjdAjgApLwGtinfNceqoRt2FAWFIfTwqAcOYwKxIP7LWmrSpTWOTY0WDsNm7O9b1Bn3W24xYLMWtVGlQJ7UTlPDopCuTzm8siuXQYJX23xYK9ZtFNoPGnw9j-k-3NY&cry=1&dbm_d=AKAmf-AZEc4vaaGKuAZ4PmU7MDGfCUgASyKJ0SGA5M5grJrFVm8i8YEQlmeFUO3PYu8iwkVyL5AV3XDdp5Eh2FbfJAqBW0uoqdAPYEGRKyFRS0onTZurUbtnhuol4_S3YohA2x6jabifDB061JujRcqPqtT5WabiPJn17wJqzI8Rt4T2Kf_tuoasqaAc0pcHYgtupcDlmVxJaUjpT_RbQ5uy1VS_I6ieInLUCDOO2Ofh-d8p-iuzkTs4ONhJs7J-Txl66I0jEjstN-t0zS7pAKomO1LHTKy_yXsLYX8Jm_WXkXm71BmbSjWwYyvFV4YxWwOsNH7zOW8p1148L4fe0CJ4oo_tKT3gSJOgzlyUREiNVNpol3rEzeMfJFVc1AY5ICY3p48-ZSSBTuO1V__tx5HyHDWa4erpsro_Xks1eo81H5cVUEV9VmzmWt5AgGTJm3GJ-rz11FkctH5dODdLv3pLnVgyCyClZe1KMdy0v4r-hzN_wjjAhNmLr4Slz822RMiO04zgzW48puA9dFSRaNGyhY4DtQZwB1hNtbUXLhVvcUBD1jv2iCQ&adurl=
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa26d77e751d3e1f298788408357715f10a7f32a117209dc4735c278d6bcd1a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2427
expires
-1
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 186C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 186C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:41:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
73872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 03:41:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 186C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssmLGSzJ1PqvTXM-rx1e7JhXdYHi8_ISK4s41F4nwS2ur2dHdRp7JRLsqBbmWBgcJGa0OI8ba5ZykeTAmyQhx8Ra9lU9u1Z2H6-WAbSt4ophuNBn6I22XSfozmsjt12RGx5fNX4VjIHpo_IKxdGpKyzHrGv8b5h3A7TUZZBO9OJdvgR6jvv2RxYj_VbKJDFl3d_CkYR6O4eNd67ISxK74opTchCM60QJ8-D86DwNuygs1PtNzaQbkA9ke8vCOKdEQLGzX_hwPaQgVhYA2KQD7T6F692M3fS-SSTyCgdTdtkwnWnL1kabXIV4fvHDwaa6YsFwGDNDIv09r_S3SL5s_TaOD79p20s0loQoHeKV3d3vK9wIU44AOxobKoDIhEYX0Ht05Cnqk&sai=AMfl-YTJewXwBRs4IerOVW1OOGH63mSkovj5wNl3fPjgff8Hwxp9UPKDAnlblPdHImPchM2P2UoupYywc5XBlfmu3QnxXyAmOvLdrjNhS_smVXZ7dJO0X-32cOoqEoqAjov1RrpMAb1-FnIE8A&sig=Cg0ArKJSzMYmsp-0OjUfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame D9F8 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
49
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
GVzKQ7rvK2ZXH7B4ZCB0d2Kcnq95CVToPe2R67mXbt3w7msJNmm3hQ==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D9F8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:29 GMT
bounce
ib.adnxs.com/ Frame 68B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMQq8onBBJtaUk8zTS4rzos&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQq8onBBJtaUk8zTS4rzos%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQq8onBBJtaUk8zTS4rzos%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
an-x-request-uuid
505c140a-8c47-443e-8be4-31d150b84c99
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
222.9.233.7; 222.9.233.7; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
an-x-request-uuid
351b447d-3747-4760-b69a-c245879ea96c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMQq8onBBJtaUk8zTS4rzos%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
222.9.233.7; 222.9.233.7; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2OTI2NTQ1ODU2MzU5MjA2Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2OTI2NTQ1ODU2MzU5MjA2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
an-x-request-uuid
ff37c617-1e42-4ba5-96e3-56b3299681e0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2OTI2NTQ1ODU2MzU5MjA2Ng%3D%3D
x-proxy-origin
222.9.233.7; 222.9.233.7; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 68B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA5Foti9W6i18Ai5-u2SNOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 68B7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4OGU2Y2QtMmI2Ni0yOWQyLWVlNzgtZjRhM2I3MTk2MDNi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4OGU2Y2QtMmI2Ni0yOWQyLWVlNzgtZjRhM2I3MTk2MDNi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLjSwwEQlITcAhiE68_-ATAB&v=APEucNUEjWodkoGc7zBWVA-Qq68XxgmAxewjqfO8FwbQ2awFTY9CdqlO2YP9Wyx-MdpTnhdpm_iZfzAm0vItcmSVCXU609y1CQ
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ4OGU2Y2QtMmI2Ni0yOWQyLWVlNzgtZjRhM2I3MTk2MDNi
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
capmapping.htm
cdn.holmesmind.com/js/ Frame 53F9 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
60
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:11:50 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
i8zjmnYtko9q2uPb6-nX1gvoL29S1CYXwUBM56l7M2LLgtdjpr5qqg==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 9F49 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
EKBTtDJ60jAesRuSaP4IXPpb9rOXy9f5dLkpLPK6Q2DhCwrX0J8X7A==
/
cm.lndata.com/ Frame 53F9 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:29 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 53F9 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 53F9 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 53F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
x-guploader-uploadid
ABPtcPrDD2iSacPSVcxTmewJtkgpXMhk8wXiKpHKg4AaM-MYo_ahGh5xaayPZi2EyK10Le3a0oKb4R_35ZdKWwpxYVL2Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 9F49 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 9F49 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
43
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
tlStWBtsCKM5wPHHF0JvPBH0PKd4gI0PaIWzrIRPP_l2Jvd5ylLX8w==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 186C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4150976264585&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 186C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4150976264585&version=m202309260101&ct=77&x=1&cor=2140276699198534700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 186C 		34 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhdE6UcRhlXgwwLZJpSiyLQpMTTXAN4qq5E3FGAE4DpF8d4PbF_A_UCgz1BLUios1N7FeYoKNp-iOjjD7VCcX0CGJmmCzFMrP3uWkcOexKXLqo49A3_dTc81O8Xa1JIChXUHi-9J0RMm69PNTvPAdMTvxQV5UBpbViqJOzSGkwdmbl3s4&cry=1&dbm_d=AKAmf-CToM3uqYoxnnjepiK7eYLaYOJwOwkHsd4xIQK8jBdBmNNJ60nelRHBK5hogOSSHHrPyW2E0K0vPyAaGeIjtj61icQSnyM1l-aKXzQ-1GRC_ICZXMZZDbDITkkml8OrFN97bhXDAnKqEaJP6r-lJfIU7egxDvRnq_bixqNFM384vEnPj2kLGtAVhNwLoFXaWrS2EtahQgLlq6p6CuR8hdYn3Fpz68XL8s1LTZC6MB84Toibd6FB5zEZThYicV9m1V0JFwfqnwEdGhXzdr0RXx_Mp2UgvylgHgAv88H5tR80a8X-W_mARWE9n8Qb90WT4t5DpTpJrIWoF4Itue4QUqyXNd1kPT_hntbi6UjJRfDE6L34zLn4xZvzFbRt05M2izJGaXXxcKAYEyL0HExG4fWLaXgGpla8PmGkcvtObX7jUnK7wCCutcBRvKtCMBZ21LecQQAmig_j3w-jVC8y77OlsJoQAMR8qzWIHnFYS3NC5kIp6K7xYP-QJ5JcpDtsiihKujsp2hgMNsaPaEZrKYSX8C7kg4EQM7VBcNYrT6ejAaiZFontUoYZ-gJiRp7LpL7fxwu5Wkt9dSjbGnPO1_QjSl0YfR_vheao62UIB1TkpxL2OHJJyTENsVv0BSz7jinTu5SP8dcqFX7bs8uvNj7ZquWZG5sscYHNtDrMU3tcJGL3QR4Q_oE95tn1lDkP0MHNO3gsdcfftC1DGS-88brcItpgKC6u0c7qBnhUsJ4_Tbhbwzp4Flcn6J67lEoaPP1PQA3UUitz5x2lEIYcH7obil4W3ltXh-4JZT-xsCgO6Hkr-chK7IDDstlJDYVrq1MIkEi6-qnpVaoJUXi6r31CKTpXGxxMzb5dXaxbaw9X6jwVL5JJhfJ3NW21el9G6-4LMcLuEI1Nav_Sq5xNtk9mbc93rIyoOAmgYvqRdYCfIejbVuxMy-8Ai67ER9QU2xWnrlqF5Y6mYRVC0YDhWkzSKRAy0N1a2_I_o1FcnNZPGha3OHVzbFD5zzv1UhjT6cxDdRwPI2AAhwFD88Y0yVYi5o77rY5n_C07d2QD8ds-31jop1G1TJe5jgVme7HkFRPQs8I-NCsdYPGcqOpVIXOVGp1vToXWm93aFdhJa44Y2mbxHy3nrxID37w5dWIp0OfY1n90EaVJIgegCSLndwoV_Jxg3-9VQWQEHmsntcdUUFWdGDfH43Zf0n56w_iuO54SiTIYMip4OwaLPQSQg-Bva9xCNWLgNxTqAwmYpuJC1lMVzB4wwpFG6tdF2QMBmt9IeZc1xGAaw-N1I7vLMOQ1EaEvS48RQnZeMI0FRc8FD0o2Rc3XWvp5GxdEBKcmEeYr8dHDdgraekwOJlLFMUTRDM3Wo1Z21lYvZ03r9qOd8p5KHVoYMGgYI0ToUceS_bOfoOo15r3w7p1AbPZSFBLP6ikDS0AWgPcQPDdwiOtrdDBYZKfCt_rV_ofLdOejbJk3YqjKAh2fKoTsVIPg17nmldV84p7DbR-yB4kzz7W86AU3bKbV9L0Wc5Gj9_88O6hkClCRsCFoShsRgVMe-4ZNxeVCYvtBF48rwBFvCMDh8-aOMrqdzx1Pa0nFjFREy2zuXDRTkhR81I8sDhAyTXBJ34inkvOTAq9L-5bb1vFI4gs9r6NvmEtoccLNLfHjhfD6vcL2siSfNKkfxWAiLKpmWiC8L9GBCjPlg_il4n6pinCtpfaQptgwyNYR4ZUGYZgusZQMw6Dh2r6A83WsLVlzkuKBPlX0jm77X74p2yseqGw66k4IzeNsLje6QxUukOKtZ4-sLvTRBlh8MOpxpUelmXMn43AGVF-zOUBirNUb1tRMK9uydyyPmJUMuytyukfFNKKj62wY88jXe3OADYNeUvpNDLHPOY7UgpZKLyXWLVi8zeXH3OuutkMHXKiinaKqwo_mahrr7sHElU09xkLaWoHqoF3SF7irdsLM_OP3IIaHzkCe5Wxnaf-rtpO6F67nBfQcof2FSIDcLKfu3enlBdsNCvwH33BN7DDhG9nI-aw1xWMeHtvUNSxhrPSGrNMdJO0kf6xPaVetIcTFlyRReeBjfElV9knY57PmnEV8kxviM8oXOshsnCMa1xA11xuCjUSloZtqhaqMM8PtfqzeSGzKHM7kQ6uyNCQli8jdR8E1UXopONPU2tacWTfAKfNgPTXpz9cOEDADv0Ss2EtWuz90-zqroYM8OUqewt6kHeKy8yE9VYT5dh-iYVz0hB1jE9hDY2qHc0bA-Swn5CmQlVwtxeEzpburF8F6RJqCxzQcCMD0-cwXeGI5VMkKe2jJWtAFQAA07ug1PU361TgJZtzBgTvzSiMioDAYBaCKorB5WdtCLeYbVkQygTVQte0c-zHdI6WiRupqzDu_eBdXxD6cRczVdyaWn80MRrPyvy1jxv2A-RNdnz4KPd7p5W33Md21YbD65lA597RAh6Tx8wR-TdPfwN6IqdUFosWSbp7ADIYOJVSEyj9sYOYtGhrB9kwpiUhPsUuDsho78YeKVL4IT5G603nJgaz41t6GzUeSlChZSVkvrGiqLiCPmDLFRsYBxltVDkJNtIZLItUz9-YpjeMxD6w9ronSGJ-ryFOWFfgfUS-isGx7R2v5Isyqar-6iW2KaNBMLuwd3cNSfkK3BwkMCZDoBC1issUsvOiLblLX3piLFTLoyKbX2IsLwVQn8OqRuJQsm_Sn9jNjtktxI0T6pOFzZHSnvOPImgzjbSPYdIw_dN4TtZMdh8NypYzp2DQlTYUoyKxgCbFkhpFr-ZkAKNVQG07KLkcwibKySaikwAP54KvOhI62L7ldxsRAhArASY8PssMwqzbZMfrJ8ivy4fu4HXa7myWavS2E8zR4uu3ewqekbyZKvLQ2CRivIxCu2xTQDvo9bJQdt824dKz3tN5Qv9cg-vPXX0x3hGlNALVYPNkpc7FKsrtOZJM5IFkhYxCWd1QVI7Ipo5haYUfUjwh4Nt4_vJTo8tectWuPSeSkRZLZZ9hMnPTnshriDJDgUWhAv3HKF9RjWvKcbqn1_KBUEHtETjkTqZ8wwWB-2YQ6rWoQiIzI_vvIWExxE-pIVqxQhoSrh-qpTaSV9zQXnKyFBCUX-CO705nN9iItoacFKXLSY1SwGRDGDCuR3vqXDNyivwHamUwe2y3wzrKrT--PfUs6sV-z9y3xDVd0zGOvsWbhAcC2v1TeakuYFgaU0kZ0CSi5TyybLPrqQJa3P0ZSFfJCARHh5XDb1gumZM_0hbF2wSrmTd9dzsuBo3HUf0UkXod0gv-J3p8ogsESV4HcZ9zUCIQRiajoe56vOkiCCv36qN6b8_plJcQCE-aCBi3NFsBmRHhoOAKxRDJ5F0FBnedKO0Ee8ddRqRk1xCdDjYpeG_h0p161P8TuPPzzycTqA_miLmesWQNNqbzkBjAhd7V9f1StpBQx1y-KI5yypR98bC7e5nAhye5O-pObxMVh_dpk9N7R3Okkl6sZ5HIJA9AHxxLMwywTOrscAlbYqUyF2ohMbkmxhLp6zUJTBf18EVgj6mu8fhbzB2_GHVzpApr45ouiELhYiGeSGiQ0OxwRTPtLjmdu7UCfkyqrxPktKK3aVUG1Nf4UjsFxcbBeXjFB3i4Popp-dfTt7DnZsYJfnYntmFHRF3mkjKRYlS1wbkT1TGe5C7ONZ2j5WZ-qDj5jJViB38mW4pcrrxkUWXJwn01FEBqfdDi7rLvSF0tV7HwMFXHk1YnPUn-nzzng4w9-9qeFYVrdr6dYZ-8RC8cApR4nIji-F3Xpg2-DxR8-cag0suazk5ZyUSffiWXSCpRIruDyB1MLoOJWdfA4sjetEkKqESphd2zg8wTvJlxOQ7tUeYyKizUBqSRC4fEOUHBZr7HtRLdQlYM98TG2naPNdpRts3lksqbsqCLmruJQntEH8YlIPBol9kEN1TN1OX7gbZabYvfqF_OWkBYTGGsNSE0yeHTCFUYdPq8oAGhyH71OfLMosVdxUbXfRXYYc9hOfliq55gfk9E5huoSssV-Dcn_JcqUQXEweVwomX_0cipK4uoYcuADi65WwxRyXD4MK_csmj_--VYe9u1DXg2D0aGwobyZuc3da8JrSxn-qavrF4GGGoT-vsGPazGpjRptHP_DaIcW4pm2pjfKZIhHBTRjwY6EtoIdO2YQUQIL9ErHmuJAlF1buFw18b_s870NfYWJUP1sAcDVutwXIFJ6n4j1AownT-mb&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=2140276699198534700&adk=2419447976&idt=155&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14e83a74e86094d7b485f05f6970eaa23e5ca3b056ff83c9356173a21b28b764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19837
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads.js
ad.holmesmind.com/adserver/ Frame 9F49 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=181&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
f4ba854924af87424449169f37d7b1b84ec4f3eca6d9325b71e710efaf2d6ee9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 9F49 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
JVV8fu7O0nYdVWGO9zer0tE376205_4kmFJoeUH4dRaR07V1Z_LMcA==
publishertag.js
static.criteo.net/js/ld/ Frame 9F49 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:29 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 9F49 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
Zye4YxmWA18EUWqF7tmHSm0x8Ye-4C5ZQqsItao8XfULrVKwp-la0w==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 9F49 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
jiAXb1eIbdxXhj89ABJVwdGeS76H463MXNGu37KOmnD8ywtku9NpqQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 9F49 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
59
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
yZCLm1yPYZFqeURCcuE7hVLFGGd2rcBcgGDEANVhYtMB_K6W424pFg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9F49 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
5
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
msO5YoxLIli6vEWIojMAjlVikK4jPJq3hpMHkFbGVarV5O9Lu2NCYQ==
truncated
/ Frame D9F8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94b3762a765d00d73ac92206857025728f9d26fbf7fb884a9dd7d96fe91c23cf

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9F49 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:29 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 9F49 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.22433195778519366
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
efbaf75d2d81dd4f3d4de05508c32b31cd2d5108e44e602f564b0ed3b6849f79

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:29 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 9F49
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:29 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 9F49
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:29 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 9F49 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=11351284465
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:28 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 186C 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhdE6UcRhlXgwwLZJpSiyLQpMTTXAN4qq5E3FGAE4DpF8d4PbF_A_UCgz1BLUios1N7FeYoKNp-iOjjD7VCcX0CGJmmCzFMrP3uWkcOexKXLqo49A3_dTc81O8Xa1JIChXUHi-9J0RMm69PNTvPAdMTvxQV5UBpbViqJOzSGkwdmbl3s4&cry=1&dbm_d=AKAmf-CToM3uqYoxnnjepiK7eYLaYOJwOwkHsd4xIQK8jBdBmNNJ60nelRHBK5hogOSSHHrPyW2E0K0vPyAaGeIjtj61icQSnyM1l-aKXzQ-1GRC_ICZXMZZDbDITkkml8OrFN97bhXDAnKqEaJP6r-lJfIU7egxDvRnq_bixqNFM384vEnPj2kLGtAVhNwLoFXaWrS2EtahQgLlq6p6CuR8hdYn3Fpz68XL8s1LTZC6MB84Toibd6FB5zEZThYicV9m1V0JFwfqnwEdGhXzdr0RXx_Mp2UgvylgHgAv88H5tR80a8X-W_mARWE9n8Qb90WT4t5DpTpJrIWoF4Itue4QUqyXNd1kPT_hntbi6UjJRfDE6L34zLn4xZvzFbRt05M2izJGaXXxcKAYEyL0HExG4fWLaXgGpla8PmGkcvtObX7jUnK7wCCutcBRvKtCMBZ21LecQQAmig_j3w-jVC8y77OlsJoQAMR8qzWIHnFYS3NC5kIp6K7xYP-QJ5JcpDtsiihKujsp2hgMNsaPaEZrKYSX8C7kg4EQM7VBcNYrT6ejAaiZFontUoYZ-gJiRp7LpL7fxwu5Wkt9dSjbGnPO1_QjSl0YfR_vheao62UIB1TkpxL2OHJJyTENsVv0BSz7jinTu5SP8dcqFX7bs8uvNj7ZquWZG5sscYHNtDrMU3tcJGL3QR4Q_oE95tn1lDkP0MHNO3gsdcfftC1DGS-88brcItpgKC6u0c7qBnhUsJ4_Tbhbwzp4Flcn6J67lEoaPP1PQA3UUitz5x2lEIYcH7obil4W3ltXh-4JZT-xsCgO6Hkr-chK7IDDstlJDYVrq1MIkEi6-qnpVaoJUXi6r31CKTpXGxxMzb5dXaxbaw9X6jwVL5JJhfJ3NW21el9G6-4LMcLuEI1Nav_Sq5xNtk9mbc93rIyoOAmgYvqRdYCfIejbVuxMy-8Ai67ER9QU2xWnrlqF5Y6mYRVC0YDhWkzSKRAy0N1a2_I_o1FcnNZPGha3OHVzbFD5zzv1UhjT6cxDdRwPI2AAhwFD88Y0yVYi5o77rY5n_C07d2QD8ds-31jop1G1TJe5jgVme7HkFRPQs8I-NCsdYPGcqOpVIXOVGp1vToXWm93aFdhJa44Y2mbxHy3nrxID37w5dWIp0OfY1n90EaVJIgegCSLndwoV_Jxg3-9VQWQEHmsntcdUUFWdGDfH43Zf0n56w_iuO54SiTIYMip4OwaLPQSQg-Bva9xCNWLgNxTqAwmYpuJC1lMVzB4wwpFG6tdF2QMBmt9IeZc1xGAaw-N1I7vLMOQ1EaEvS48RQnZeMI0FRc8FD0o2Rc3XWvp5GxdEBKcmEeYr8dHDdgraekwOJlLFMUTRDM3Wo1Z21lYvZ03r9qOd8p5KHVoYMGgYI0ToUceS_bOfoOo15r3w7p1AbPZSFBLP6ikDS0AWgPcQPDdwiOtrdDBYZKfCt_rV_ofLdOejbJk3YqjKAh2fKoTsVIPg17nmldV84p7DbR-yB4kzz7W86AU3bKbV9L0Wc5Gj9_88O6hkClCRsCFoShsRgVMe-4ZNxeVCYvtBF48rwBFvCMDh8-aOMrqdzx1Pa0nFjFREy2zuXDRTkhR81I8sDhAyTXBJ34inkvOTAq9L-5bb1vFI4gs9r6NvmEtoccLNLfHjhfD6vcL2siSfNKkfxWAiLKpmWiC8L9GBCjPlg_il4n6pinCtpfaQptgwyNYR4ZUGYZgusZQMw6Dh2r6A83WsLVlzkuKBPlX0jm77X74p2yseqGw66k4IzeNsLje6QxUukOKtZ4-sLvTRBlh8MOpxpUelmXMn43AGVF-zOUBirNUb1tRMK9uydyyPmJUMuytyukfFNKKj62wY88jXe3OADYNeUvpNDLHPOY7UgpZKLyXWLVi8zeXH3OuutkMHXKiinaKqwo_mahrr7sHElU09xkLaWoHqoF3SF7irdsLM_OP3IIaHzkCe5Wxnaf-rtpO6F67nBfQcof2FSIDcLKfu3enlBdsNCvwH33BN7DDhG9nI-aw1xWMeHtvUNSxhrPSGrNMdJO0kf6xPaVetIcTFlyRReeBjfElV9knY57PmnEV8kxviM8oXOshsnCMa1xA11xuCjUSloZtqhaqMM8PtfqzeSGzKHM7kQ6uyNCQli8jdR8E1UXopONPU2tacWTfAKfNgPTXpz9cOEDADv0Ss2EtWuz90-zqroYM8OUqewt6kHeKy8yE9VYT5dh-iYVz0hB1jE9hDY2qHc0bA-Swn5CmQlVwtxeEzpburF8F6RJqCxzQcCMD0-cwXeGI5VMkKe2jJWtAFQAA07ug1PU361TgJZtzBgTvzSiMioDAYBaCKorB5WdtCLeYbVkQygTVQte0c-zHdI6WiRupqzDu_eBdXxD6cRczVdyaWn80MRrPyvy1jxv2A-RNdnz4KPd7p5W33Md21YbD65lA597RAh6Tx8wR-TdPfwN6IqdUFosWSbp7ADIYOJVSEyj9sYOYtGhrB9kwpiUhPsUuDsho78YeKVL4IT5G603nJgaz41t6GzUeSlChZSVkvrGiqLiCPmDLFRsYBxltVDkJNtIZLItUz9-YpjeMxD6w9ronSGJ-ryFOWFfgfUS-isGx7R2v5Isyqar-6iW2KaNBMLuwd3cNSfkK3BwkMCZDoBC1issUsvOiLblLX3piLFTLoyKbX2IsLwVQn8OqRuJQsm_Sn9jNjtktxI0T6pOFzZHSnvOPImgzjbSPYdIw_dN4TtZMdh8NypYzp2DQlTYUoyKxgCbFkhpFr-ZkAKNVQG07KLkcwibKySaikwAP54KvOhI62L7ldxsRAhArASY8PssMwqzbZMfrJ8ivy4fu4HXa7myWavS2E8zR4uu3ewqekbyZKvLQ2CRivIxCu2xTQDvo9bJQdt824dKz3tN5Qv9cg-vPXX0x3hGlNALVYPNkpc7FKsrtOZJM5IFkhYxCWd1QVI7Ipo5haYUfUjwh4Nt4_vJTo8tectWuPSeSkRZLZZ9hMnPTnshriDJDgUWhAv3HKF9RjWvKcbqn1_KBUEHtETjkTqZ8wwWB-2YQ6rWoQiIzI_vvIWExxE-pIVqxQhoSrh-qpTaSV9zQXnKyFBCUX-CO705nN9iItoacFKXLSY1SwGRDGDCuR3vqXDNyivwHamUwe2y3wzrKrT--PfUs6sV-z9y3xDVd0zGOvsWbhAcC2v1TeakuYFgaU0kZ0CSi5TyybLPrqQJa3P0ZSFfJCARHh5XDb1gumZM_0hbF2wSrmTd9dzsuBo3HUf0UkXod0gv-J3p8ogsESV4HcZ9zUCIQRiajoe56vOkiCCv36qN6b8_plJcQCE-aCBi3NFsBmRHhoOAKxRDJ5F0FBnedKO0Ee8ddRqRk1xCdDjYpeG_h0p161P8TuPPzzycTqA_miLmesWQNNqbzkBjAhd7V9f1StpBQx1y-KI5yypR98bC7e5nAhye5O-pObxMVh_dpk9N7R3Okkl6sZ5HIJA9AHxxLMwywTOrscAlbYqUyF2ohMbkmxhLp6zUJTBf18EVgj6mu8fhbzB2_GHVzpApr45ouiELhYiGeSGiQ0OxwRTPtLjmdu7UCfkyqrxPktKK3aVUG1Nf4UjsFxcbBeXjFB3i4Popp-dfTt7DnZsYJfnYntmFHRF3mkjKRYlS1wbkT1TGe5C7ONZ2j5WZ-qDj5jJViB38mW4pcrrxkUWXJwn01FEBqfdDi7rLvSF0tV7HwMFXHk1YnPUn-nzzng4w9-9qeFYVrdr6dYZ-8RC8cApR4nIji-F3Xpg2-DxR8-cag0suazk5ZyUSffiWXSCpRIruDyB1MLoOJWdfA4sjetEkKqESphd2zg8wTvJlxOQ7tUeYyKizUBqSRC4fEOUHBZr7HtRLdQlYM98TG2naPNdpRts3lksqbsqCLmruJQntEH8YlIPBol9kEN1TN1OX7gbZabYvfqF_OWkBYTGGsNSE0yeHTCFUYdPq8oAGhyH71OfLMosVdxUbXfRXYYc9hOfliq55gfk9E5huoSssV-Dcn_JcqUQXEweVwomX_0cipK4uoYcuADi65WwxRyXD4MK_csmj_--VYe9u1DXg2D0aGwobyZuc3da8JrSxn-qavrF4GGGoT-vsGPazGpjRptHP_DaIcW4pm2pjfKZIhHBTRjwY6EtoIdO2YQUQIL9ErHmuJAlF1buFw18b_s870NfYWJUP1sAcDVutwXIFJ6n4j1AownT-mb&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=2140276699198534700&adk=2419447976&idt=155&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
12578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 186C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DhdE6UcRhlXgwwLZJpSiyLQpMTTXAN4qq5E3FGAE4DpF8d4PbF_A_UCgz1BLUios1N7FeYoKNp-iOjjD7VCcX0CGJmmCzFMrP3uWkcOexKXLqo49A3_dTc81O8Xa1JIChXUHi-9J0RMm69PNTvPAdMTvxQV5UBpbViqJOzSGkwdmbl3s4&cry=1&dbm_d=AKAmf-CToM3uqYoxnnjepiK7eYLaYOJwOwkHsd4xIQK8jBdBmNNJ60nelRHBK5hogOSSHHrPyW2E0K0vPyAaGeIjtj61icQSnyM1l-aKXzQ-1GRC_ICZXMZZDbDITkkml8OrFN97bhXDAnKqEaJP6r-lJfIU7egxDvRnq_bixqNFM384vEnPj2kLGtAVhNwLoFXaWrS2EtahQgLlq6p6CuR8hdYn3Fpz68XL8s1LTZC6MB84Toibd6FB5zEZThYicV9m1V0JFwfqnwEdGhXzdr0RXx_Mp2UgvylgHgAv88H5tR80a8X-W_mARWE9n8Qb90WT4t5DpTpJrIWoF4Itue4QUqyXNd1kPT_hntbi6UjJRfDE6L34zLn4xZvzFbRt05M2izJGaXXxcKAYEyL0HExG4fWLaXgGpla8PmGkcvtObX7jUnK7wCCutcBRvKtCMBZ21LecQQAmig_j3w-jVC8y77OlsJoQAMR8qzWIHnFYS3NC5kIp6K7xYP-QJ5JcpDtsiihKujsp2hgMNsaPaEZrKYSX8C7kg4EQM7VBcNYrT6ejAaiZFontUoYZ-gJiRp7LpL7fxwu5Wkt9dSjbGnPO1_QjSl0YfR_vheao62UIB1TkpxL2OHJJyTENsVv0BSz7jinTu5SP8dcqFX7bs8uvNj7ZquWZG5sscYHNtDrMU3tcJGL3QR4Q_oE95tn1lDkP0MHNO3gsdcfftC1DGS-88brcItpgKC6u0c7qBnhUsJ4_Tbhbwzp4Flcn6J67lEoaPP1PQA3UUitz5x2lEIYcH7obil4W3ltXh-4JZT-xsCgO6Hkr-chK7IDDstlJDYVrq1MIkEi6-qnpVaoJUXi6r31CKTpXGxxMzb5dXaxbaw9X6jwVL5JJhfJ3NW21el9G6-4LMcLuEI1Nav_Sq5xNtk9mbc93rIyoOAmgYvqRdYCfIejbVuxMy-8Ai67ER9QU2xWnrlqF5Y6mYRVC0YDhWkzSKRAy0N1a2_I_o1FcnNZPGha3OHVzbFD5zzv1UhjT6cxDdRwPI2AAhwFD88Y0yVYi5o77rY5n_C07d2QD8ds-31jop1G1TJe5jgVme7HkFRPQs8I-NCsdYPGcqOpVIXOVGp1vToXWm93aFdhJa44Y2mbxHy3nrxID37w5dWIp0OfY1n90EaVJIgegCSLndwoV_Jxg3-9VQWQEHmsntcdUUFWdGDfH43Zf0n56w_iuO54SiTIYMip4OwaLPQSQg-Bva9xCNWLgNxTqAwmYpuJC1lMVzB4wwpFG6tdF2QMBmt9IeZc1xGAaw-N1I7vLMOQ1EaEvS48RQnZeMI0FRc8FD0o2Rc3XWvp5GxdEBKcmEeYr8dHDdgraekwOJlLFMUTRDM3Wo1Z21lYvZ03r9qOd8p5KHVoYMGgYI0ToUceS_bOfoOo15r3w7p1AbPZSFBLP6ikDS0AWgPcQPDdwiOtrdDBYZKfCt_rV_ofLdOejbJk3YqjKAh2fKoTsVIPg17nmldV84p7DbR-yB4kzz7W86AU3bKbV9L0Wc5Gj9_88O6hkClCRsCFoShsRgVMe-4ZNxeVCYvtBF48rwBFvCMDh8-aOMrqdzx1Pa0nFjFREy2zuXDRTkhR81I8sDhAyTXBJ34inkvOTAq9L-5bb1vFI4gs9r6NvmEtoccLNLfHjhfD6vcL2siSfNKkfxWAiLKpmWiC8L9GBCjPlg_il4n6pinCtpfaQptgwyNYR4ZUGYZgusZQMw6Dh2r6A83WsLVlzkuKBPlX0jm77X74p2yseqGw66k4IzeNsLje6QxUukOKtZ4-sLvTRBlh8MOpxpUelmXMn43AGVF-zOUBirNUb1tRMK9uydyyPmJUMuytyukfFNKKj62wY88jXe3OADYNeUvpNDLHPOY7UgpZKLyXWLVi8zeXH3OuutkMHXKiinaKqwo_mahrr7sHElU09xkLaWoHqoF3SF7irdsLM_OP3IIaHzkCe5Wxnaf-rtpO6F67nBfQcof2FSIDcLKfu3enlBdsNCvwH33BN7DDhG9nI-aw1xWMeHtvUNSxhrPSGrNMdJO0kf6xPaVetIcTFlyRReeBjfElV9knY57PmnEV8kxviM8oXOshsnCMa1xA11xuCjUSloZtqhaqMM8PtfqzeSGzKHM7kQ6uyNCQli8jdR8E1UXopONPU2tacWTfAKfNgPTXpz9cOEDADv0Ss2EtWuz90-zqroYM8OUqewt6kHeKy8yE9VYT5dh-iYVz0hB1jE9hDY2qHc0bA-Swn5CmQlVwtxeEzpburF8F6RJqCxzQcCMD0-cwXeGI5VMkKe2jJWtAFQAA07ug1PU361TgJZtzBgTvzSiMioDAYBaCKorB5WdtCLeYbVkQygTVQte0c-zHdI6WiRupqzDu_eBdXxD6cRczVdyaWn80MRrPyvy1jxv2A-RNdnz4KPd7p5W33Md21YbD65lA597RAh6Tx8wR-TdPfwN6IqdUFosWSbp7ADIYOJVSEyj9sYOYtGhrB9kwpiUhPsUuDsho78YeKVL4IT5G603nJgaz41t6GzUeSlChZSVkvrGiqLiCPmDLFRsYBxltVDkJNtIZLItUz9-YpjeMxD6w9ronSGJ-ryFOWFfgfUS-isGx7R2v5Isyqar-6iW2KaNBMLuwd3cNSfkK3BwkMCZDoBC1issUsvOiLblLX3piLFTLoyKbX2IsLwVQn8OqRuJQsm_Sn9jNjtktxI0T6pOFzZHSnvOPImgzjbSPYdIw_dN4TtZMdh8NypYzp2DQlTYUoyKxgCbFkhpFr-ZkAKNVQG07KLkcwibKySaikwAP54KvOhI62L7ldxsRAhArASY8PssMwqzbZMfrJ8ivy4fu4HXa7myWavS2E8zR4uu3ewqekbyZKvLQ2CRivIxCu2xTQDvo9bJQdt824dKz3tN5Qv9cg-vPXX0x3hGlNALVYPNkpc7FKsrtOZJM5IFkhYxCWd1QVI7Ipo5haYUfUjwh4Nt4_vJTo8tectWuPSeSkRZLZZ9hMnPTnshriDJDgUWhAv3HKF9RjWvKcbqn1_KBUEHtETjkTqZ8wwWB-2YQ6rWoQiIzI_vvIWExxE-pIVqxQhoSrh-qpTaSV9zQXnKyFBCUX-CO705nN9iItoacFKXLSY1SwGRDGDCuR3vqXDNyivwHamUwe2y3wzrKrT--PfUs6sV-z9y3xDVd0zGOvsWbhAcC2v1TeakuYFgaU0kZ0CSi5TyybLPrqQJa3P0ZSFfJCARHh5XDb1gumZM_0hbF2wSrmTd9dzsuBo3HUf0UkXod0gv-J3p8ogsESV4HcZ9zUCIQRiajoe56vOkiCCv36qN6b8_plJcQCE-aCBi3NFsBmRHhoOAKxRDJ5F0FBnedKO0Ee8ddRqRk1xCdDjYpeG_h0p161P8TuPPzzycTqA_miLmesWQNNqbzkBjAhd7V9f1StpBQx1y-KI5yypR98bC7e5nAhye5O-pObxMVh_dpk9N7R3Okkl6sZ5HIJA9AHxxLMwywTOrscAlbYqUyF2ohMbkmxhLp6zUJTBf18EVgj6mu8fhbzB2_GHVzpApr45ouiELhYiGeSGiQ0OxwRTPtLjmdu7UCfkyqrxPktKK3aVUG1Nf4UjsFxcbBeXjFB3i4Popp-dfTt7DnZsYJfnYntmFHRF3mkjKRYlS1wbkT1TGe5C7ONZ2j5WZ-qDj5jJViB38mW4pcrrxkUWXJwn01FEBqfdDi7rLvSF0tV7HwMFXHk1YnPUn-nzzng4w9-9qeFYVrdr6dYZ-8RC8cApR4nIji-F3Xpg2-DxR8-cag0suazk5ZyUSffiWXSCpRIruDyB1MLoOJWdfA4sjetEkKqESphd2zg8wTvJlxOQ7tUeYyKizUBqSRC4fEOUHBZr7HtRLdQlYM98TG2naPNdpRts3lksqbsqCLmruJQntEH8YlIPBol9kEN1TN1OX7gbZabYvfqF_OWkBYTGGsNSE0yeHTCFUYdPq8oAGhyH71OfLMosVdxUbXfRXYYc9hOfliq55gfk9E5huoSssV-Dcn_JcqUQXEweVwomX_0cipK4uoYcuADi65WwxRyXD4MK_csmj_--VYe9u1DXg2D0aGwobyZuc3da8JrSxn-qavrF4GGGoT-vsGPazGpjRptHP_DaIcW4pm2pjfKZIhHBTRjwY6EtoIdO2YQUQIL9ErHmuJAlF1buFw18b_s870NfYWJUP1sAcDVutwXIFJ6n4j1AownT-mb&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc&ds=l&xdt=1&iif=1&cor=2140276699198534700&adk=2419447976&idt=155&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 14:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
379444
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 14:48:25 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0OTM1ODA2OQogIHNlcnZlcl9pcDogMzQ1NTc0NDUKICBwcm9jZXNzX2lkOiAzMDg3ODc3Mjg4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkK...
ad.doubleclick.net/ddm/activity/ Frame 186C 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjE2NzE0OTM1ODA2OQogIHNlcnZlcl9pcDogMzQ1NTc0NDUKICBwcm9jZXNzX2lkOiAzMDg3ODc3Mjg4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkwNTQ1OTkKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2htLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAxNQpldmVudF9pbXByZXNzaW9uX2lkOiAxNzY2NTY3NTk5Njg5NjM2OTkzOQpkZWJ1Z19rZXk6IDgyNjI0NzQ5NjI0NzQ5NzI0NjcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTEwIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTA1NDU5OQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MTUyMjQzOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTcwMjE2NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDc4MzEyMjQ0NQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzMzk4NDY0NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9obS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly90aXFjZG4uY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vaG0tc3NyLXJlc2VsbC1wcmVwcm9kLmF6dXJld2Vic2l0ZXMubmV0IgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x8db19196cfa450ee0000000000000000","13":"0x27f0aaf5359dccf60000000000000000","14":"0x447d441cb919d03b0000000000000000","15":"0x4588694ac65472a20000000000000000"},"debug_key":"8262474962474972467","debug_reporting":true,"destination":"https://hm.com","event_report_window":"345600","expiry":"1296000","filter_data":{"14":[],"21":[],"8":["9054599"]},"priority":"0","source_event_id":"17665675996896369939"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E434 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
275274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 19:44:35 GMT
expires
Thu, 05 Dec 2024 19:44:35 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
static.criteo.net/images/ Frame 9F49 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:29 GMT
pixel.gif
static.criteo.net/images/ Frame 9F49 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:29 GMT
events
bidder.criteo.com/csm/ Frame 9F49 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E434 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
bootstrap.js
s2.adform.net/stoat/630/s2.adform.net/ Frame 186C 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Requested by
Host: a2.adform.net
URL: https://a2.adform.net/adfscript/?bn=69659962;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CUc3JbAJ1ZazgKPWz7OsPr_GtoAKz9cbKdP_Cz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJICT9B6Y8KH-BSYITao6TmyHW9BRsl96Ukirb6OgFYNrm7_kSwBwRNkGQ7wM7ABi_fADlBJw-NuCy-wnmuHe1xWURWo6A-H6Vj0Cvo5TqKMb3JpaaSoxCACBndjaQ-K8ip6C-U0WnxIWC3p7fd5ktXfb3OSE2JJQ_5_kFfyzEhxcw-ZopVTwLDSuAEAanhISRjQahxaeACkP1cv-tzxCQBzUSchf5h00HvTGMDgNqfG7j06VjUhxf_7Tz1Ens2mjcfvNILEeufUy54omiZ5-976uvDLgHyVPH_tl3AM9NFceLacspNhNId2RzEiLOD74GPuHNnlplXOL1NASV1iisKTGufZRc2SBEf3CwynYlho4haIqsAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY35z54cqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMI_c754cqDgwMV9Rl7Bx2veAsksBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&sig=AOD64_0UhGwU54lfYae0NIAmsKdbJ-XOZw&client=ca-pub-4485239425924787&dbm_c=AKAmf-BNdSPIyb2uNjfuM2qL66wVoiIvv6WO35CAYfiO5DBPZCiuBgqiUmjdAjgApLwGtinfNceqoRt2FAWFIfTwqAcOYwKxIP7LWmrSpTWOTY0WDsNm7O9b1Bn3W24xYLMWtVGlQJ7UTlPDopCuTzm8siuXQYJX23xYK9ZtFNoPGnw9j-k-3NY&cry=1&dbm_d=AKAmf-AZEc4vaaGKuAZ4PmU7MDGfCUgASyKJ0SGA5M5grJrFVm8i8YEQlmeFUO3PYu8iwkVyL5AV3XDdp5Eh2FbfJAqBW0uoqdAPYEGRKyFRS0onTZurUbtnhuol4_S3YohA2x6jabifDB061JujRcqPqtT5WabiPJn17wJqzI8Rt4T2Kf_tuoasqaAc0pcHYgtupcDlmVxJaUjpT_RbQ5uy1VS_I6ieInLUCDOO2Ofh-d8p-iuzkTs4ONhJs7J-Txl66I0jEjstN-t0zS7pAKomO1LHTKy_yXsLYX8Jm_WXkXm71BmbSjWwYyvFV4YxWwOsNH7zOW8p1148L4fe0CJ4oo_tKT3gSJOgzlyUREiNVNpol3rEzeMfJFVc1AY5ICY3p48-ZSSBTuO1V__tx5HyHDWa4erpsro_Xks1eo81H5cVUEV9VmzmWt5AgGTJm3GJ-rz11FkctH5dODdLv3pLnVgyCyClZe1KMdy0v4r-hzN_wjjAhNmLr4Slz822RMiO04zgzW48puA9dFSRaNGyhY4DtQZwB1hNtbUXLhVvcUBD1jv2iCQ&adurl=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3f9459d8b9d545dc5b9c72ef6f486058a587af92d4e260793c48d59a75625d75

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=44248
Connection
keep-alive
Content-Length
17439
Expires
Sun, 10 Dec 2023 12:29:57 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 9F49 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=181&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
41
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
jPuSmoS381LNt1H5H97dJv50N3gsWk7NtyNd3iFJqQtv11F-Y3eMcg==
/
a2.adform.net/adfserve/ Frame 186C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/adfserve/?bn=69659962;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CUc3JbAJ1ZazgKPWz7OsPr_GtoAKz9cbKdP_Cz4WKEq-2vs-IChABINLMgRpgiYOAgPQTyAEJqQJiLYh_9w6yPqgDAcgDmwSqBJICT9B6Y8KH-BSYITao6TmyHW9BRsl96Ukirb6OgFYNrm7_kSwBwRNkGQ7wM7ABi_fADlBJw-NuCy-wnmuHe1xWURWo6A-H6Vj0Cvo5TqKMb3JpaaSoxCACBndjaQ-K8ip6C-U0WnxIWC3p7fd5ktXfb3OSE2JJQ_5_kFfyzEhxcw-ZopVTwLDSuAEAanhISRjQahxaeACkP1cv-tzxCQBzUSchf5h00HvTGMDgNqfG7j06VjUhxf_7Tz1Ens2mjcfvNILEeufUy54omiZ5-976uvDLgHyVPH_tl3AM9NFceLacspNhNId2RzEiLOD74GPuHNnlplXOL1NASV1iisKTGufZRc2SBEf3CwynYlho4haIqsAEmMXuxd0E4AQDiAWNkJW2TZAGAaAGTYAH9u7lvwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHTICigI6AoBASL39wTpY35z54cqDgwOACgOYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CSlDiDRMI_c754cqDgwMV9Rl7Bx2veAsksBPLw-EVyBP4ufjjA9ATANgTCtgUAdAVAfgWAYAXAegXBQ&ae=1&num=1&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&sig=AOD64_0UhGwU54lfYae0NIAmsKdbJ-XOZw&client=ca-pub-4485239425924787&dbm_c=AKAmf-BNdSPIyb2uNjfuM2qL66wVoiIvv6WO35CAYfiO5DBPZCiuBgqiUmjdAjgApLwGtinfNceqoRt2FAWFIfTwqAcOYwKxIP7LWmrSpTWOTY0WDsNm7O9b1Bn3W24xYLMWtVGlQJ7UTlPDopCuTzm8siuXQYJX23xYK9ZtFNoPGnw9j-k-3NY&cry=1&dbm_d=AKAmf-AZEc4vaaGKuAZ4PmU7MDGfCUgASyKJ0SGA5M5grJrFVm8i8YEQlmeFUO3PYu8iwkVyL5AV3XDdp5Eh2FbfJAqBW0uoqdAPYEGRKyFRS0onTZurUbtnhuol4_S3YohA2x6jabifDB061JujRcqPqtT5WabiPJn17wJqzI8Rt4T2Kf_tuoasqaAc0pcHYgtupcDlmVxJaUjpT_RbQ5uy1VS_I6ieInLUCDOO2Ofh-d8p-iuzkTs4ONhJs7J-Txl66I0jEjstN-t0zS7pAKomO1LHTKy_yXsLYX8Jm_WXkXm71BmbSjWwYyvFV4YxWwOsNH7zOW8p1148L4fe0CJ4oo_tKT3gSJOgzlyUREiNVNpol3rEzeMfJFVc1AY5ICY3p48-ZSSBTuO1V__tx5HyHDWa4erpsro_Xks1eo81H5cVUEV9VmzmWt5AgGTJm3GJ-rz11FkctH5dODdLv3pLnVgyCyClZe1KMdy0v4r-hzN_wjjAhNmLr4Slz822RMiO04zgzW48puA9dFSRaNGyhY4DtQZwB1hNtbUXLhVvcUBD1jv2iCQ&adurl=;js=1;adfxid=1x;4960;set=en-US|en-US|1600X1200|0|300|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Freurl.cc
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
81cc0ce08f7c31678936e53abe12b2a5732c6b45035ca4eb1d63b43494fb31cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3764
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame 02ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=847770560154147&bg=!jI-lj8DNAAY3kmNgF5I7ADQBe5WfOCZXTzr__lTi2I1ZkIra_hVKzVZWqyVo8kmI6O5fTcT1L_bl0MB3_DWZw_1pTxQCAgAAAItSAAAAA2gBB5kDGglWtkwyUXRaGe5en3jo3IKHtvx7o6TtTRdLVb_iORVU71Z7hKwZoTLn9QuayJz3SRP0vPxZCYwuKO6VD9ZhNbVl81FsaHnVxJ2pj6yD6yIND1YdGLa_eca_-ehbxiBeEbm3EDBhhsmD8NAqITVKuhQPuGGdm7fPg3NPRMMdxygtmFXYMItied_XHGcnx6jJWpXHeEJmHzIshNvAqIVMojo9FsDRi-KS2btajfbxfr6C8UNFFUDPOG3PdA-TuJrieJY9DI1FWXj7rpIWp4q61ziaL1Sv88dwyLSYfqCl8iBsms1V2UYZEo1h1xRonr58cILzy_Bi2BUrwzIv4tBrxSjHuMgiJqEbxFUsHH6OeruvfMXQz2b68aO7yTJXrlQqCvQNKceh8io7sjLh_p-BgPXxqt9SdQYI3t_B2RlPNaBxvhUZ3UE5Y5QwFHN06LxVs2SzCUGRp_jC-T0vcW_EpjemFSBR7bsUTNd63A4Wyy7INNDkoCJg3tU6WOvPdXyviyWpwQn3SVgjmakx-lXpIf3x3w7PqG_Eyy-mYRIXAXY_GoBFibzwOMSHZBU0YR7zIhmjY9Jx4LLuj3eEKT9aVDAVGJVAQkUrYocjqOVid71pl6z3oaZV73ZHv8F33aOEWFd_B1SOaoGzgplKyauMbMq-NYkwuWKiCsyvUJvB_FVJigxBmSsKXlni5VFJjCpd1I1Jo6U2459fEQFPhgVQHkEWBrSo8zSEi3sGe0o7F2PQS4Y5c20vMKmvUDOQc9X-V5n1Jn71q2gvADoe_aRcgEJXkC1HYJfzliqBLLVudpS6BXy_q-zS872CMrF4a42RuxBMktFD1vQ2M4yrzIk9f2-RrAR9RZS0OZAsYiOUMEDzjqF4NEoZfdaDAnM9d4P2zHvgF3bGWzyvotYi2Pi3DTSB3wznla1OMJWuW5sbl7w07uuO54KfQmt92pT01a0CoZ2TNnlbJYu19WOnBmBnpe31A8mFBKToJr4UIFnvDeSjHioYj0qin6e16WeTqkyiyfxKbxmbbosoiPR5XScKL4vHarKUKjM53uj3
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
utag.js
t.ssp.hinet.net/ Frame 9F49 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8A1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1123670600282731&bg=!ExClEF_NAAY3kmNgF5I7ADQBe5WfOIO9qc0aFQikhYOboMjGYPegUbS7ySXJI9OliacfH5bIwKxpMAzlIV2b-yhHBXbMAgAAAIJSAAAAA2gBB5kDJNWCQ59CZ_m4VXnYHoUbs3DXPlMBSJVbVMl7H7P6nRYC2ehANHthhN98eE8UNN8E28TIKfNGVSXVxJdSnYQeOGxWmmISPISYeeSYl6zETpE74DypoDpB0cmTREDybBEQbPBZCyPBx4UBN0dPuvHzV5nelTlCVlMQnuUn2hoRQ5aDso8YcLPuTbMjNIsDaYxh6CWiBniqFk5rbzqWl7DcxKE58rZm7ENAIUORi-k0lutr8uctN5D6Y8vCpjBAnEF-zVfrIKuHd-9I7MoeI1Kf5hlv16dW-8vvzm0CdB5hQVJ31FVsLBtm28pEU1kWSAgOsQraOIfRpxQGQlABbugI1EAOrLwFpzVCLqSRfxegEatPmIsUNFNZcTu6UkYSK0u7XN3pwYR3pvrW-amc0t9nNI2rYs3qFH_VmFGKuZNwkgBFHQ_KST5xfM8UkYsguo-A6dRJ-RKni_KBtBG5sj6UelQvTWEoYmOsHV3rWwdSCTXcABtMueJAEq3kfs5fYiBzQeWSxGHUPCrsrzJK98DbItd_bAwfPryY-Cqqe0VosL41dmJH54KBl_QUZQDKLx8TphCzEdqtzg8UBUyphS8CzjL0Kl4ONHLgP0xTa16RJH7VpOEEQGkiAQncm2SYM2whhif2rl6ylAmacxPjqV1YQXzf6P1snJAtYMjnmJkbHzfyjEV-_TYa1grk-HtjqxS9aeNjC_VgdeypUlJmq5iAyjt_6BuwddnrBypVqquwzVWCn39Wl6_qTlv236pIV33XVMvs_23AGBtLvTTr9qDkWvdn5g--YsZ5QBBCVBu3ZV9XXJF74NY27Q4rgb8FN3V5MxMwI6p-tTLfA816p6q02c3ZI5tNNdZP7uVVAHT1w6kT8LwZK5KuBEKlUTNubcDAbmfWI4D5zstNtUl_Xdh4V5kfx3TDzf81_ANmVDeqlj7oEie1_ObwX8eqS1TjXeTCe-V2ZkrXP5jPFW4wMwvQNlhXTn-Ntz9rSFm-IbYLQ8yrZxDQ5eRGty_NtBeeuCgAN-lVdeHF3d5sbeNG2BDmV1O5GiHLz6h4sQdJvVT682TwFznSvQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E434 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYAVibQJ1ZbXtFYWcvcAPqIm1wAsAAAAAOAHgBAI&bg=!7u2l7aLNAAY3kmNgF5I7ADQBe5WfOGiNhvi0Ez6-wpDHdXRdrzMEA93rIGaLbvEDd0WPGMcsstiJcTlYQGpy67NL8hJAAgAAAFVSAAAAAmgBB5kDazaICqeeHZxTqPaVjhkv8jzyGqVdDtj4enMOciw8LF0MpxsrfT7GvFs2CquYv4p0nGXx7TZhDvjQAeIxHtcTElt6ujBLgyCBr3Cj42ZshOyPYykj7-c_OCD4svsE31WQ7kQCHMxaDtDeyXHrRRv0GQMjwQo0fFLQdzRLdk9nnRQIlH4k2a2tn8z0FZNDEn6dIQJNNBqGqbC6vkwAosGW_0QfnATp7gZrHhaFiR-e5PGiIdan8srDqDYGTw2_VIxqXpowTRAuDo0-KPFCpqJwskm5b4l1Gom1LPff8SK65eEp9kYFOk-lwS70lGZbG1F5vHzSHXDCRMC7rEiODfnMc-xfsRceSgf8CfNBKbH6pk2_WoBQ_BrBkvjAPiPSnyW3pr9UJmMCZDgYe9nFx2OkoJyekoCPZfd-ULoErCbr19ZidXJhF5RQE2ipL3AlTBmBSnkYE6QHoixiQbtv-WWnyeqxy2-OjECZGDnKBYtfD5xRhRbpKAWvhq6HHF-StrRAZ2RNJ9hKI7g77lFlx5d3Y_P19rBt-VKhQhO5F3QYR6Hyogm5B7zwTh3otmWMRmwoz6uEmVW2mO2vc-UhsJ9l08wdf4vCXAcK0XFWXrYF2NumKN3HDS7YjWOFk9zeT1gEkX6PsiJLT7-xQkJu0QaxTb0HAGE36G4GfcIASxO9btyNmTbxj5sm6RON-ObChnH9cZAhoGL1UA_N21pKzuz0ksNneSLNJSsvNTLI-CUvYnTJaWSYtwE8E6MLH919xq4PxKmqqn-sv8Q00d7rh4oA9d9J0fjeyv_HR2HHLUDtbHZ9tLsOBmUt957u-Sl8geeKAEgv1YwZNGz-B2ekiql5lOcwPyih5krIK8L1fod-RRgRhebcTs4aAqAFhkKQRzsyRq_a9u5uE5bXNxbdo_71nAv5s6_dIYRlTRP_Mtz2k_UX4X-UJln9aeoviB744w00UynbN3YULZl3G4P_w31eXKlOhSKJOuHS4jKaQNRz7jdWgF95pqHII9G3_2U_M4pgOnSJdn4NHM8duGg3-f66qeTVR61czlKj3Dhw72zGNh2Ki9vkvGTfjl1QlWWyVseScgMa4V_tX4he1wugmJlo_CrV9b5LpwQen6oMTL46Pj8BeWAGtULew55UF7p_cRbhsEdfjkPOT-WwI6o0
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ Frame 9F49 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
bb527815376a198a16cbbaab6649b2f63777637bfd5c38bbadc7ab43d2b88c11
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EDC5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

age
7110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:13:59 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 22:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 186C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ffa68ab73ec01e25606b97f545000f8e68876a783c462d640cf8336f5117316

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame EDC5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1&google_push=AXcoOmQCBYJE612BpKXxVdkrV7VRCx05EyAj-MSoLFS043yeklFuYFTnaRaH5nmPa8_rzmPTXWGWDlKY39Goth-rlV7WWGJtaoAg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg4NDg2NTM5OTE4NzE2MzU5NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENOL54bFUwAx0qnL0MtEJmg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EDC5
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEEcLNu7XwG5D_RjvGKS07g0&google_cver=1&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJw...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJwNYBOoN1YYQTiWQhIVJag&google_hm=ZHFycUZHbFFmVUR6T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJwNYBOoN1YYQTiWQhIVJag&google_hm=ZHFycUZHbFFmVUR6TXJPTko4d1B3aVZTUDdr&from_google=pc1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Dec 2023 00:12:30 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmR9zeOg1lGqMjLsNTDwpsmmxUrPDqtxQy5OYdR4nqev6RRT-TKFDxIKrsxFEKAs2LPs47_Ll6VsJwNYBOoN1YYQTiWQhIVJag&google_hm=ZHFycUZHbFFmVUR6TXJPTko4d1B3aVZTUDdr&from_google=pc1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EDC5 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBdAyC_BNTjaOBiTPmMqgas&google_cver=1&google_push=AXcoOmTcEdvZzRQpUMGXNrinbE03Wx2F0sVO2PtxgdUcErj2inJ0-0ZgguZ1NIy0W1LPoW7EeO7a2UBfApxcTnZDhwwAkR6pXWvFvQ
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame EDC5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJYOzhGNUCHD2NH67xRgVkU&google_cver=1&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZUURFWFEtWS05OElU&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nmZhXTPeaov_2TWcwCEmdlLokXAjw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZUURFWFEtWS05OElU&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nmZhXTPeaov_2TWcwCEmdlLokXAjw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZUURFWFEtWS05OElU&google_push=AXcoOmS65RmFxnWQf5h0RI_kedmvCL_sq7DURmSFTukZnrBDRKPKenKy5ecj3-MbMtX5DD4k9nmZhXTPeaov_2TWcwCEmdlLokXAjw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
391f9361f5b88a0e9c7eae9d872681c8
Expires
0
pixel
cm.g.doubleclick.net/ Frame EDC5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_hm=ZXUCa0xoswNKVovgNa7iHwAAFaAAAAAB&google_nid=index&google_push=AXcoOmTpe_PFTd-2zyP3F4vjdqOxofQWj1Oz0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_hm=ZXUCa0xoswNKVovgNa7iHwAAFaAAAAAB&google_nid=index&google_push=AXcoOmTpe_PFTd-2zyP3F4vjdqOxofQWj1Oz0OChMPf_yKJYvHidqacOPVKTR29XK90ewH94HiNbySqKFoMKeOHc4AyuueTg8YLECw
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZXw6qlQCJQry20j3PX8n7EAcG2ptiJbBTjtIKYSovVP7XPdeUDT2sbtoImVzO7fqsz9wLzR38g%2FJlsntFSha6hqAdl0DUoRWGopLkyc6KAEadXLtso47GMybOilPVwZrznB2v66TW7E5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPS0cu8Dp0TQwthbzWF8PEU&google_hm=ZXUCa0xoswNKVovgNa7iHwAAFaAAAAAB&google_nid=index&google_push=AXcoOmTpe_PFTd-2zyP3F4vjdqOxofQWj1Oz0OChMPf_yKJYvHidqacOPVKTR29XK90ewH94HiNbySqKFoMKeOHc4AyuueTg8YLECw
cache-control
no-cache
cf-ray
833146ce1aec2612-NRT
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame EDC5 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEuomnLhTmjoBb84Cp9EC1c&google_cver=1&google_push=AXcoOmS98EBObXY6zq1U8dp3DzHXpGZH1LWgXpQ3WgSREVO5Mp7twkcCoeodYNlEtpodzb6Hr0KTMMrKC4K_F9gUW9EARC1k-AikNw
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:30 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
sspsync
cksync.yahoo.co.jp/ Frame EDC5 		35 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEGuoc7Vj_7h0sFQ2ITYpQM4&google_cver=1&google_push=AXcoOmRw-B1DwMDrI4fz2i0-vQiTEy9eHEb6oV06alHznRIbdhyIaSsx114fxA3ubr9C0m-GlJmgnvqwRIqhh0IcCXHe2UkVfuJe3rA
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.250.123 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
server
nghttpx
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame EDC5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFU2KUF2AUKtyQc36pLywzbkKTkeWp1UWIKfiFSVjJKHakRJL5xQf9FqMuuFwDMVfR5EThTQ
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame AB8F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLjnao3r0It_rheYf3dZEDNJDn0iFgBjFY8TEqp-e8rTGTDfAxtQFrAbLdrQ565Ej3XhNghmZveLFdUJX0Vi2Cou4cODB9nEtay83FX5mWDqqIDJ6G_yXpKiV-922p&sai=AMfl-YSLc0dpp_RG49R9SV41vx9Ox4ECdpowCmpe0cmdniEjPWG9xZlJ19vaOsQ8QX3dYYMdEOLEtDFCwWanVTCh1QSeNVEtoQp025psMwdULq-fuAtVtWjgt4Mdh4UVmF6Qf2JLCx3HXGPjJIcREXy1AQDAxNQ_QjLTv_M&sig=Cg0ArKJSzMSL_nYcRCBsEAE&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&id=lidar2&mcvt=1000&p=108,1030,362,1330&mtos=174,1000,1000,1000,1000&tos=174,826,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167146805&rpt=1954&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB8F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=825248756111&version=m202309260101&ct=77&x=1&cor=17683548963642933000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E077 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvh6lIsZ5G8DAdNAP56ltLjd0Dd1_lxHnGasn6lSzcbTNiaZxmXtbybYQRf1y1R-1NT8QfUI2d0L6znm-xaOSe-Mf35gTYw1MU9V9-riJw87-DDLk0U3r63pPOOaf8N&sai=AMfl-YTl2In3ExYDuloCSssaHEBEoSUKWcxbq753dlaGSGnJMijoO8S2hgs2ImXFuNun0MttNtRwTMpZt9m0GVAA9o8_B9QoAL4KA2hf-z3eYftn6R1MxGvkmjgiL9MjTbQzwKwO6NksX8iuNhovimLg7x3Ct_KK6TH-ZA4&sig=Cg0ArKJSzF58OlU5zsyvEAE&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&id=lidar2&mcvt=1000&p=108,270,362,570&mtos=183,1000,1000,1000,1000&tos=183,817,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167146812&rpt=1979&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Standard
s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 186C 		85 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/stoat/630/s2.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Nov 2023 10:42:02 GMT
Server
nginx
X-Cache-Status
STALE
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=12351
Connection
keep-alive
Content-Length
37066
Expires
Sun, 10 Dec 2023 03:38:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E077 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5002669999118&version=m202309260101&ct=77&x=1&cor=14360454527219851000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/csimpr/ Frame 186C 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/csimpr/?bn=69659962&csi=j89qOh4a9dMWAaWN1E0YOf_in83nnzUiMPYSaleTHC0JDwKV3Zer3A9qtAlONMASRbeoHJvirI-WPCBBGReLQN6vWmW1dlSa0
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61408015.png
s2.adform.net/Banners/61408015/ Frame 186C 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.adform.net/Banners/61408015/61408015.png?bv=2
Requested by
Host: b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
URL: https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.62.20.90 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-62-20-90.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b7d9591a73e20b7641f531d49afef1ae018406f636e7fc8ed5c5898790e3ffcd

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 00:12:29 GMT
Last-Modified
Thu, 16 Nov 2023 20:04:04 GMT
Server
nginx
x-amz-request-id
tx000001b8f45df482bef06-006557676a-3295f919-default
ETag
"3b1401ec60adac4bce07c558aeeb784b"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range,Content-Length
x-rgw-object-type
Normal
Cache-Control
public, max-age=40339
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73980
activeview
pagead2.googlesyndication.com/pcs/ Frame E9A1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumGaSxVuAWszhboDwZmwvLVqkv7TNGv5_lA9DbG_Zny0dpfDUvI7JLGZpyN0gzAAYCdg4kTmNfS3N7bVkMgTSyd_pi1A-DU8lXapeWE_H-hZC1bFENzMXArtxRaZRz&sai=AMfl-YSOzLwJgMDU5-ZXqrwIZ5k2vGMv3gHgD8g8M0MgYU7ae7_AA0WqRFFO8aHmY00S3TWW_ddTi0CDWIludW0uXBrExkSeyBaPH7lUr32wKBLhmL-zIyMw9elk5mqZ9xEgzwj8KxtqIp3CsYYJfxl4Y0QgXOfGImxPYAY&sig=Cg0ArKJSzPrImJluQFWWEAE&cid=CAQSTgDICaaNK4pmLc6-Ewy3oCmuxqHtEQPd9UteIzl14JzNEWdeqRc0rCqYxxeN94vRxfQ4Xv-2DW1TWNywM44PK_HScuY9BMSynW0KIArzjxgB&id=lidar2&mcvt=1006&p=555,315,649,1285&mtos=144,1006,1006,1006,1006&tos=144,862,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167146789&rpt=2177&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1C7B 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b6c012eddf06c503e008463d2feb30111fac9e14b2945c9713e3fdbad3e0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30286
x-xss-protection
0
server
cafe
etag
10 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:30 GMT
/
a2.adform.net/serving/unload/ Frame AB8F 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6761229891966673806@@69659957,4573901084804725481,100|1004|0|0|0|0|0|0|0||39|1|||||1|0|0|ut8Q1dR6KL9cPlakbYq96UVIWr-97H_qfPNexv8k4aMJlW5WSO15cfL_QlhaeLlf0|||11||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 1C7B 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70906
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
/
a2.adform.net/serving/unload/ Frame E077 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=4391690314195297222@@69659957,6572638473104831843,100|1082|0|0|0|0|0|0|0||42|1|||||1|0|0|ut8Q1dR6KL9cPlakbYq96V6Swga60cXWHN7dJkKd6Y2Z7zo1Ut_--fL_QlhaeLlf0|||11||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ Frame 1C7B 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3122276955011473&correlator=2838737049073581&eid=31080074%2C31079961%2C44780989%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167150294&lmt=1702167150&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=bul9g4huq9gb&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=6&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167150&ga_hid=2027399541&ga_fc=true&dlt=1702167150136&idt=150&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d07f5912517f69e46f770f35a335525093cddbdb8316514a1eb68cded5e6fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12622
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C7B 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0bdef5915bc9f8fdd09b2bf2c7adb6b36a650367fa5c913eb23a2c4e17f16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12125
x-xss-protection
0
container.html
8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6C1C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:30 GMT
expires
Mon, 09 Dec 2024 00:12:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9A1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2924711935274&version=m202309260101&ct=77&x=1&cor=14003009443938914000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
a2.adform.net/serving/unload/ Frame E9A1 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6088704989762914254@@69660013,6283020199170901263,100|1025|0|0|0|0|0|0|0||47|1|||||1|0|0|XPFg2KG_hnNcPlakbYq96bYoCNJnkzEBaiyzQh17S2EJlW5WSO15cfL_QlhaeLlf0|||11||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C7B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4E4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70901
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1100 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0dd3a876ba56eb140b883f94883ddfdc1afbf110defea47d146f1ae9fffef628
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3EAZXecx723UrORv8NqtBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3EAZXecx723UrORv8NqtBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:30 GMT
expires
Sun, 10 Dec 2023 00:12:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame D4E4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D9F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv90ZSJkDBIttIGNshycRauffr-5WPqa2CfFL5k5wbiXbQUinM0PR-ROD7OPZib_KHw4cqiej_R5zYvZQWQgw_bEQhsmX-btEOuSsEWRfQjeJuXNvfaUHiCdA4fKg2ZUxXrr9yXqS8czOwFpC1YjDq6IkPo5DLQc3LHHnf9dTtgAp1BFsaUJLZY3qt7TNbwfSVD3wGzSbvjK-H_o7Ophcy5pOtI4h5FGHB5P8jDvnYZ4OdysxWY9_grbP0reJ1jMgPbJFjAooXl63LN1V-UOHNTR6QuSAO4CMq22HobsKitfibMbCiS-u7QsJgqqmps-3jgzJPKQwgk0NkLYyQ7OACyvdSeQda4w5H6k541ieSfOIJjkRPotwXAVnTrnmggT03FYgTI6XQw7g&sai=AMfl-YSkU6G9WOrEoudaOnqX40gKNh_dhr_B6NgQpEwS4-aRJeMo1iXUmOflhKq48e2ngDhr11Q7tjMneq5GyQDy2NCZIpyDfbsDaYj_-SbpDkNW_B3p0LHeKLxnw0cvO74GU7soijkXcRtJzQ&sig=Cg0ArKJSzLL2w6nlzkfjEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1100 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3122276955011473&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D4E4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?LDlM4g
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2144 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstY7Z6k9N5kl8OlxYLLzm8vLece-hS9ieuHLOANCkjVL_vMqbhVPevoI7b2rpU7FFyZNqVpFRB7qXimi9DOLdXYDO2PevM6W73DJ0n4iwR0wTDZvh3FnRnxJzITNHEJpYu_F6FV_C0_6SUBY422JZRH1CaY0wfNtengqr763l6xxqFmss9qaLfSaVsKTZyhkDamTHRKaTCQ15_tJzY9JF9HUnPTydoaY_oY5wnkoDyl9htwNmCPlIwTyuHgRhkA2atmPJDXjl2Sv-2Ge5ruC3rYPpfqRQhATN0g6eix5j5_aLZGqlIA5otFFRU7VRe3VR5MJ_I1dlkTnrtVHJCGjkQQ1f_d2MGwLSXrqyqUh2dHc7S5PeiZkowXz7kiER_az_bVOnoSHHk&sai=AMfl-YS0sSMXNZysgwFrQr2fhB2wq0y4egdqgwfPFEktHlXNAfwhp61sLPP-FAIUWyxHnJ7zRnshWk5FBtqRp5WRCYhAkTS3gNAFRBgd2Ug71k3nEcLDLoCbpwwEYqrwKfCXiPV1WljU8R3eGQ&sig=Cg0ArKJSzN2sPVrTlRqZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 2144 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
50
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
lAsEUMPHpqRDQYN5-YU-grNNrwA-hEkXxWkQcCVEYe4qtFsR3_QkbA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2144 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:30 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 2B7C 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:12:30 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
-wI4DyBfRv0Or3vBJB6KY459i0md7Ra6BGXmzAc_RhOcSn7L7swnDw==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 6FFB 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
48
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
9St4J-7cweSXm834gZK2g038KM0NLC-5gMh8t3v4P_ewVqS4ukPKsg==
truncated
/ Frame 2144 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3888b4963223520240041df0c8ac638085a2986e354720a9468bf2359649f6c5

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 186C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulX5mCObrlx2vG4yQPsthfYx-JNVsoeme1cXNuHpO7f-srqWTFASVsKHZN1M-knv6VXVVNEhpphrX6Euv17AfMUkW8uNjrNtrvcyelYit0GtFrCX1Y3Fb9_IxCicJ5&sai=AMfl-YQVE6fAC1SZHITU4-V5TjJpegX4KaxfROien3h6z7tgIurOzcIWmhwPOZovRIZKFKus8HVi49tjxMCgiLQdq3uK4PtY72Ga-G-6c2hqNU_K8gNxDG_cuj3yNFWpaCrLBUOqQkoW-bg&sig=Cg0ArKJSzMF6WKWm6v_OEAE&cid=CAQSPADICaaNzkj_vPa-ss8RnRtBbf-Mt3rgXTHKbFwVS-ikDvrZBevxr8TNMH3btAMx67d3yAS2nXERLFqxAhgB&id=lidar2&mcvt=1000&p=358,640,462,960&mtos=273,1000,1000,1000,1000&tos=273,727,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1212019568&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167149103&rpt=610&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.lndata.com/ Frame 2B7C 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:31 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 2B7C 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 2B7C 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 2B7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
age
1
x-guploader-uploadid
ABPtcPrDD2iSacPSVcxTmewJtkgpXMhk8wXiKpHKg4AaM-MYo_ahGh5xaayPZi2EyK10Le3a0oKb4R_35ZdKWwpxYVL2Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 6FFB 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 6FFB 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
XckP7cUtXJ7DTIopWLWBsQDWqvyNW4z6wCNp2P6F_4oFyj2BbRLzgQ==
ads.js
ad.holmesmind.com/adserver/ Frame 6FFB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=750&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b82ac9bc0ba6e9ef4af90bf5684e1c581bbc9baf9431b9db304c205cba944ce8

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 6FFB 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
55
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
mi2k-HRM8CGlJjrWwx0c5daqDINAnKxivRHKLmae9A65WOgZ3pHc0A==
publishertag.js
static.criteo.net/js/ld/ Frame 6FFB 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:30 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 6FFB 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
49
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
PsybpPoPKzLPbdJD31WA9Yc7V5Sn_6ZMV2LPW24C5oKXSDwNsw8yTQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 6FFB 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
55
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
TuECh8OoONvjCVILqhzl6XBOiBZtSqF7aomDgzlfnUq7K5dCebnqEA==
appierV2.js
cdn.holmesmind.com/js/ Frame 6FFB 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
60
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
16fA--EYndzy0amkWx5R08waxVKhD75FF4gu2VnOGIbHRmtzXNfNqw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 6FFB 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
6
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
xPzLILk-zufh99cZCsjMuGX-roXKDrRYtM3tU5228BCa6u6AMbIJNA==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6FFB 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:31 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 6FFB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.16604204692649294
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
eeb33bd077f80743053f2292464f2959346ae1b0b5e7f605a2619e798e7d84d7

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:30 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 6FFB
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:31 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 6FFB
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:31 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 6FFB 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=22299083500
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
drawV2.js
cdn.holmesmind.com/js/ Frame 6FFB 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=750&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
42
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
9fyMC7CqzFtB5H8y5F57ksKkyzeJSzzycKsQD05XszEPghbvhT2E9Q==
pixel.gif
static.criteo.net/images/ Frame 6FFB 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:31 GMT
pixel.gif
static.criteo.net/images/ Frame 6FFB 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:31 GMT
events
bidder.criteo.com/csm/ Frame 6FFB 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:30 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 186C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4150976264585&version=m202309260101&ct=77&x=1&cor=2140276699198534700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C7B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=3122276955011473&bg=!9vWl9brNAAY3kmNgF5I7ADQBe5WfOO5sDu8H2M4GYsP2g54cWZBYD7aCF3cOQ418Wj9KmCTf2cDjioyTlIAtrm_H9TtuAgAAAEdSAAAAA2gBB5kDb037uvWLRgpzceyEUXWz6iqMvSVA-mH4tB58q3XcgUV7jecXLmALvY6gU_LpkcI-qwfK5fRt3mUfBKPmZui3WO2zJCbtJNuaKni6gWqgo17NhiCLCUBpZ2NerkiMGD-CVZgsCtZhhWxwLeaaXCfDzRd8kY4xEb2yCf9fFkJ5yDkiL8zfMbLRO8A8MZ4fkFhOIsJk4MbUCQtKRio8ZpRFtsqNvg9iZ33DvVbxDuNLydL5TBgavzs2R-1AOhkjIzdtgIETiGoypE97RzpR8Xc9pp5012Rp-YHrAG9A8KelT9ksiQB6_ADh3x9d-mt8_V-PpZgXeGhSkI8zZJXj687FETRwVJZW-dTsUm_czxrr-OV5qd_uovtzKFjMUnDM-4VKp18QeAtIGtM_qR11zTUgD-uTZAkHabeRc_hJpnf5Ry3YsycV7nzYILxuUBcLabbk3BBrejXY5lAD-eOI1zM7N4SOu_CEW8wjUNV4b1yGAS6xzkHoP358S0XfX7zw92zIZd7TFOrHp3tC6fAV3u4PYqWx2fL9Rf3zcG_jB5aVJaRhehbPlw1nx7Po_qIyvy0zo4z2mC5dHBK6dYixvauXOmCBSkp2JSaQlQJY-9m5mu_xpp4m_KEmpkoqPfVMMgndXl4B7fq3aLYwjT7eVdkHuI4zp0CXB0huXQ_Fa1epeWBSu97peWhgN9Wcjp8zMjZCWphYBYOFsGppzsAHHvtI63zkaEwwB1pP0amKEL1u7RMy-ir-tQZZNYHjDSYld0NsO0L9_qgpZ2wcAZajHtRgcTY9wObVWliAxzyDxPTW7ZTvYa5fvV476x2qzMkVmGH73t3RY34Ki6KpOoQ0FWQar9r4KM8OAh4dlDknUq627CIAtlSddbvPOzXIBNeIDUV1OHjZdfVdPEgyQJT3QgWN_TsGw9mufBwvNwhgSd3gxdfDiOamgCxT_qxuJ8Na9dbQ-YIevJiFZbXiFLIWno0leJ1YSTIVbpxceuT8jyxQz6XRx9nUk8NhhEcotiDWXR9CGoYI1OTmSFQXqDDB-ceV4QoHgTZ7asy7CD3Vr3ZMpxcLaTmLHDvcYEkvn1eiWYNUacW0svrgWFOgAJYqJ-eausXtpEsO2CvGsdLMz8n29ljCp2HRP-6F64Otg_0x_UnyL4m5YdrCLjj-rNF0AzjqJQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
utag.js
t.ssp.hinet.net/ Frame 6FFB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2144 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssztKrR-n3Xy-PEJyzclXt5hnDF3qFFN9T6_0BEFCcIABgugfMmCd29R8b9V4psKGvw9NgCrbs2Y6lOrBJRmDFM4BbR2bm4QVM-TzcgMivdNAaOzFUGJfuIb9d8KbuBRCC5-RtYn9iw9MMrzEp5PTBjvCJdhp86Wzrtx2YzDMeE3FaHMmn5GU82L1CdfQrIu3iJCc-bh7JQEJzsashEPxpEliG1BWQEXqQm1H70MaBiYTbVCVPuEmWh3VNCCpfNyphz_HfnfsGV3czf0l2ujTfEIjzQU46zeUq7Xw3s7Ag8kV7ru9gUpHg9X8rE7HXcLfbSoqhY1q6kJIZJVPbkjCRsAi998NOdHGHv_JRcmXBT6Hks3Hw-SG5iBj_WHgqHUjV_bmm141SCPA&sai=AMfl-YRAsOyGnD1cDabAGK5-ZmcTw8R_SAX_HL3a8GohO5hWjM1Vmqz2bsIB-vrdlCcKimiCzbZR-eOPaaddbk7EjbkmJ9QmvzUgqTCUz_fxTqwIyeXmxiGzZf9prqmYZXUze2F4SbNQJ6f-nA&sig=Cg0ArKJSzJdvJgTaAh0TEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 404E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWbc8RbUYmt_zQsirLBcCVAErXlPUB3LUdc9qJ_94aI5Ni-4D3HWavEqH3X8kN9XIZrYpWKNmvVVnCK_GuY6cOAJjVEeLonaAqvFbHa3Dxff899l8VogE_H4Q1AvhK8h0vAwi8hK-d1rYfGcShwvdgpFtMedgn2YYeDqXBn3whNebgazj7mMUeeoHN0-45Iro5p1KiMvJzpi--Afw8-E3nWGlLDoSV0j7c0Yfu29yc0RA3hVlk5aOQPixBHBzvBL_HovZlhWgr8ofcvoMj_m5XK93hbxBFrl7bnWTq04bf-lKmagduxRQv4oAz2BHKMN-uUVc9UXMTjKnZI6Ppp7OtwSxWgKCH5Mdh77p2OZjevgwj0dwcYGTELxgxZaT_8NY&sai=AMfl-YTv6_VYYEImdtKY8N2GgVLxI8fdNh7EvhBdMe-KW460DZquvhhM6HOV3uV6e-NoANSOrA4ItxVe1Niqsn95XIcnvnhcEr3b1s6sxn15gWO5AtHfWUdVbe0KifL6S6VWKDippf3wcb0x5RRFVHIm-VzkmXDwRAFwZTAHAQ&sig=Cg0ArKJSzFCwTuVoR3TFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:31 GMT
/
a2.adform.net/serving/unload/ Frame 186C 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6088704989762914254@@69659962,8141199565747992020,100|1200|0|0|0|0|0|0|0||20|1|||||1|0|0|6cTf9DcArl_xBx_RTJEBJ7YoCNJnkzEBBR7BRgjQHCqrA424mUePyfL_QlhaeLlf0|||11||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame D9F8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYixosCLRV8yXpmH8FZAUbwIdJFK8W0s8CZO5F_JXou3E-_HcArfFBywaxZbMoitFGcyZLCmzfIZxK89AmL7D7LUB2Qsz2ncQ3IPxQXJYFokr-iM2IuJ_42spuoBhy023vI2ecviYg3A&sai=AMfl-YR_LuP2x-pnasz4QUu90pIwBh70-2DF8qDFiH_Rzf4DcXYme18&sig=Cg0ArKJSzF9a7HUZGPQlEAE&id=lidar2&mcvt=1003&p=108,650,362,950&mtos=0,1003,1003,1003,1003&tos=0,1003,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167149180&rpt=1321&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CA7E 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f016d0f6d2435642a6fd615187952d54ec32e130e3014a8067d512c237df68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30282
x-xss-protection
0
server
cafe
etag
534 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame CA7E 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70907
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame CA7E 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1171279675520556&correlator=3645677210339038&eid=31079234%2C44807689%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167151771&lmt=1702167151&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=6k0jbsl89xa9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=9&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167152&ga_hid=1743940670&ga_fc=true&dlt=1702167151628&idt=132&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8238fe4126cf6d05a41bc79936680106d2349035815c4d62cc20dcb7521a9130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12626
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CA7E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56ba77ebcabd13a7edea88c2130e3f72e5e900cbc61a57f8135448542858a753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12276
x-xss-protection
0
container.html
794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 395E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:31 GMT
expires
Mon, 09 Dec 2024 00:12:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CA7E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:31 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702167145233&gcd=11l1l1l1l1&dma=0&cid=771304031.1702167146&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702167146&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=7244
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97FF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70902
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6059 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
20fdd67c4af3ad1f06567bcd3239d627e87c51fd23c0902a051fb03bb3bcdcbd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cbVj5Nf7o0jLCzslqbJekw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cbVj5Nf7o0jLCzslqbJekw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:31 GMT
expires
Sun, 10 Dec 2023 00:12:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 97FF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6059 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=1171279675520556&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 97FF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-AE0eg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame CFBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWRw2Z4jluXwmHQFLSY85K3KsTOexUX4DKrmq3BzjDStVpgp9Ff6iD3RFqAK731k25HMVKs316mX9PkWEYyC4ahjS4gErvDbmE6AFUpXW9D29aRg4pkwxRlL98FtFmrM-Loy2xQWV4N45HmOfZOCd3ZV92byjBLPiomz-GzQ1oc1lhTLLVUI1-w-O_5S-NCqzK1RJSw1TEge9p2fi2qEix3hmLXTklGlx4UfRoJANW6Qv7ctYD_XXNWhqtrWenYLSHrQxJaUuumn4CgZSnpniQaywjYSPtSadzmjJEyO1pZgNPP0daipRjL0zOJyGPTMNaFgH3AO8lzOH9yf9t3v47J7pFcR9UlgVWjmCVxjMKsKomGlZse8fwVEyip-jdaJOXhcE4zeg&sai=AMfl-YRbzyTjBSrLoxfMxwvXqz5kdy9EwHQTm19D0hm_-BK6ey3KxkjzOH8ghydOcptNZ5R0EG0DtDoqMcwPTozYm17QXar8MMhOJ32EastI_qej2dNOEl1vZIvIQG088pHGZGpW1CBuzWAWTw&sig=Cg0ArKJSzEwO7IiLWHslEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame CFBF 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
52
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
AjUgsIgTkYBiVA3MkGJTrSGlytwvIxJ_vV4WqQ2Hx7dCZVRk76va6g==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CFBF 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:32 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 8EC9 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
2
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:12:30 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
4KNm6NYX1q4-WU8buW3WEEMRV-iEUn0a3LpO6juYk20lOI1blBNeqA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 9E4B 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
50
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
biRyNWe8rkDAQGZ9nNWFKOrVYyVqC0fdjmUTId4KX0xnXtwG_G0bRw==
activeview
pagead2.googlesyndication.com/pcs/ Frame 2144 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4w6KsKz14oU2XRt427l9eCXnJGzT0FR09ZiJw4x_EUZkf3yXwNdg2lg5vSlaIYmWOD3fPB7jFaSu31DMjEmFFzP7gKUX-Gj134Dt2IlSuWXFdIE-xyIcXMugd7nsONnO1TpoiHggQRQ&sai=AMfl-YQLIOiRxLP67mvTBZMLRC0V6DCQFSBeBMdzJ3VAixD8AeJa61Y&sig=Cg0ArKJSzNRjHMfUgcOfEAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167150579&rpt=541&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.lndata.com/ Frame 8EC9 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:32 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 8EC9 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 8EC9 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 8EC9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
age
3
x-guploader-uploadid
ABPtcPrDD2iSacPSVcxTmewJtkgpXMhk8wXiKpHKg4AaM-MYo_ahGh5xaayPZi2EyK10Le3a0oKb4R_35ZdKWwpxYVL2Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 404E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMatHS6rbL6UqcWWn4TvkhPukFunK9Q1pULew4Fe_lMsg6Y9Nf5fnkMKO4_WBJuV5RNeyoXK1YPmpg8O2EkkE3XSMMPgqDYSGZ8TP4D9118NWSZbq_XtdZGqp0-lUEIAczXWhEYEIuQA&sai=AMfl-YRzW11ukunC-e8GlABEfyDV7wcOVl0XZKZLzwdzpkmSWhQKd5A&sig=Cg0ArKJSzJ0Ev54YzUqLEAE&id=lidar2&mcvt=1001&p=108,650,362,950&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167146818&rpt=4310&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 9E4B 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 9E4B 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
46
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
ibv8d3UNaS65z6Zv_SIl_LE6W6xXWGEvGB3Cwo4nS3mRrssC1ileLw==
ads.js
ad.holmesmind.com/adserver/ Frame 9E4B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=15&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9e435890c6955ce4ce2b94ad6b4b9e96c91016c7090b8a90025ed8577b4d9de7

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 9E4B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
57
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
px8RQbQvMCZAM1C625zZYq72cjGeuh46PEhUFU1Sjpz2qh1p5UzJfA==
publishertag.js
static.criteo.net/js/ld/ Frame 9E4B 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:32 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 9E4B 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
51
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
dsvNPEPokLUS4_bzeTqb2yCfhuUGUbHhxM4A2RBcB6CTYGyo7L0yhg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 9E4B 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
57
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
XuMEtSLdZoPREAZ76gjtE2xPwyySjpdbxAXKSq3hy8YhGr4KDuzDXQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 9E4B 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
5OOWPm5TqZ8Vrgy_xRFQPDQbtyg7WQVZUR57YkwXHfU6KTEmst4Crw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 9E4B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
8
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
CzaHGTmfMuXcAYwU7G_qGWC8lfNw3dg4tBbXio45xPGhXDj3dDFQ2A==
truncated
/ Frame CFBF 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833f6ed295b4a690594ba3261623f9443d769a84b4d0a67953451671b752b8f6

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9E4B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:32 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame 9E4B 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=18917746651
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:31 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ad2.apx.appier.net/v1/prebid/ Frame 9E4B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 9E4B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.42082725090086126
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
02f7dbd2406ccbdc89307b84e3ed6b950517b303b632ddf72479c5a09f535487

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:32 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
drawV2.js
cdn.holmesmind.com/js/ Frame 9E4B 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=15&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
44
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
JNMo78Yq-32p3mDbkQ0FteFD7zf5H5YEYrRKA8mP-uFcPkFIH5bL3g==
bid
ad2.apx.appier.net/v1/prebid/ Frame 9E4B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:32 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
pixel.gif
static.criteo.net/images/ Frame 9E4B 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:32 GMT
pixel.gif
static.criteo.net/images/ Frame 9E4B 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:32 GMT
events
bidder.criteo.com/csm/ Frame 9E4B 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
utag.js
t.ssp.hinet.net/ Frame 9E4B 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CFBF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso3vUdnamd498Sq1IoflKeKYyrBOf60CBCAEa0qqjCzcrxyf03DAX_CuJijnYahqPDN3hm1k4rDHaIG_QQw7jU1XLJ8sZ1MREQ4R00vcwpKTLImwQoAql1fG-FH5wVC0HPW4kJ7g6OvIxYHmIG11b0qMvNEco-WvaqDsbd1cURQCQZo2u5n7eZCzxNzOZEsTfpW48jg4Gp1XdczBQrHFfZ0vlxwG6H2hduqUsGPSyQdKgJABpzywXeEImrhmN9ezKeURhWLNGm1Nw43FxMNKLhNo1yt5WljZ1bWT6PU0GskrAgLJLZNiF9c8Br1dUz-9KPRKhoEBxqBWs6KnL-cAWqYRh85R9zWOA9Jehas_KzFu5B9iBKdbmLwKKNhxTIxZQAh8d0C1wclQ&sai=AMfl-YSN3L_MwfR1y_RSKaBfSqaUB4SdBHwi4FpXIyjd36PplvnHfMC4H_0p5i0zXGWcphsMGkziQzktd8KNYq2c2HaM0mmjUfO4-OP3ocf3KDF0qT1EEpSohc2-gTEfrmw2WZcL01BNbvKocg&sig=Cg0ArKJSzFCIabDbbmVKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CA7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=1171279675520556&bg=!MDOlM3zNAAY3kmNgF5I7ADQBe5WfODRUXDS7EjVcq6bRFu_SUWGiHahY-XHChU4_AJSfF_P-m6Y786B5BF82qBuIk5RQAgAAAEZSAAAAAmgBB5kDj0cuzAUJYCqwJQz9-H8MPH7-zr0szDpTgN6g_nt4jDEcDhwP9x8eand_BnnKTVbaY_n82y5j_gX9_V60_BOOIkFhPRyXBDcW8GRRUDTIIjOLVYs8TLXIX3ZuJKLbPfKDAoqftl9ciGSjUtw7SCjkabHLt2ihEWA4m_th5mbPPzQRJnUGTc0KNLRFy6BdLYfRpYabNMQlWlARD3j4PiqRQ1yT9GNHbU6ZGobJIWFMW6ikCIw5VRT2gigIDTk-YA4bniuPq0H9m-7QkvYfsR6U1QIONsd1tIRn96pswBK_Gc3oV7D5XTNk_0KaZ6bYSDP3Od3HPVDl7ERwrjV9ZrTgGSy0EDv9Ws9om7FQkSKwMBjXdd3HttzulWe6blvgi-skyA45MI3WEmeFBit1e9WtYo_NDA72Q4VRGksg-X2ie8PYd-7yzHNs8T4CsLnqy-Mwmy8CJJXiT_RUUS_Pj8AtY4iVCdQcZjev4qtuKBKYsOAa1eG6EUNySUsaE8sgoQSaf25H2rP1Hop-5-gmQ05UG0kNn_Ctur0gWgkYa2dwFcHir9PHirClBNNv9OHl2dUguEQZ1FdzeP0ZLG6IOOF2izUDj3Q676sm3qRbP_uEeyHZc492crz1L0CEDntwnzfmv0gH9Zr1j72CRWmXwQJSvxvzqlYzHChByBfIrcf8-33_oAJ4BuflGpLhETpz9ip2WLK45jBDAE15J3jx4ANE86D5Uzeh-h5_W9-QLjzDL1QtE4PRw2o7LXfsxsnHKQbvGE16DqdIsuiu94UhpGM7PiKSUfy9X8t18R6O9zRC5LS9Cv085DA432x8k0lP3s_ypMQl9d440UBK72LyQioN3gmKccRszkixVz9NS3acSa9bY_kchZbSaDrmpnhNji4xH2-aYrx2k3PAM_ZNkoVu_iKtHPSkSEHhJlZvdsPEvifpCYXiEecneOLZmhgwB4lJ_xw3oL4pkDtnB-6cJe39lGz4OZJopQK1GGwvTZ5rmZL2Pl1mY9si6SjoEfZ00DkAfoEiUt38lHE4rsVp-Bz2kjg5fCuV_gSQWQcnRyjA0PvRKJ9NlIbt10Y2mNyiLcJYIqGbHMDmwaStoaOQugadI6b18Aj1QGv6DREjrto4G9Rmupqhfc_mpReqghCjLaoG35zRuxHC-YgDdIfQvLs3Kx1n5v52UOEUFUTmOUanb7r7EpPbnJraCJQzCtXt5Lsk
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E46 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ad6f77e30bc53e36c6d88859e875cc8b8bd58b936d7216e8f5c4b10045ba780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30278
x-xss-protection
0
server
cafe
etag
48 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 3E46 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70909
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3E46 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=166745906871229&correlator=2350956119996818&eid=31077978%2C31079827%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167153076&lmt=1702167153&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=yvakj5najkws&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=12&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167153&ga_hid=1246149479&ga_fc=true&dlt=1702167152939&idt=128&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a26d80e886e7403c66d3ff48ad7f2d453a57b10b26a0105e73efcda5004f9a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12633
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E46 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13c9887c567095f9266456363255d32a711ea52b3fc8bd53eb028c29cac33ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12343
x-xss-protection
0
container.html
fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F375 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=12
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:33 GMT
expires
Mon, 09 Dec 2024 00:12:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E46 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F2E8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 668D 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3e40018432fea2586312ffbc7d9726f6367483bacc931e3c33561303a1fef47
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JkwxCd--nfbC_AoyCaogoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JkwxCd--nfbC_AoyCaogoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:33 GMT
expires
Sun, 10 Dec 2023 00:12:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F2E8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 668D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=166745906871229&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame E2C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsvpRew-Kb04QmCUTfHP4fQQNWuYuTnokpOt-gKrvR06hBUhPzOe_04xecTeMfyM2zc5H6XCGiNjQrlVO3HXophYbkPwAewWrCdZ9TzFkO4WO0IQCxZxd1o5WyXHD2SY2awRnqqvu-NtyZhkcQXmXQS5JIN4tx93KfYhWePZNtfl92b7cyk7DmECMZ5EA7ieaOcNwr-NfCa2-5smv_XfI_mH2HzP1qU8a61r5xuGBexJ0CUifELqln22pgZZv8PvIQnlBkaBWz1RRsAGi-hFKQIp8M3b57ZLs6fwSJ-TQf5kemccqwCMWp4mccKEQ07NwzsPmb83TzUh_MsJSlijvwU-_NMwEKe6HgJjjzwuNKF4kDOmKEyY_GWRZwd_i_Ba49PlRI2eE&sai=AMfl-YQT27UvFNlTw8NQJ_Kv-ry2ETHVNUI0ldXKVE4Usj6EPd5Y8aS2JJDZGwZVtpU2LREA0kRRBvsS_BrJT10Bdx-ozJ0mXGgdn-fDMd_ZvLmazbYOxY1BYzIUFORBXfMqspYQhJx_uQLBAg&sig=Cg0ArKJSzC6WnnyCJJ5VEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame E2C1 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
53
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
wwA6HUAPPoGYGWFROXLeneuwbOiWfLp_TaSFP8TEuaCGZF554247sw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E2C1 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:33 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 2E0F 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
3
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:12:30 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
E31oCGKyxM1aWIY1UeYe1IG-GxuemLfxiCvVHbCH0eZKfWSXpRWvrg==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 2ABC 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
51
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
VNGLRf3YDO5TDji3Lc99rlOGKS7Wr6YaO7KjTK4rzrxRbiJcHa8g3g==
generate_204
tpc.googlesyndication.com/ Frame F2E8 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?x4Kgng
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
cm.lndata.com/ Frame 2E0F 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:33 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 2E0F 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 2E0F 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 2E0F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
age
4
x-guploader-uploadid
ABPtcPrDD2iSacPSVcxTmewJtkgpXMhk8wXiKpHKg4AaM-MYo_ahGh5xaayPZi2EyK10Le3a0oKb4R_35ZdKWwpxYVL2Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 2ABC 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 2ABC 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
Eh2xxje5YzcdjGZmqzUI44iJ6WJCU1WG1vWG9UAT46rvLM_lQgKKMA==
activeview
pagead2.googlesyndication.com/pcs/ Frame CFBF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw6xTDJMKxzmuNZVfN31NOa3ZCI3zdz3hjZOf5pCVPywaQYaTz74Xc01jQk-_seELU-Txvr9IUWOfp3oyPlodhXlFhdf8Pj9VxxiV0ozPWaIpNVuJgWN_jsMJmVDyI5XY5XwwurX6hWA&sai=AMfl-YRDZZdglyiv_I2P4oPM-mIDEW5BUMubGuMEjTPN0EooUO-npvM&sig=Cg0ArKJSzHkjDXVSUBz1EAE&id=lidar2&mcvt=1002&p=108,650,358,950&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167152068&rpt=383&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame E2C1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
217cebddb40aaead25a94df760f10c49531ac6e90de485296ca85baf1f1eba3d

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
ads.js
ad.holmesmind.com/adserver/ Frame 2ABC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=758&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4f08ae7ae40f22884f9bd42755599bbffd2b54511c640c421f249152354bc360

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 2ABC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
58
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
_pazjpwmXj0ApErZQd4oQZBGdzVaUaYfmDSs1M9Mlk8jmmyUL978Pw==
publishertag.js
static.criteo.net/js/ld/ Frame 2ABC 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:33 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 2ABC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
52
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
9XVslRN-KCb5gZqKrGAROmDT1w_ua9jyQNdMVV7S9-ZZLkGeRArW3A==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 2ABC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
58
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
VNMWmVGiln2ICsN_ExzK3O6ZqRw10RMiFR8dx6wlaxICFAziqzuO-Q==
appierV2.js
cdn.holmesmind.com/js/ Frame 2ABC 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
1
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
C2GJD7TrF9jfRlw7Z976Oz4XNDBaDyP3STuvNvkQvSmYFeaDJ5gZAg==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 2ABC 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
9
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
I0tbC8NjHQp9ZjZlveZ3Xb0Q3rqLK48du1962zkUYqwC06p0jvPL0A==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2ABC 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:33 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 2ABC 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.88202495803411
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
c3bc38bd15ea8d86370ef9b831f2072c9ad7ce10e3ae587db5b10f39ddba2f9d

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:33 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 2ABC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:33 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 2ABC
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:33 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 2ABC 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=27398331938
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 2ABC 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:33 GMT
pixel.gif
static.criteo.net/images/ Frame 2ABC 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:33 GMT
events
bidder.criteo.com/csm/ Frame 2ABC 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:33 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
utag.js
t.ssp.hinet.net/ Frame 2ABC 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:33 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 2ABC 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=758&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
45
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
xpXy4idOFHuJPt55VT5s_8CGkzylS6p2G3O6BgNuDmTrgf8EePsAIA==
view
securepubads.g.doubleclick.net/pcs/ Frame E2C1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst54e1qyEOCNJP6aX26W747LkBEv3wh-TnxPYfQuaC6vF0Yn6PzB__Fu5iQ8dUw_LtGy3bVx3KiY9HXRr_iI_XOL60lCH5zBUAW5DmGmT5X03jAm5JZgo3GduuniZXLbbRMnwT4yhIe6y7ea5MKrh0yPTLH4skBm1ya4jqr84LSQzEbm4xo_0M3oQ7A8icmLnTEl4-fKuA8QUrE1B8gYX9slg1AlHKcsn9P7yI7uFClYNHxqCgkWNWTnOah6SLJis6hlRQX77D1_kuRqe0CI8CHowLCM7Ui7sgOgnRPs8HsY3-QQUawIkxx_L0Pjw2AmZxCtZlKc0d9q3BCMRZ6k3nE8cZHTxI_No_lO_8tvgEDPNxP8MQXyCIwYRZ7x79GVdEUKysohlW2QQ&sai=AMfl-YQm_gT-vjLzYQU0ZJqOaEAWE2bYOotFf8WcII3DrVCEpQxDzuu_YGCccOscNVyfDvX-Pf8HpXwj26PoTi_bGD4R-2ioLk_jnxbCRTN3r8oHottKKjk0bjhF6SQK19wXxar9g9E2oGRaZw&sig=Cg0ArKJSzLtXs6eOPGh_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:33 GMT
/
a2.adform.net/serving/unload/ Frame AB8F 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6761229891966673806@@69659957,4573901084804725481,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|ut8Q1dR6KL9cPlakbYq96UVIWr-97H_qfPNexv8k4aMJlW5WSO15cfL_QlhaeLlf0|||01||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=166745906871229&bg=!z8ylzIPNAAY3kmNgF5I7ADQBe5WfOAPHTOEazLmbCFZvc95YjfzauXd561ac2Hb8Om-5-cUmAU1PCphkSBaUOz0toLSmAgAAAFhSAAAABGgBB5kD0RfImqW1l3lXtqjbTtE0JClVN6XJFf_Ejt6pxK-07DENSsEZI-7Peb3Vc3f94AMxeCDtg7hIIi1kBE1vpK1BHuW1zv5rNbQpVuE5yH80ZoyEFCZ4E85oQtHq7SPqCccBQccVb6lN-0WzarinmFRaNmni2HRmmB9_xO0XNpg2BPsejnlkZ8BZmgbpWc4PfdDSm4UUKqEbz0ADJ93TCaT16GubAwCKSlxsa8qwRkgtmurku4bcOg3w62dvAhn73rqp5N09seNx6rSpIdR_VRiyCQ0Xn3aFXHcGl-KsKZVLGMlrlpdB5mfjn6jIIiwnUx6kiowpBgxRpP_vuxB0rELizEGxrpf4tGjvW5JS5fsb4EBZpHHf1vncW6NgULyKtRdBdGiqfgimGxeEFtqKnSdqRbxYZvvupDeJkLhpUTytpsV6XFIHgjMTTQdlIXKQ75qK7r3dl-gN-lj41yXdh-31Qxj-C-h0faxjVNXo4eh_7HxLmD3ZjyCKxcV0djTv8dQRpdAyp4O0K9czaXKC6C65_GdEME0xNfRlNFrAuMXJBrgqkAgdCg1A6BUjPwgs4Q0RX3sVmtG5zc_Jv5ujIXPPtq5SnE9AisFkWGlycM04Nodw4oui_zL7mQzCPN_KoVIK5B-BpEFdRPuhaHfclx6JK5HOQBJA-aqOTLiRvid-wG7WnX9iz8FWx00t6n3tC6fsw8a4MGDqXgWGWEiUArZAWkuwU53pfgPiQ7Wi0T1VHn2Kr5sppcRME9QL8rPOmh5emO4c8-usMNOOrzYXk-kl0SfHawHlGwCZCvqt-3WeUmG-lga5SF-GyxXNAiZjEGjakIS0sHIOXJHQX-i-UJcjRZ9x58NuGwzSN08paCV6gehmucIGZ0bEA-IK4GBiO1wRdJuZcWaw9nmRdUx2IXW3ZbYYwztxCnampNpfxHJQoABEayXXQiFLAI4gFxjbDDMt-gk7_hjLOV0XhbsYzXbLNgkk-KqoA6NLmph3p4_mDMLku_Ng18W3CeW7dcM5ZL1HZa5Ghqi5aKUZ4LLhte0_pQ2rBqddU3neJmuvU6-3lLD1oc41fxEsDX5XeR7eDq6ugmcb16HvBxXzkWyMCYohcQHZ_L9rZydCK7ELehRKWULmjzkPSVFxT0CTyckxcgCbkPVLo5TG533klq3Up4PAVRZiOOzMTuOOR9o7DP2mFlLEkgdSQcwFX7O8eLmfDLXz_ZbbMh9Q4p5zJCq_Dfmff-EIx9kNJ3ij17Y3H4NIHLJX-HBP350NFYHE8P5t8EMUAsGXWPfWmkxvURNJbbdFEbMd
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
/
a2.adform.net/serving/unload/ Frame E077 		35 B
625 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=4391690314195297222@@69659957,6572638473104831843,100|4782|0|0|0|0|0|0|0||187|1|||||1|0|0|ut8Q1dR6KL9cPlakbYq96V6Swga60cXWHN7dJkKd6Y2Z7zo1Ut_--fL_QlhaeLlf0|||01||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
a2.adform.net/serving/unload/ Frame E9A1 		35 B
616 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6088704989762914254@@69660013,6283020199170901263,100|4817|0|0|0|0|0|0|0||219|1|||||1|0|0|XPFg2KG_hnNcPlakbYq96bYoCNJnkzEBaiyzQh17S2EJlW5WSO15cfL_QlhaeLlf0|||01||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cm
t.ssp.hinet.net/ Frame 2ABC 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&mp=2be6e49d-7535-4447-8c43-46671724c53d
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net/ Frame 2ABC 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net/pixel?bd=2be6e49d-7535-4447-8c43-46671724c53d&t=50ef57&referrer=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C4F3 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
967a3dcbf6a1d8dca9acee5f35b87507611b31f679f29ec0abf5f558c9a09e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29444
x-xss-protection
0
server
cafe
etag
499 / 19701 / 31080021 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:34 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame C4F3 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:26:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
85576
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 00:26:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C4F3 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2440185609809313&correlator=1502639470975560&eid=31077976%2C31078987%2C31080074%2C31080076%2C31080079%2C31079233%2C31080021%2C31079576&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167154483&lmt=1702167154&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=57v6l1le36nd&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=15&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167154&ga_hid=814580635&ga_fc=true&dlt=1702167154346&idt=126&adks=3360245792&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
171e743c8c893a9731242737d2e0e5a511f643595f3c9f9bea32d7cd345508e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12626
x-xss-protection
0
google-lineitem-id
6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C4F3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d98833dc7599fa719da3f01586d884233d5a734db2c5b47dbaaf1eec63526c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12151
x-xss-protection
0
container.html
2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 96CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=15
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:34 GMT
expires
Mon, 09 Dec 2024 00:12:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C4F3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F32A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 93E4 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
483baf8e36228a56bf4e486c42c29a10a0b5f81d96a4abc7113e1a48a1e5cdd9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BXs5LEBeTHOz08_Zwb7pKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BXs5LEBeTHOz08_Zwb7pKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:34 GMT
expires
Sun, 10 Dec 2023 00:12:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F32A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E2C1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWqtJ5oOjkW7AmBmaLiN8d3KOLozKB_ozbdO6HcNQ3ThSnuCcGwlHxedg6BXvsHeUn9PjFIqLyneqCz0ILmEgeueBKCc68GLwRSQdMknSt7AS11RY4R5HFJ8-qNsI6F11FWakVGe7tuQ&sai=AMfl-YQTov30VQempVptG22oVFHOFDhpOH8ya2lBHh6VmFDpH8wSCk4&sig=Cg0ArKJSzM2Gp2Oyj2WMEAE&id=lidar2&mcvt=1019&p=108,650,358,950&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3360245792&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702167153369&rpt=393&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 93E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2440185609809313&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F32A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4GgtVg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 81BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUyAqDi39s353O3m0TvqpTTyM0PDHF99LlE3dXf3o4FEg67h7Ve5-qjC2cMIJ9OmvW1JaQVQLt56RhjJDxVmH0q3yGXM2VeCQJssQVpzUE5-9H5CLIY8EWOin7zsAo86ohnSsSjP2xXwl1HhXpzj57RxQ02heAQEamyg892b-_rNMvt_d0wbJFaMuCSODE8E5gfS0UioI_DxElBOrJfg1NXLnODkHEfwj7HHApRB9ZgZFeaoB2bmbN8fQjtLqeLq4JL8hRKjhKQ2qtT-s8jMCr60XnTEYq6SEXxmaqmpgXAolFAkUubNKwHZDVR6uLMzWrT-C8R4F0zjk9_BFOUpEhCsXuyS31Vl0TjfdUbJv4RuQx0fi3KIxz7v_tCoxVaEuQMv5RXHk&sai=AMfl-YTiiynqAuQR7tBFROyYS4RNuDgEXYMq3HqEggwSqAPY2rPJ75sLY6DP498Qvv6hN4WO0zifFKWH0GF_2RtLs8vfKH2laVGVLrZF0i-1W8f3GoXYOYjlFqmR7FYPOitjvrP1WQJCYMWVtA&sig=Cg0ArKJSzJ7Vc-3i8OZbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 81BA 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Sun, 10 Dec 2023 00:11:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
KbnQowQB_EhE2KXdUNUHQY9fZCuYMr76ZaTNofvc_2UkRTNeErQ6hA==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 81BA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080021
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:35 GMT
/
a2.adform.net/serving/unload/ Frame 186C 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a2.adform.net/serving/unload/?version=15&unload=6088704989762914254@@69659962,8141199565747992020,100|4900|0|0|0|0|0|0|0||82|1|||||1|0|0|6cTf9DcArl_xBx_RTJEBJ7YoCNJnkzEBBR7BRgjQHCqrA424mUePyfL_QlhaeLlf0|||01||0|0|
Requested by
Host: s2.adform.net
URL: https://s2.adform.net/stoat/630/s2.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com/
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
capmapping.htm
cdn.holmesmind.com/js/ Frame 8D86 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
4
content-length
9921
content-type
text/html
date
Sun, 10 Dec 2023 00:12:30 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
5bFSswuB7OF7ucxC7cIk_w-MLv4H7c_AZh45x8XneX5w6cutitYyTQ==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 7BBA 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
53
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
KgAoq0D2tSRnKiGsUMXvo9-Mc3DsD_j5mrcCE3-GxamxCvmiYWx7pA==
/
cm.lndata.com/ Frame 8D86 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Date
Sun, 10 Dec 2023 00:12:35 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame 8D86 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.207.10.196 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-207-10-196.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 8D86 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 8D86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?fp_uuid=9385-0d95cd968a838c349abf746fa78fec53
Protocol
H3
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:29 GMT
age
6
x-guploader-uploadid
ABPtcPrDD2iSacPSVcxTmewJtkgpXMhk8wXiKpHKg4AaM-MYo_ahGh5xaayPZi2EyK10Le3a0oKb4R_35ZdKWwpxYVL2Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:12:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 00:12:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH&uu_m=undefined&google_gid=CAESEJ5v9MEykd5f_bwXLPGgBGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 7BBA 		1 KB
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 7BBA 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 10 Dec 2023 00:11:54 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
49
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
_PNsTgSOUTIESAdqKpJjrN-5FoSUX_sEfmt-1khia3zdPSgd415P7Q==
ads.js
ad.holmesmind.com/adserver/ Frame 7BBA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=221&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.5.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-5-4.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a83860d69747e68c6cefaceb8195dd319dd68d223ebcf0041b994d2884f9af01

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 7BBA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
60
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
CMcAR1lVTan4FksXLiAqX8lBbK6NEQE071gBdIeUOOwuYHxmw1nPqA==
publishertag.js
static.criteo.net/js/ld/ Frame 7BBA 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-20a3d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Dec 2023 00:12:35 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 7BBA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
23Hn5C9svJJGVI988D_YtASRYSqXBlc5Ht4q4G12ah-qVT-1pKCxZA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 7BBA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
60
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
kRiRVHmCJe8GKD2ml7ye6duMyylQ28jBmqsVZ2c4uI_mn4Sfwi2czQ==
appierV2.js
cdn.holmesmind.com/js/ Frame 7BBA 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date
Sun, 10 Dec 2023 00:12:33 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:30:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
3
x-amz-server-side-encryption
AES256
etag
"a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3349
x-amz-cf-id
GGXN1eKb151M_TqgfbXGEwHZE3YSLFWx5A6D1GKnDiV66Y-UtUz8zw==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 7BBA 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date
Sun, 10 Dec 2023 00:12:27 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:15:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
11
x-amz-server-side-encryption
AES256
etag
"ec9ddd169f5fd01f28f9b31866cd4701"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5467
x-amz-cf-id
YCta8PTGZBsVTtsTwaaJKXhqVYjtH-u_lB7lL0jZMRP5yhG7xjrqsQ==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7BBA 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:35 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 7BBA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5054885785229211
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
8912151d9cd13324035989d79c1174abac59d0dd027ae8e6696de5c2148cba14

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://reurl.cc
Date
Sun, 10 Dec 2023 00:12:34 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
Transfer-Encoding
chunked
bid
ad2.apx.appier.net/v1/prebid/ Frame 7BBA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:35 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 7BBA
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
2 B
20 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 10 Dec 2023 00:12:35 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=oGtiHTI3DrKXsBCEbAJ1ZQ
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 7BBA 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA&cb=49829724663
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
truncated
/ Frame 81BA 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de073b7b0661e1d9216c83304e692ed83b30e88af5bf905146eef4ee37b8cae

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
events
bidder.criteo.com/csm/ Frame 7BBA 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Sun, 10 Dec 2023 00:12:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 7BBA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:35 GMT
pixel.gif
static.criteo.net/images/ Frame 7BBA 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 04 Dec 2024 00:12:35 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame 7BBA 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=221&o=1&fc=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&d=1&b=2&ts=1&ii=2&FPCK=9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4&fp_uuid=9385-0d95cd968a838c349abf746fa78fec53&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date
Sun, 10 Dec 2023 00:11:55 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:54:55 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
47
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
eN7pwYyLQ2gb1CQzY-iCBf54rO9e544bfe642ynqXCiFBtjLpNwxPw==
utag.js
t.ssp.hinet.net/ Frame 7BBA 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 10 Dec 2023 00:22:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 81BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOa3cb_8QbqTA76mQJZpXswcjZZoGt4BSQ1wWO6txWH8SuMGOGvWQcZh2mLNI1O4gtz8f4gq806g5jYw5eUdl721CbimAZZFvTViKg4JNxREmVDuo2SzQLRH-V2u5FLZfT8KFk7I10N5lqrLpm-_YUm2uW2hdhOB8Q7nx4WL8q__w4arx-TaELNgCCmRY-0MRZHKYkwS-tx0j6L5Z1L4chzRZHAM65AmKrRYERPphmfWED9aStDrzjhq1mk8z8g_K4YE7AGXmrNouCvAtzzs6Ib4pgV-pxum9mHzhH9FktldiT6LIV2GARfiIsTQsVn_ON6ScqvpiDFlpgcnYEMB5r5shJPPKbjtY_GATJi-awrHiadZSxsuqpZDGYM3T29iA7uiHRn40aLA&sai=AMfl-YSoY1mY8oepUaI4LZfrpaCc8h5veT4BVf5RpzgZH_82OyeeZ-oCttOYzY64H2VmCV7UWl8S78FmNoYBg-RPRIFP0kZMxb7lQbEtbDfeyLZfOaNtudXcJfMVhvg2IKUzUCqeYZfdw2eAAQ&sig=Cg0ArKJSzL9EfFnwETJQEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 00:12:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C4F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2440185609809313&bg=!jI-lj8DNAAY3kmNgF5I7ADQBe5WfOAwYvAqIz3j2ORk3qRxGqNbjF-P9Y1oASvjTA-n7APyTYgruHDpJSTBXXtK0wQxiAgAAAEZSAAAAA2gBB5kEBdQ5Wwn-R-jdG7_L4y2ZTASSQXbaP7ovLDSt1jiAYOd7kCmmSxccr16AhU6F_JP2OP7GeznU7PZnA_0OXZ9Z5uaU9SAFnCdTs0osyNIxkSBN5LousVuyWZHUODbItA6WuwzZ-j2YPdxWXhaEWUIAMk1kyCUlTh7eDF1hYfTLWR9-aCAOesBGlxoMK_9bZA9Vz7Ap1toQbLW4KlAyWpXBz58psqDQelYRjFpEKMQzHjNaSRmZRxIIDirWz0FIwwpUBLzfq4-kstio50kk2gr9ZXduRE9h2qBlS3CITavrRKDzE9JLWzlSS3jj6RqOKsspI6Uc_aKcH6ugCpIeM_tDpAB-Pi6TTXMMmKG0x6-NeiRcHlkcNaH9Ycr7d__YtVTAl0RFXxZS5E8UQgWz_u4INMHh324TV6jksBAYU5D0QQyQgjhCGhPzqiQUQwY43ABrTjq9Gf3Ipz-ikrFqCFdtkkrEbwoKpb--8aSlterJA8JxjMBs9VIv2dwsWyQ6Cl4OrVgbmtqPDr0eqCHhyE_5evYy0bTp9TA-U1yyDHs5iczqiXwQKEgoz_oSRlB4VOYbPxuJxnVfdy6T8ViSw7W5ctD7aLw3dO5gLVcy6f6FmaiTqNT2LURL4oo6ojiOJc3W10eyGlWWlVDHRPM0eUjQfkUow9T46pFcK4J38HCcdrXWYf5hh2WcktzIlUG3sZJOuYD9n7vPUPyxTFL21LlPgUnVEeIyacjCwmPbjLNC0SNo5X2bjzzZh_Ncf_ySl6pesmJ1KJyDXthaKMOnjN78g04wD1ol7ymWePT9WFhNmKo8-TiwqG6pZ5eIW3Al29iIcrL2pT9tr2pxcETPKjjTBOC7hHw6Ej0YwaOCWyCzUmRK7Dkjs-9laxEPPT3DmBSyTbTH2GPhZDbE9qBFhtIcFhJuL4oFOH3eldYqxxy9pSA0GZqU-fb2jm1_J7rVZFDt_TSAPMBpHscrGBpc67df89v4FpE9Jf1SGIiKvDVYLYwkPg66omwDmMPk1JJGBmZniH5F3MJvJ7Rd_X8DVREez88Bh68Gxa6eK8_yha7tg9rHx5a71Tm0Bntg1Lj0QCdQext95ukUOu2pIj6nzv3Ai2rVpv4Hkudu25ME4zSQBKrxRNZVvCK3Y5z3usn4VWMwkC_FUv1WN20vd0-6FOMuVXnBHGhcK-0gXckaxQm3eLbsZxTIHyGAOOkdYMRalNPbLbEV4VVkyI4dCi8ljYnE1xKr7l0eUsr87WFbYc5febu4nb6GcVnLiU7c_wHwJfjWJ7kupoz9rCImCGRhW9yo1HSt8OJlNQeIxpzIGfKPGLc4DjdZqd36_AoEY6gJ8rqEIKBneK5Zz995Zr23bI7pklRqbML9fQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AEB7 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa97f2d19fad1947fb2a3c750fc4bcb470700f51a11a38dc363bcffe2c48e1d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30282
x-xss-protection
0
server
cafe
etag
635 / 19701 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 00:12:35 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame AEB7 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:30:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
70911
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 04:30:44 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame AEB7 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame AEB7 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0435287cf9d08ec1ed3e4cc6ea1d6e9502a1bc58a09e666338e66f02016e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12186
x-xss-protection
0
container.html
ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C91A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=18
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:35 GMT
expires
Mon, 09 Dec 2024 00:12:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AEB7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 00:12:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BFE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
70907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 04:30:49 GMT
expires
Sun, 08 Dec 2024 04:30:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 20E4 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80b::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0cefa52938a034bda8415ed9194fabaa63d13a684833d3f9b0ba78e273c8d946
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kw_f9idmbfnel46xfqztMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kw_f9idmbfnel46xfqztMA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 00:12:36 GMT
expires
Sun, 10 Dec 2023 00:12:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1BFE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 23:57:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
346505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 23:57:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 20E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3841692716576706&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 1BFE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GwBC_Q
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 00:12:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58791/cms?partner_id=OneDATA
Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19701.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010322382&__s=%3A%3Akz5aiu&__hsi=7310752220583179348&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19701.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7310752220583179348&__req=4&__rev=1010322382&__s=%3A%3Akz5aiu&__sp=1&__user=0&dpr=1&jazoest=21920&lsd=qr1pZJF6d9Iu9oWQvESbZg
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3841692716576706&correlator=4038189250591449&eid=31079827%2C95320409%2C31079525%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14210%2C14210-2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3Dffdd8f41eb2ef5bd%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg&gpic=UID%3D00000ca88e85fd2f%3AT%3D1702167146%3ART%3D1702167146%3AS%3DALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ&abxe=1&dt=1702167155941&lmt=1702167155&adxs=650&adys=108&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=y8d44yyvu8k6&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=18&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=771304031.1702167146&ga_sid=1702167156&ga_hid=1457877158&ga_fc=true&dlt=1702167155803&idt=129&adks=3360245792&frm=23

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| googletag function| custom_call_MFS object| _ONEAD object| ONEAD_pubs boolean| ONEAD_lib_hasBindEventListener object| ONEAD_request_queue boolean| is_requesting_isip object| ONEAD object| ONEAD_LIB object| ONEADs object| ONEAD_incover_list object| changeADState object| ONEAD_on_get_response function| custom_call_MIR function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| _comscore object| ONEAD_CONST object| ONEAD_PIXEL_ISIP function| ONEAD_closeAd function| ONEAD_checkIsCompatible function| ONEAD_is_ios function| ONEAD_is_fb function| ONEAD_is_chrome function| ONEAD_is_ios14 function| iOSversion function| ONEAD_is_mobile function| ONEAD_checkCookie function| ONEAD_is_safari object| ONEAD_get_response function| ONEAD_etag_cscb function| ONEAD_rejoin_response_freq string| ONEAD_version boolean| ONEAD_is_window_onload object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

72 Cookies

Domain/Path Name / Value
reurl.cc/ Name: one_fp
Value: %25223593eac944e3966720703aee2f44baa2%2522
onead.onevision.com.tw/ Name: onevision_guid
Value: cc0060cb-96f0-11ee-b4f2-0242ac130002
onead.onevision.com.tw/ Name: oid
Value: cc0060be-96f0-11ee-b4f2-0242ac130002
reurl.cc/ Name: oid
Value: %257B%2522oid%2522%253A%2522cc0060cb-96f0-11ee-b4f2-0242ac130002%2522%252C%2522ts%2522%253A-62135596800%252C%2522v%2522%253A%252220201117%2522%257D
.adsrvr.org/ Name: TDID
Value: 76469100-d997-4c60-b064-00ec88c65b88
.eyeota.net/ Name: mako_uid
Value: 18c51116d33-766a0000010e42e7
.eyeota.net/ Name: SERVERID
Value: 17127~DM
.prnasia.com/ Name: __cf_bm
Value: 19eA9x4l67f5ptZ46q9SCgxhFsj__d.hhInCGufZgYY-1702167145-1-AYxqznsf53Hwssb7vw4MHbd7GesqalJQUuhIw8g4uYEFlVwAw+os8UPtElHvoavsfIwmpVzSXzm6n8THJQW/YX8=
.reurl.cc/ Name: _gid
Value: GA1.2.1255475582.1702167146
.reurl.cc/ Name: _gat
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBGkCdWUCEHDpzrCNy1FDAWW0ERoVYPoFEgEBAQFTdmV-ZWB7yyMA_eMAAA&S=AQAAArzywIoKoRKlslJpfoVCchg
.reurl.cc/ Name: _fbp
Value: fb.1.1702167146100.1417066294
.reurl.cc/ Name: _ga
Value: GA1.1.771304031.1702167146
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: ad11b532aba7a43575a1b39c51609c77
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702167146.1.0.1702167146.60.0.0
.reurl.cc/ Name: _cc_id
Value: ad11b532aba7a43575a1b39c51609c77
.reurl.cc/ Name: panoramaId_expiry
Value: 1702771946660
.reurl.cc/ Name: panoramaId
Value: 86b23a5778dede969ac7d7be3e75185ca02c091b93ee69c0098e2adac17f22dd
.reurl.cc/ Name: panoramaIdType
Value: panoDevice
.doubleclick.net/ Name: IDE
Value: AHWqTUlZyXwbeFmT7IJIYbblMeN9aKG34SfAZ9ywhnBx5USy622Pr9_zQWZQVqMAQxE
.openx.net/ Name: i
Value: d24b0a5e-4b96-4881-a14e-66f219dc9da6|1702167146
.reurl.cc/ Name: __gads
Value: ID=ffdd8f41eb2ef5bd:T=1702167146:RT=1702167146:S=ALNI_MbsHH56DA2xtvmMfFW-IFN48GKSpg
.reurl.cc/ Name: __gpi
Value: UID=00000ca88e85fd2f:T=1702167146:RT=1702167146:S=ALNI_MbL8LDrjnrgeiAc3ghO5zvN_YxYvQ
.openx.net/ Name: pd
Value: v2|1702167147|jElYiuvOhI
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.holmesmind.com/ Name: fcm
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAEYBSACKAIyCwiE17m47ce8PBAFOAE.
.reurl.cc/ Name: CFFPCKUUID
Value: 9699-G5M7raByzjgejS6o8npsbu93os0ZkopL
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 9385-jOzgYMxtJ7byMoDQ8rxSd7ZgTlPbX7W4
.reurl.cc/ Name: FPUUID
Value: 9385-0d95cd968a838c349abf746fa78fec53
.ladsp.com/ Name: cr
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyMTY3MTQ3fQ
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 96caf2e6-4587-4e4f-886b-85ab56d978ac
.openx.net/ Name: univ_id
Value: 537072971|76469100-d997-4c60-b064-00ec88c65b88|1702167147623634
.ladsp.com/ Name: smn_uid
Value: I0grmPV8YFkhLWgivEu-VxA5qZBC4b4
.ladsp.com/ Name: lum
Value: CKvpxYjFMRIFCAMQ0AU
.reurl.cc/ Name: cto_bundle
Value: jog-LF9WY3VleEJ3b0N6WkdyeEpoamp4QSUyRnZ5OHo4QlBJamlXSVZ1cSUyRjhQYWpYS0VPTEhIY0pjRVlVQXpVJTJGcjYzM0hVMFZyREdCemRsWVRDbW0zRGZVemR4WmU5JTJCN1BrU1BCNzBMN3I4SVJ3cHlSd0Vmclp1ejNyV1hHa0tqRnV6YU9uSlNqak1CNHNwb3A0M2VFb2pmdkY0dyUzRCUzRA
.lndata.com/ Name: admckid
Value: 2312100812261349185
.hinet.net/ Name: uuid
Value: 2be6e49d-7535-4447-8c43-46671724c53d
.send.microad.jp/ Name: TR
Value: 538ef476683f9c70b54aebca751f071ec79580e5c9855cb7
.casalemedia.com/ Name: CMPS
Value: 5536
.doubleclick.net/ Name: DSID
Value: NO_DATA
.holmesmind.com/ Name: Vision
Value: 20231210-23:59,20231210-11,20231210-11,20231210-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.casalemedia.com/ Name: CMID
Value: ZXUCa0xoswNKVovgNa7iHwAA
.casalemedia.com/ Name: CMPRO
Value: 5536
.holmesmind.com/ Name: P
Value: 478537-IoO4sdHvW2VTywzZfcZ5ocPm8EixybMH
.reurl.cc/ Name: __htid
Value: 2be6e49d-7535-4447-8c43-46671724c53d
.reurl.cc/ Name: _ht_em
Value: 1
.c.appier.net/ Name: _auid
Value: oGtiHTI3DrKXsBCEbAJ1ZQ
.doubleclick.net/ Name: APC
Value: AfxxVi6nRbB2FdcouMSrvF-D4BZTR0DeEfQGjT3PFXSd5LFI0yTtog
.adform.net/ Name: C
Value: 1
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: ar_debug
Value: 1
.adform.net/ Name: uid
Value: 6088704989762914254
.adform.net/ Name: TPC
Value: 1702167148646
.reurl.cc/ Name: _ht_hi
Value: 1
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?$J5e<G!@wnfH8K6pQK`!5=E<*L5?%K@^lAV^hhS?3/Zd14Y.1KDYt8h]AU#(BU1=`e%nugO%v4VB%nn`?*>7(E
.adnxs.com/ Name: uuid2
Value: 2069265458563592066
.yahoo.co.jp/ Name: XA
Value: e2438ftina0je&sd=A&t=1702167150&u=1702167150&v=1
.yahoo.co.jp/ Name: XB
Value: atgmt5hina0je&b=3&s=3o
.fout.jp/ Name: uid
Value: dqrqFGlQfUDzMrONJ8wPwiVSP7k
.blismedia.com/ Name: b
Value: 6575026E58E6A1C3B5A4C0C8BLIS
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.turn.com/ Name: uid
Value: 8884865399187163595
.reurl.cc/ Name: _ht_50ef57
Value: 1

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEGuoc7Vj_7h0sFQ2ITYpQM4&google_cver=1&google_push=AXcoOmRw-B1DwMDrI4fz2i0-vQiTEy9eHEb6oV06alHznRIbdhyIaSsx114fxA3ubr9C0m-GlJmgnvqwRIqhh0IcCXHe2UkVfuJe3rA
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEuomnLhTmjoBb84Cp9EC1c&google_cver=1&google_push=AXcoOmS98EBObXY6zq1U8dp3DzHXpGZH1LWgXpQ3WgSREVO5Mp7twkcCoeodYNlEtpodzb6Hr0KTMMrKC4K_F9gUW9EARC1k-AikNw
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a7bce39ccaeb5c90fad5b9ee3e7d6cc.safeframe.googlesyndication.com
2be6e49d-7535-4447-8c43-46671724c53d.t.ssp.hinet.net
35b6ad065642536e7db7322222958d2d.safeframe.googlesyndication.com
529b41c6559458344c55e4b3421978b1.safeframe.googlesyndication.com
75eeea946b018dc148d3216115da8263.safeframe.googlesyndication.com
794833058659e4dbef39b3426f25c906.safeframe.googlesyndication.com
8fbf8b2657dbdfffa9420deb7ba712bb.safeframe.googlesyndication.com
a2.adform.net
ad-specs.guoshipartners.com
ad.doubleclick.net
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
analytics.google.com
app.cauly.co.kr
asset.re-news.tw
b73f712257b3b5e7500afaa079b16465.safeframe.googlesyndication.com
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cksync.yahoo.co.jp
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
dsum-sec.casalemedia.com
ed5255fbd52d068f116e49139db15dd2.safeframe.googlesyndication.com
fcm.holmesmind.com
fcm2.holmesmind.com
fef78dd3a9a85c0ef88e96d69cd22408.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
onead.onevision.com.tw
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-asia.creativecdn.com
prebid.scupio.com
ps.eyeota.net
r.turn.com
reurl.cc
s-cs.send.microad.jp
s2.adform.net
scontent.fngo4-1.fna.fbcdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
sync.fout.jp
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
securepubads.g.doubleclick.net
ups.analytics.yahoo.com
www.facebook.com
103.132.192.30
103.43.89.4
104.17.238.194
104.18.36.155
104.21.96.9
107.178.241.176
116.50.36.71
124.146.153.167
13.230.11.166
13.33.174.59
133.186.161.89
142.250.196.130
142.250.199.100
142.250.199.99
142.250.207.34
142.251.42.129
142.251.42.161
142.251.42.162
142.251.42.194
142.251.42.195
142.251.42.198
142.251.8.155
143.204.126.128
151.101.129.229
157.240.31.35
172.105.220.23
172.217.175.72
172.217.175.74
172.64.152.89
175.41.55.19
18.140.225.254
18.182.162.20
18.65.185.102
182.161.74.1
182.161.74.11
182.161.74.18
183.79.250.123
185.167.164.39
192.0.77.2
192.0.78.187
192.0.78.25
202.142.229.147
202.232.238.37
202.233.84.8
203.75.214.136
210.59.219.34
216.239.34.181
216.58.220.142
23.62.20.90
2404:6800:4004:80b::2004
2404:6800:4004:821::2002
2404:6800:4004:823::2002
2404:6800:4004:826::2001
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f10f:83:face:b00c:0:25de
31.13.82.7
34.102.146.192
34.117.23.234
34.120.107.143
34.149.98.30
34.160.17.71
34.95.67.231
34.96.105.8
34.96.70.87
34.98.64.218
35.185.130.121
35.190.36.98
35.201.76.93
35.227.249.156
35.244.159.8
35.244.196.223
43.207.10.196
50.116.239.135
52.197.5.4
52.223.40.198
61.216.47.122
8.39.36.141
99.84.133.64
02f7dbd2406ccbdc89307b84e3ed6b950517b303b632ddf72479c5a09f535487
0435287cf9d08ec1ed3e4cc6ea1d6e9502a1bc58a09e666338e66f02016e4c43
06da2b189c4d33bda507de07d05d2ea2b82054f85ed8a43debab0c23dc20d492
08d4228cb1c62f985c148c85cfaa4c4dd83707191f6418f197d28504682db0dc
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cefa52938a034bda8415ed9194fabaa63d13a684833d3f9b0ba78e273c8d946
0dd3a876ba56eb140b883f94883ddfdc1afbf110defea47d146f1ae9fffef628
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
13c9887c567095f9266456363255d32a711ea52b3fc8bd53eb028c29cac33ad5
14e83a74e86094d7b485f05f6970eaa23e5ca3b056ff83c9356173a21b28b764
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
171e743c8c893a9731242737d2e0e5a511f643595f3c9f9bea32d7cd345508e0
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b5b48a8156cf1e817677b642678f7f247c4e090ccde142e47f3e7eda6fb3e76
1d98833dc7599fa719da3f01586d884233d5a734db2c5b47dbaaf1eec63526c1
1e29f7ce8e0e70b4ad3b215f504f29c98cdf21a0b27154ca252eb81fec209c86
1e98e43abfdfc8b44523a3a8577e0bf63ce9f7d9deac6ed9c91839cf739a10a4
20fdd67c4af3ad1f06567bcd3239d627e87c51fd23c0902a051fb03bb3bcdcbd
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
217cebddb40aaead25a94df760f10c49531ac6e90de485296ca85baf1f1eba3d
2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7
28720f652b129bcc3f9c4c76d63fb2d2bd64e192a5d1848cc159a56e4ce935eb
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2b6c012eddf06c503e008463d2feb30111fac9e14b2945c9713e3fdbad3e0098
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
31d1d419bbd8e12de3817cf91b6f9dfd3183339ec76a7ae7f5a1f902aefbd854
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
371efc0115ad875d3c13d4949c769a620a7e3281360130b1213394ea3a076591
3888b4963223520240041df0c8ac638085a2986e354720a9468bf2359649f6c5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a40a43d44abff3c53f07dfa6e4e39af817a0c7496c7250d66c5564af176193e
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
3ab357c44a8d62398d37cee5442e40cbb8d553836fc00a0c4799d5f8c5bf404d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f9459d8b9d545dc5b9c72ef6f486058a587af92d4e260793c48d59a75625d75
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
3ffa68ab73ec01e25606b97f545000f8e68876a783c462d640cf8336f5117316
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
44c51535809496e5139313bf5110e0aa887d0cefb6ae8f7f5dbb116b35fe85c2
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45520df7de4a64c0fe03411f3c1dc3aed115b2d583d367df5613cc7be92543a7
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
483baf8e36228a56bf4e486c42c29a10a0b5f81d96a4abc7113e1a48a1e5cdd9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f08ae7ae40f22884f9bd42755599bbffd2b54511c640c421f249152354bc360
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb2ce584152b13d1e5468ee6480541f2f3e25bb33a38cf8fe48223ab7d7d2d9
502bb8f5846dd9376fbd3a35c9af2dbadcf3cee098329feeab411a86b7ff6c2b
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5431f39064874a3ee6e34341192aee4027988937d76e95bdd5beb63304a048b1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
56ba77ebcabd13a7edea88c2130e3f72e5e900cbc61a57f8135448542858a753
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5ee269cdeb76fccb931f9d9cde9242a675c39c961f8e75620e8cb22b12b82c53
5f0bdef5915bc9f8fdd09b2bf2c7adb6b36a650367fa5c913eb23a2c4e17f16c
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cd155d19224338e652c5bd86582aee2de2da4e7702462a503d0793844a4abd
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
66b196928b82c069bf11e8ab71266f50934b7da6662116d46653aa9de123cab9
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
72dcbebdce5d432e6511b88962dfbf7ede5ebb81a29259fb628ec114f39363cc
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
77d53d6503c02cf09008aae403f6570472a1e1bc2dfe101bbfb6e4f4c3fd90db
7d07f5912517f69e46f770f35a335525093cddbdb8316514a1eb68cded5e6fb4
818415c7bf8f7af5fc8a9bf30891d7c42653c4645eb34bc5e1c925046e349bb3
81cc0ce08f7c31678936e53abe12b2a5732c6b45035ca4eb1d63b43494fb31cf
8238fe4126cf6d05a41bc79936680106d2349035815c4d62cc20dcb7521a9130
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f6ed295b4a690594ba3261623f9443d769a84b4d0a67953451671b752b8f6
85f016d0f6d2435642a6fd615187952d54ec32e130e3014a8067d512c237df68
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8912151d9cd13324035989d79c1174abac59d0dd027ae8e6696de5c2148cba14
89f5a9904743dc7c1dfd52a5aad4ca36b0617b05c882dda7a875591a3ee7744a
8ad6f77e30bc53e36c6d88859e875cc8b8bd58b936d7216e8f5c4b10045ba780
8c48fafd69a01c418c2b5b03ee09e2292736defc99693680f13e1e57e0c6918a
8de073b7b0661e1d9216c83304e692ed83b30e88af5bf905146eef4ee37b8cae
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
92e3a81ef39b493f91563bb0f7c7a2cd0b579f7742610ed2ce982c35cddbca74
93706d809ab7b9b2e5fe4934279874a3ca51236dd04fc35b91c93cb9ff302ee3
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
941ea2d8b754f43e14bba96a8f05f9b86b78c51d6cf31f44d07b85ede105af78
94b3762a765d00d73ac92206857025728f9d26fbf7fb884a9dd7d96fe91c23cf
94c9a1dd16b7c2a814fc4d39a9b7ca179dc5bc1d5468d849bc0a98d72ce5acdf
967a3dcbf6a1d8dca9acee5f35b87507611b31f679f29ec0abf5f558c9a09e21
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
984117ec1cd84b711ce5b26ea8272e6290b2e8240ea7b764bebfc2ee540632b8
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99ee0d4d74af83a73b44ef59430c369a3d05e33df7a9ae7c4cd881dbf107eae6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964
9c51db1019ef4a219ce3567a931d1f510fe2f51e2ea9495e81d39877c855bc73
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e435890c6955ce4ce2b94ad6b4b9e96c91016c7090b8a90025ed8577b4d9de7
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9eb8ce9765e993eb33634e0b8eaa3370da2a4831ecdb1fb1939678004ada9d00
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0a41b2e8440fe710ba781b20fcd9adc8887c6be824ee2ed152d5e1a7a4caf8a
a26d80e886e7403c66d3ff48ad7f2d453a57b10b26a0105e73efcda5004f9a47
a3d330dfdf5b301b089077172aba206dc3ef1f146ee7d5f90c8fce3a9d2b4600
a83860d69747e68c6cefaceb8195dd319dd68d223ebcf0041b994d2884f9af01
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa1cc068a8abd222279eea8f314ec0d11dd140e9db17702031f88a15d623fb23
aa97f2d19fad1947fb2a3c750fc4bcb470700f51a11a38dc363bcffe2c48e1d8
ad35c72a03aefaf8c60ec596d320d7a84e93c0d593ed691e6c3d2b22fafc26b3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af17f828b80d195df5f2910fe4fb119c4778c7493a24a52acd4ac968423520a1
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0af161c403d0e5eeedf30f3b8a1ccdc5f1cba57035214c8103acfebd683d847
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e40018432fea2586312ffbc7d9726f6367483bacc931e3c33561303a1fef47
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7d9591a73e20b7641f531d49afef1ae018406f636e7fc8ed5c5898790e3ffcd
b82ac9bc0ba6e9ef4af90bf5684e1c581bbc9baf9431b9db304c205cba944ce8
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bad327e19e7b6325f81335709843699466f64b01d9a9f60316fa077bf56284a0
bb47535e41c5faa4abef360fa92809698a2939cc27e584c90bd61d51203c8a85
bb527815376a198a16cbbaab6649b2f63777637bfd5c38bbadc7ab43d2b88c11
bc15adb54ceec979b3d87cffac956115a68a75e9ab99d48587842bf97a63424e
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c2c68ba8441904ceaae9251f716744bd2517511fe0dddbc0f88117cfbd95841a
c3bc38bd15ea8d86370ef9b831f2072c9ad7ce10e3ae587db5b10f39ddba2f9d
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
cbe7865410512e11935fb2051abdfc3f1d10dc8936066df03ab42829b1d5f6b3
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cf5338de1fb63046ab4e67bfd3cc7c07c56a0b31763cac892db1566e75237d4f
d286648abaafb90b1087a66d0db3262b2557e33d203f0b11a5b6066091ab98e7
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d47b85bbda5c8e33f1eef41b7ce74c2f86c9bcbec3d8cb03e62f37ebb92c4618
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d9ef701c575eed6b2882caea43d4efcb1ffd001b4bdd60cedca5d54c6da33564
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
dd2bc5fd7e0060c445c944aef606adf497674afad62d1946816e062ae166a5f4
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
ddfe7905bb4acd782a1630ce8a0ab4d32caf3e9e734111a922098a6ff3467799
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e29082bfee4c8dc7020b57da2f76a39e544bda81c26b926c6a4266d2e20d0a17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8813d8c686bfec8ca1dc83832781081a9e147de25415ace09ed6a59bbe697
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
e663c6c342e25090f5eba8f10e53f4de62d6ad41fd312c7764225ddca8893614
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eeb33bd077f80743053f2292464f2959346ae1b0b5e7f605a2619e798e7d84d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbaf75d2d81dd4f3d4de05508c32b31cd2d5108e44e602f564b0ed3b6849f79
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f4ba854924af87424449169f37d7b1b84ec4f3eca6d9325b71e710efaf2d6ee9
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8f18348868cc274bb3b8eb6d48a03024fa6d9578f96fffb03df39e52c7e1515
fa26d77e751d3e1f298788408357715f10a7f32a117209dc4735c278d6bcd1a2
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb