i3fresh.tw Open in urlscan Pro
2606:4700:10::6814:24e4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://i3b.tw/qq6qwGB
Effective URL:
https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Submission: On February 14 via manual (February 14th 2020, 4:00:17 am UTC) from TW

Summary HTTP 142 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 57 IPs in 13 countries across 45 domains to perform 142 HTTP transactions. The main IP is 2606:4700:10::6814:24e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is i3fresh.tw.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on November 12th 2019. Valid for: 6 months.

This is the only time i3fresh.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.68.64.82 52.68.64.82	16509 (AMAZON-02) (AMAZON-02)
12 58	2606:4700:10:... 2606:4700:10::6814:24e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ec3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	172.104.37.28 172.104.37.28	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 4	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	182.161.73.211 182.161.73.211	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	23.201.182.46 23.201.182.46	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.43.25.4 52.43.25.4	16509 (AMAZON-02) (AMAZON-02)
2	34.96.95.4 34.96.95.4	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:320f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.46.27 35.190.46.27	15169 (GOOGLE) (GOOGLE)
1	35.227.232.198 35.227.232.198	15169 (GOOGLE) (GOOGLE)
1	15.164.78.148 15.164.78.148	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.194.183.217 35.194.183.217	15169 (GOOGLE) (GOOGLE)
3 3	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
5	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.78.94.121 52.78.94.121	16509 (AMAZON-02) (AMAZON-02)
1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC-01)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.28.145.127 52.28.145.127	16509 (AMAZON-02) (AMAZON-02)
1 2	52.29.177.239 52.29.177.239	16509 (AMAZON-02) (AMAZON-02)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1 2	52.59.82.224 52.59.82.224	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	52.59.13.16 52.59.13.16	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.114 185.86.138.114	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	210.160.193.168 210.160.193.168	4713 (OCN NTT C...) (OCN NTT Communications Corporation)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	5.178.65.249 5.178.65.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	202.241.208.100 202.241.208.100	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	54.65.183.137 54.65.183.137	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.196.23.153 52.196.23.153	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	143.204.94.110 143.204.94.110	16509 (AMAZON-02) (AMAZON-02)
1	13.114.168.72 13.114.168.72	16509 (AMAZON-02) (AMAZON-02)
1	52.192.208.142 52.192.208.142	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
5	13.225.78.21 13.225.78.21	16509 (AMAZON-02) (AMAZON-02)
1	13.125.193.18 13.125.193.18	16509 (AMAZON-02) (AMAZON-02)
1	3.219.82.28 3.219.82.28	14618 (AMAZON-AES) (AMAZON-AES)
1	210.59.219.31 210.59.219.31	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	52.218.221.1 52.218.221.1	16509 (AMAZON-02) (AMAZON-02)
10 10	210.71.253.52 210.71.253.52	3462 (HINET Dat...) (HINET Data Communication Business Group)
142	57

1 52.68.64.82 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-64-82.ap-northeast-1.compute.amazonaws.com

i3b.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2606:4700:10::6814:24e4 (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

i3fresh.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pic.i3fresh.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ec3 (United States)

ASN13335 (CLOUDFLARENET, US)

sun.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.37.28 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: nb-172-104-37-28.singapore.nodebalancer.linode.com

api.ematicsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:f03d:1fa::4000 (United Kingdom) 1 redirects

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.211 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.182.46 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-182-46.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.43.25.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-25-4.us-west-2.compute.amazonaws.com

whoscome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.95.4 (United States)

ASN15169 (GOOGLE, US)
PTR: 4.95.96.34.bc.googleusercontent.com

auto-load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:320f (United States)

ASN13335 (CLOUDFLARENET, US)

avivid.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.46.27 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 27.46.190.35.bc.googleusercontent.com

load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.232.198 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 198.232.227.35.bc.googleusercontent.com

auto-satellite.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.164.78.148 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-164-78-148.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.194.183.217 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 217.183.194.35.bc.googleusercontent.com

elephant.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.205.226 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.78.94.121 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-94-121.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC-01, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.145.127 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-145-127.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.177.239 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-177-239.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.82.224 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-82-224.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.13.16 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-13-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.160.193.168 (Japan) 1 redirects

ASN4713 (OCN NTT Communications Corporation, JP)
PTR: node-210-160-193-168.send.microad.jp

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.178.65.249 (Renswoude, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

sync.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.183.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-183-137.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.196.23.153 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-23-153.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-110.fra50.r.cloudfront.net

ad.as.amanad.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.168.72 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-168-72.ap-northeast-1.compute.amazonaws.com

ad.caprofitx.adtdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.208.142 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-208-142.ap-northeast-1.compute.amazonaws.com

ssp-sync.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-21.fra2.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.125.193.18 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-125-193-18.ap-northeast-2.compute.amazonaws.com

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.82.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-82-28.compute-1.amazonaws.com

sg3-api.ematicsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.31 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

pixel-api.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.221.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

whoscome-s3.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 210.71.253.52 (Taiwan) 10 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-71-253-52.HINET-IP.hinet.net

webedit.i3fresh.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	i3fresh.tw 22 redirects i3fresh.tw pic.i3fresh.tw webedit.i3fresh.tw	5 MB
9	doubleclick.net 5 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	6 KB
8	scupio.com rec.scupio.com img.scupio.com pixel-api.scupio.com	56 KB
7	criteo.com 1 redirects sslwidget.criteo.com widget.as.criteo.com dis.criteo.com	5 KB
6	whoscome.com whoscome.com	31 KB
6	googletagmanager.com www.googletagmanager.com	170 KB
5	yahoo.com 2 redirects ups.analytics.yahoo.com sp.analytics.yahoo.com ads.yahoo.com	3 KB
5	likr.com.tw auto-load-balancer.likr.com.tw load-balancer.likr.com.tw elephant.likr.com.tw	536 B
5	google.de www.google.de	548 B
5	google.com 2 redirects www.google.com	708 B
4	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	4 KB
4	dable.io static.dable.io api.dable.io adx.dable.io sp-api.dable.io	8 KB
4	google-analytics.com 3 redirects www.google-analytics.com	18 KB
3	facebook.com www.facebook.com	677 B
3	yimg.com s.yimg.com	5 KB
3	googleadservices.com www.googleadservices.com	30 KB
3	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	13 KB
2	jquery.com code.jquery.com	100 KB
2	adtdp.com ad.as.amanad.adtdp.com ad.caprofitx.adtdp.com	1 KB
2	tapad.com 1 redirects pixel.tapad.com	957 B
2	outbrain.com 1 redirects sync.outbrain.com	795 B
2	bidswitch.net 1 redirects x.bidswitch.net	909 B
2	pubmatic.com simage2.pubmatic.com	1 KB
2	3lift.com 1 redirects eb2.3lift.com	727 B
2	openx.net 1 redirects us-u.openx.net	507 B
2	advertising.com 2 redirects pixel.advertising.com	703 B
2	facebook.net connect.facebook.net	143 KB
2	ematicsolutions.com api.ematicsolutions.com sg3-api.ematicsolutions.com	46 KB
2	advividnetwork.com sun.advividnetwork.com auto-satellite.advividnetwork.com	977 B
1	amazonaws.com whoscome-s3.s3.us-west-2.amazonaws.com	1 MB
1	i-mobile.co.jp ssp-sync.i-mobile.co.jp	544 B
1	ad-stir.com sync.ad-stir.com	160 B
1	adingo.jp cs.adingo.jp	406 B
1	socdm.com tg.socdm.com	724 B
1	addthis.com cw.addthis.com	426 B
1	e-planning.net sync.e-planning.net	104 B
1	media.net contextual.media.net	49 B
1	teads.tv criteo-sync.teads.tv	287 B
1	microad.jp 1 redirects s-cs.send.microad.jp	690 B
1	smartadserver.com rtb-csync.smartadserver.com	679 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	aralego.com sync.aralego.com	509 B
1	likr.tw avivid.likr.tw	735 B
1	criteo.net static.criteo.net	10 KB
1	i3b.tw i3b.tw	317 B
142	45

	Domain	Requested by
39	pic.i3fresh.tw	i3fresh.tw
19	i3fresh.tw	12 redirects i3fresh.tw ajax.cloudflare.com
10	webedit.i3fresh.tw	10 redirects
6	whoscome.com	i3b.tw i3fresh.tw
6	www.googletagmanager.com	ajax.cloudflare.com i3b.tw sun.advividnetwork.com
5	img.scupio.com	rec.scupio.com i3b.tw img.scupio.com
5	dis.criteo.com
5	www.google.de
5	www.google.com	2 redirects
4	www.google-analytics.com	3 redirects i3b.tw
3	secure.adnxs.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	www.facebook.com	connect.facebook.net
3	googleads.g.doubleclick.net	www.googleadservices.com
3	stats.g.doubleclick.net	2 redirects
3	s.yimg.com	i3b.tw s.yimg.com
3	www.googleadservices.com	ajax.cloudflare.com www.googletagmanager.com
2	cdnjs.cloudflare.com	i3fresh.tw
2	code.jquery.com	rec.scupio.com i3fresh.tw
2	pixel.tapad.com	1 redirects
2	sync.outbrain.com	1 redirects
2	sp.analytics.yahoo.com
2	x.bidswitch.net	1 redirects
2	simage2.pubmatic.com
2	eb2.3lift.com	1 redirects
2	us-u.openx.net	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	elephant.likr.com.tw	i3fresh.tw
2	auto-load-balancer.likr.com.tw	i3b.tw
2	rec.scupio.com	i3b.tw code.jquery.com
2	connect.facebook.net	i3b.tw connect.facebook.net
1	whoscome-s3.s3.us-west-2.amazonaws.com
1	pixel-api.scupio.com	img.scupio.com
1	sg3-api.ematicsolutions.com	api.ematicsolutions.com
1	sp-api.dable.io	static.dable.io
1	ssp-sync.i-mobile.co.jp
1	ad.caprofitx.adtdp.com
1	ad.as.amanad.adtdp.com
1	sync.ad-stir.com
1	ib.adnxs.com	1 redirects
1	cs.adingo.jp
1	tg.socdm.com
1	cw.addthis.com
1	ads.yahoo.com	1 redirects
1	sync.e-planning.net
1	contextual.media.net
1	criteo-sync.teads.tv
1	s-cs.send.microad.jp	1 redirects
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	sync.aralego.com
1	adx.dable.io
1	api.dable.io	static.dable.io
1	auto-satellite.advividnetwork.com	i3fresh.tw
1	load-balancer.likr.com.tw	www.googletagmanager.com
1	avivid.likr.tw	i3b.tw
1	static.dable.io	i3b.tw
1	widget.as.criteo.com
1	sslwidget.criteo.com	1 redirects
1	api.ematicsolutions.com	i3b.tw
1	static.criteo.net	ajax.cloudflare.com
1	sun.advividnetwork.com	ajax.cloudflare.com
1	ajax.cloudflare.com	i3fresh.tw
1	i3b.tw
142	65

This site contains links to these domains. Also see Links.

Domain
whoscome.com
www.facebook.com

Subject Issuer	Validity	Valid
ssl440016.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-12` - `2020-05-20`	6 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-17` - `2020-10-09`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.ematicsolutions.com RapidSSL RSA CA 2018	`2018-08-21` - `2020-05-03`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-01-21` - `2020-03-06`	a month	crt.sh
*.as.criteo.com DigiCert ECC Secure Server CA	`2019-06-12` - `2020-06-16`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
static.dable.io Let's Encrypt Authority X3	`2020-01-28` - `2020-04-27`	3 months	crt.sh
whoscome.com Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.likr.com.tw TWCA Secure SSL Certification Authority	`2019-03-29` - `2021-04-23`	2 years	crt.sh
ssl441159.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-20` - `2020-05-28`	6 months	crt.sh
*.advividnetwork.com TWCA Secure SSL Certification Authority	`2019-09-26` - `2021-09-26`	2 years	crt.sh
*.dable.io Amazon	`2019-08-07` - `2020-09-07`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-30` - `2020-04-27`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.smartadserver.com Thawte TLS RSA CA G1	`2018-03-13` - `2020-02-17`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-01-08` - `2020-04-07`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2018-12-30` - `2020-03-30`	a year	crt.sh
*.e-planning.net COMODO RSA Domain Validation Secure Server CA	`2018-02-16` - `2021-02-15`	3 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-10-06` - `2020-04-03`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.socdm.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-02-06` - `2020-05-02`	2 years	crt.sh
*.adingo.jp DigiCert SHA2 Secure Server CA	`2019-03-14` - `2020-04-15`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.ad-stir.com Amazon	`2019-06-06` - `2020-07-06`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2019-11-02` - `2020-11-06`	a year	crt.sh
*.as.amanad.adtdp.com Cybertrust Japan Public CA G3	`2019-02-21` - `2020-04-30`	a year	crt.sh
*.caprofitx.adtdp.com Amazon	`2020-01-08` - `2021-02-08`	a year	crt.sh
*.i-mobile.co.jp RapidSSL RSA CA 2018	`2018-02-19` - `2020-03-23`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.s3-us-west-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Frame ID: 1081A6942DA151DDE629A769FECFF6D4
Requests: 107 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: 02FC2473AAC690F21FA724C1E0C572D0
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: CEB717F2F2BFF1E707EAC347D7B3C306
Requests: 1 HTTP requests in this frame

Frame: https://load-balancer.likr.com.tw/api/uuid_iframe.php
Frame ID: 683D0548DFAA00A376405AB4C73D610B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_gid=CAESEGc60ZSr0gxjuOY1MAtPbak&google_cver=1&google_ula=913071,0
Frame ID: C81FA56BB06D42A094464A5B240CB763
Requests: 30 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=119
Frame ID: 73C82E5850A78B22826EF5238921BBAE
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/em.html
Frame ID: EC04A1F4087DC5EA4B6361DCDA139E04
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=0
Frame ID: E7ADE34FB73E6D921633939DC7B48601
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

142
Requests

99 %
HTTPS

24 %
IPv6

45
Domains

65
Subdomains

57
IPs

13
Countries

7661 kB
Transfer

9505 kB
Size

2
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fbulletin_206.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fgetbonus_FE20200201.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk
Title: 領取折價券

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=427&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_427.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=152&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_152.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=1017&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_1017.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=666&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_666.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=554&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_554.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=1069&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_1069.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=1025&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_1025.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=8&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_8.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=7&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_7.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://whoscome.com//sohoauto/out/countlink?user=&template_id=1723&trigger_id=720&trigger_type=2&ga_client_id=1573060707.1581652798&product_list=427%2C152%2C1017%2C666%2C554%2C1069%2C1025%2C8%2C7%2C87&product_id=87&product_type=auto&rel=https%3A%2F%2Fi3fresh.tw%2Fcheap_87.html%3Futm_source%3DFE-Evonne%26utm_medium%3Dcoupon-all-0201%26utm_campaign%3Dleave_popupad_desk

Search URL Search Domain Scan URL

URL: https://www.facebook.com/i3Fresh
Title: 粉絲團

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://i3fresh.tw/images/new/PIC-10.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-10.png

Request Chain 8

https://i3fresh.tw/images/NEW-3.gif HTTP 301
https://pic.i3fresh.tw/pc/images/NEW-3.gif

Request Chain 13

https://i3fresh.tw/images/backTopOff.png HTTP 301
https://pic.i3fresh.tw/pc/images/backTopOff.png

Request Chain 15

https://i3fresh.tw/images/20140408/pic-06.png HTTP 301
https://pic.i3fresh.tw/pc/images/20140408/pic-06.png

Request Chain 16

https://i3fresh.tw/images/new/PIC-09.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-09.png

Request Chain 17

https://i3fresh.tw/images/new/PIC-11.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-11.png

Request Chain 18

https://i3fresh.tw/images/bg-form-field.gif HTTP 301
https://pic.i3fresh.tw/pc/images/bg-form-field.gif

Request Chain 19

https://i3fresh.tw/images/new/PIC-12.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-12.png

Request Chain 20

https://i3fresh.tw/images/new/PIC-14.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-14.png

Request Chain 21

https://i3fresh.tw/images/new/PIC-02.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/PIC-02.png

Request Chain 22

https://i3fresh.tw/images/new/shoppingcart.png HTTP 301
https://pic.i3fresh.tw/pc/images/new/shoppingcart.png

Request Chain 25

https://i3fresh.tw/images/link_bar.gif HTTP 301
https://pic.i3fresh.tw/pc/images/link_bar.gif

Request Chain 41

https://sslwidget.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085 HTTP 302
https://widget.as.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085

Request Chain 46

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=pageview&_s=1&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&ul=en-us&de=UTF-8&dt=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAEAB~&jid=1025231592&gjid=1124009103&cid=1573060707.1581652798&tid=UA-37210982-1&_gid=2097948779.1581652798&_r=1&z=1455380812 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_gid=2097948779.1581652798&gjid=1124009103&_v=j81&z=1455380812 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812&slf_rd=1&random=1488871131

Request Chain 47

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=pageview&_s=1&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&ul=en-us&de=UTF-8&dt=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEDAAEAB~&jid=809773471&gjid=251393784&cid=1573060707.1581652798&tid=UA-62398956-1&_gid=2097948779.1581652798&_r=1&z=936037039 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62398956-1&cid=1573060707.1581652798&jid=809773471&_gid=2097948779.1581652798&gjid=251393784&_v=j81&z=936037039

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_cm&google_hm=OVb2TAv0OEiusxlfuGVWOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_cm=&google_hm=OVb2TAv0OEiusxlfuGVWOA&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_gid=CAESEGc60ZSr0gxjuOY1MAtPbak&google_cver=1&google_ula=913071,0

Request Chain 83

https://pixel.advertising.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46 HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46&verify=true

Request Chain 84

https://us-u.openx.net/w/1.0/sd?id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us

Request Chain 85

https://eb2.3lift.com/xuid?mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 87

https://x.bidswitch.net/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30

Request Chain 89

https://s-cs.send.microad.jp/cs?key=criteo_1 HTTP 302
https://dis.criteo.com/dis/rtb/microad/cookiematch.aspx?maid=&cmps_error=3

Request Chain 94

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1 HTTP 302
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

Request Chain 98

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6419119492301125227

Request Chain 99

https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638 HTTP 302
https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638&rdrctExp=true

Request Chain 101

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=OVb2TAv0OEiusxlfuGVWOA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 129

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=event&_s=2&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&ul=en-us&de=UTF-8&dt=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=loading%3A%3Ai3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&ea=page&el=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&_u=aGDAAEAB~&jid=1150052497&gjid=421210655&cid=1573060707.1581652798&tid=UA-37210982-1&_gid=2097948779.1581652798&_r=1&cd1=1573060707.1581652798&cd2=0&z=2111597826 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_gid=2097948779.1581652798&gjid=421210655&_v=j81&z=2111597826 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826&slf_rd=1&random=3455323934

Request Chain 132

https://webedit.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg

Request Chain 133

https://webedit.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg

Request Chain 134

https://webedit.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg

Request Chain 135

https://webedit.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg

Request Chain 136

https://webedit.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg

Request Chain 137

https://webedit.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg

Request Chain 138

https://webedit.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg

Request Chain 139

https://webedit.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg

Request Chain 140

https://webedit.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg

Request Chain 141

https://webedit.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg HTTP 302
https://pic.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg

142 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 307
Temporary Redirect qq6qwGB
i3b.tw/ 0
317 B 571ms
534ms Document
text/html 52.68.64.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://i3b.tw/qq6qwGB
Protocol: HTTP/1.1
Server: 52.68.64.82 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-64-82.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Host: i3b.tw
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 14 Feb 2020 03:59:56 GMT
Server: Apache/2.4.18 (Ubuntu)
Refresh: 0;url=https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 Primary Request index.html Show response
i3fresh.tw/ 198 KB
28 KB 380ms
330ms Document
text/html 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.7-1+ubuntu16.04.1+deb.sury.org+1

Resource Hash

57d8711c089ef3c426cc0995938edd3b28b70b403892530cfc85d59a7a3dbc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: i3fresh.tw
:scheme: https
:path: /index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://i3b.tw/qq6qwGB
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: http://i3b.tw/qq6qwGB

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:57 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d6db89a2f3dee83f486569df4c1de16571581652797; expires=Sun, 15-Mar-20 03:59:57 GMT; path=/; domain=.i3fresh.tw; HttpOnly; SameSite=Lax; Secure PHPSESSID=domecfiali01obtn4pu7mku90j; path=/ ichannels=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 ve-evonne=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
x-powered-by: PHP/7.2.7-1+ubuntu16.04.1+deb.sury.org+1
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 564c21de68091756-FRA
content-encoding: gzip

GET
H2 200 style.css
i3fresh.tw/css/ 6 KB
2 KB 15ms
15ms Stylesheet
text/css 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/css/style.css?i=6

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8866237f603fc9fe1e1d8503a4113e5b02b92d7c3f1a2dd74d2948a1fa65459

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2570329
status: 200
vary: Accept-Encoding
content-length: 1968
last-modified: Wed, 15 Jan 2020 09:49:50 GMT
server: cloudflare
etag: "183f-59c2aa12dd4bb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: text/css
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e0baec1756-FRA

GET
H2 200 pic-title.png
pic.i3fresh.tw/pc/images/20140408/ 50 KB
50 KB 38ms
17ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/20140408/pic-title.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c7667c1d564f90691f146f3751e89233e516895beecc70d9ed50a881810e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:45 GMT
server: cloudflare
age: 584726
etag: W/"c8b8-59aa647e9c5fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db171756-FRA

GET
H2 200 pic-41.png
pic.i3fresh.tw/pc/images/20140408/ 50 KB
35 KB 36ms
15ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/20140408/pic-41.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e6829c2134c231008107e3aa6cb7573adda8b49471a7af1926bc7b9398558c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:45 GMT
server: cloudflare
age: 372795
etag: W/"c6c3-59aa647ee59e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db0f1756-FRA

GET
H2

200

PIC-10.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-10.png
https://pic.i3fresh.tw/pc/images/new/PIC-10.png

577 B
686 B

17ms
16ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-10.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3db55dc436d57cf1ac283b54814c45422c1af778034f60f30adbed829559d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359474
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 577
last-modified: Fri, 27 Dec 2019 02:30:50 GMT
server: cloudflare
etag: "241-59aa6483fc5ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e0db141756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401363
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-10.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0baf11756-FRA

GET
H2 200 pic-04.png
pic.i3fresh.tw/pc/images/20140317/ 2 KB
2 KB 36ms
17ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/20140317/pic-04.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e07ee7d070560966c3f1486e0a15094e7f6b1e5d5e0e2c83bfe78fb168c95a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:28:30 GMT
server: cloudflare
age: 585980
etag: W/"6e8-59aa63fe6d570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db111756-FRA

GET
H2 200 tel.png
pic.i3fresh.tw/pc/images/header/ 2 KB
2 KB 42ms
22ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/header/tel.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f30de9906c3e5a4b91909b8196c58f099f9d7f39b33105a31cc6d7face3530

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:31:11 GMT
server: cloudflare
age: 584726
etag: W/"8a8-59aa649809473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db191756-FRA

GET
H2 200 FB.jpg
pic.i3fresh.tw/pc/images/ 10 KB
10 KB 35ms
16ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/FB.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900a2dae12bb9baf4fb4ca59d08f2e74cb192afbbc70aa33298da99cccceeef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 364277
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 10185
last-modified: Fri, 27 Dec 2019 02:28:18 GMT
server: cloudflare
etag: "27c9-59aa63f24112d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e0db151756-FRA

GET
H2

200

NEW-3.gif
pic.i3fresh.tw/pc/images/
Redirect Chain

https://i3fresh.tw/images/NEW-3.gif
https://pic.i3fresh.tw/pc/images/NEW-3.gif

201 B
316 B

18ms
17ms

Image
image/gif

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/NEW-3.gif

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdda2a0198e2e71fdd810e88269ba5c015c3370278f76d74e4821de8a4cc3014

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 363071
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 201
last-modified: Fri, 27 Dec 2019 02:28:19 GMT
server: cloudflare
etag: "c9-59aa63f3e500c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e0db121756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 402471
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/NEW-3.gif
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0baf21756-FRA

GET
H2 200 7911c4fc1df597b26d1f9bcc72811979.jpg
pic.i3fresh.tw/upload/index_banner/ 177 KB
167 KB 37ms
18ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/index_banner/7911c4fc1df597b26d1f9bcc72811979.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e3e2d8459c88affcf507e8aea1f5c73f563210af6639f6752517acce9c8fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 15 Jan 2020 09:10:51 GMT
server: cloudflare
age: 586558
etag: W/"2c32d-59c2a15c6a5e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db131756-FRA

GET
H2 200 btn-new-middle.jpg
pic.i3fresh.tw/pc/images/btn-new-201608/ 21 KB
12 KB 15ms
14ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/btn-new-201608/btn-new-middle.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

747ddaa3f6565cc384fb1c64abed9df7dbf2e37be783fac8d8794f21d2bf9b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:28:30 GMT
server: cloudflare
age: 1308318
etag: W/"546e-59aa63fdf9208"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0fb501756-FRA

GET
H2 200 pic-07.png
pic.i3fresh.tw/pc/images/20140408/ 3 KB
3 KB 18ms
17ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/20140408/pic-07.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

840fd69493a64ca58a24b0c4b0dce6fed890e915a6f5aa1fcc0f8f2061d69c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:44 GMT
server: cloudflare
age: 1442627
etag: W/"b64-59aa647de9a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0fb521756-FRA

GET
H2 200 PIC-06.png
pic.i3fresh.tw/pc/images/new/ 2 KB
2 KB 17ms
17ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-06.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2aaeafddaf3ebacb3586debc561064a9375ff70acca810c540f896ee3394202

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
age: 1442627
etag: W/"92c-59aa64842c3a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0fb531756-FRA

GET
H2

200

backTopOff.png
pic.i3fresh.tw/pc/images/
Redirect Chain

https://i3fresh.tw/images/backTopOff.png
https://pic.i3fresh.tw/pc/images/backTopOff.png

10 KB
10 KB

18ms
18ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/backTopOff.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f734890b28c6caf8d5d3cfdce7f418e75ca2cb762eb8763a0078a5515c39fad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:28:17 GMT
server: cloudflare
age: 586579
etag: W/"26dc-59aa63f180aff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb361756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401361
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/backTopOff.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0db081756-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 25ms
7ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 15:56:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5e417d3b-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 564c21e0eda6d705-FRA
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sun, 16 Feb 2020 03:59:57 GMT

GET
H2

200

pic-06.png
pic.i3fresh.tw/pc/images/20140408/
Redirect Chain

https://i3fresh.tw/images/20140408/pic-06.png
https://pic.i3fresh.tw/pc/images/20140408/pic-06.png

19 KB
5 KB

18ms
18ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/20140408/pic-06.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c44a3ebcddf2d25f71aca3d5f1e643e496a6d38367802385471c2610d06b2539

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:44 GMT
server: cloudflare
age: 586578
etag: W/"4aa0-59aa647da06aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e1ac251756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 586578
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/20140408/pic-06.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb381756-FRA

GET
H2

200

PIC-09.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-09.png
https://pic.i3fresh.tw/pc/images/new/PIC-09.png

578 B
663 B

33ms
33ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-09.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040ff3d984b7ea23b7290c66bb3e21cb1a796d83dc5162b53d155fa41d004fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 363067
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 578
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
etag: "242-59aa6484d04af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1ac2c1756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401359
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-09.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb3b1756-FRA

GET
H2

200

PIC-11.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-11.png
https://pic.i3fresh.tw/pc/images/new/PIC-11.png

886 B
1010 B

13ms
13ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-11.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4654523a194a4b691d9ca4ca13723fd40fa564abb86a80f3a7ff40b63e40b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 356338
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 886
last-modified: Fri, 27 Dec 2019 02:30:50 GMT
server: cloudflare
etag: "376-59aa6483b12da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1bc3a1756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401362
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-11.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb3c1756-FRA

GET
H2

200

bg-form-field.gif
pic.i3fresh.tw/pc/images/
Redirect Chain

https://i3fresh.tw/images/bg-form-field.gif
https://pic.i3fresh.tw/pc/images/bg-form-field.gif

97 B
205 B

25ms
25ms

Image
image/gif

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/bg-form-field.gif

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d345db5a8699fbb130393de64afc321f7f5793b8e4b9d7b3dc718604cac85b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 364274
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 97
last-modified: Fri, 27 Dec 2019 02:28:20 GMT
server: cloudflare
etag: "61-59aa63f4777d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1ac2b1756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401358
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/bg-form-field.gif
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb3d1756-FRA

GET
H2

200

PIC-12.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-12.png
https://pic.i3fresh.tw/pc/images/new/PIC-12.png

1 KB
1 KB

19ms
18ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-12.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8210c37e62949d2179c0cbef06e734c8aeccd4ec52fa8c9b4dfcac0fdcbd094

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
age: 586577
etag: W/"49b-59aa648416be1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e1ac261756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401279
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-12.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb3f1756-FRA

GET
H2

200

PIC-14.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-14.png
https://pic.i3fresh.tw/pc/images/new/PIC-14.png

940 B
1 KB

14ms
13ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-14.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4436001c67e288f0ea01b8988af2bc023e3f2dff60e201070835f224e18f5c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 324024
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 940
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
etag: "3ac-59aa6484d04af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1ac2d1756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 392371
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-14.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb401756-FRA

GET
H2

200

PIC-02.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/PIC-02.png
https://pic.i3fresh.tw/pc/images/new/PIC-02.png

974 B
1 KB

16ms
16ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-02.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d838904bace2073a9214834eed05619720edda9d06f797586aa1885ec6b7bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 359469
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 974
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
etag: "3ce-59aa648491caa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1ac271756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 1755920
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/PIC-02.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb411756-FRA

GET
H2

200

shoppingcart.png
pic.i3fresh.tw/pc/images/new/
Redirect Chain

https://i3fresh.tw/images/new/shoppingcart.png
https://pic.i3fresh.tw/pc/images/new/shoppingcart.png

3 KB
3 KB

15ms
14ms

Image
image/png

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/shoppingcart.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52673c6e48ef90234a6a69fcbe4a8bbd6eb1b26b52164fa7a497781273db33be

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 363066
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 3081
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
etag: "c09-59aa648476728"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1ac281756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 585976
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/new/shoppingcart.png
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0eb421756-FRA

GET
H2 200 PIC-07.png
pic.i3fresh.tw/pc/images/new/ 3 KB
3 KB 16ms
16ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-07.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36e758b9c0db74a9390eb031ff9657ff2a5ec0644726c80cb33409750aa9b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
age: 324023
etag: W/"b14-59aa64845d0e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0fb541756-FRA

GET
H2 200 PIC-08.png
pic.i3fresh.tw/pc/images/new/ 171 B
260 B 15ms
15ms Image
image/png 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/new/PIC-08.png

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6859b45bcdb5b1c09b27090e281bf9a8ab0b3ae02c851e94fec1ea892aa582ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 578124
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 171
last-modified: Fri, 27 Dec 2019 02:30:51 GMT
server: cloudflare
etag: "ab-59aa6484dcfd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e0fb651756-FRA

GET
H2

200

link_bar.gif
pic.i3fresh.tw/pc/images/
Redirect Chain

https://i3fresh.tw/images/link_bar.gif
https://pic.i3fresh.tw/pc/images/link_bar.gif

6 KB
6 KB

15ms
15ms

Image
image/gif

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/pc/images/link_bar.gif

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a326b6c104eea71de44edf9653ae9ecabb20c3287a4f0c552261de253a1b1ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/css/style.css?i=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 27 Dec 2019 02:28:17 GMT
server: cloudflare
age: 586576
etag: W/"16ed-59aa63f181a9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e1bc3d1756-FRA

Redirect headers

date: Fri, 14 Feb 2020 03:59:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
age: 401358
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
location: https://pic.i3fresh.tw/pc/images/link_bar.gif
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e0fb631756-FRA

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 86ms
34ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9855
x-xss-protection: 0
server: cafe
etag: 7067135177091508594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 03:59:57 GMT

GET
H2 200 top.js Show response
i3fresh.tw/js/ 600 B
404 B 13ms
12ms Script
application/javascript 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/js/top.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e462b47e13c1217b0b3ea332262680c1573b008a76531d884e6665ad93dc6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 97014
status: 200
vary: Accept-Encoding
content-length: 274
last-modified: Sat, 21 Jul 2018 15:59:21 GMT
server: cloudflare
etag: "258-571847ed5eaaa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1cc611756-FRA

GET
H2 200 20181022000001.js Show response
sun.advividnetwork.com/include_code/i3fresh/ 414 B
789 B 56ms
19ms Script
text/javascript 2606:4700::6812:ec3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/i3fresh/20181022000001.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ec3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ccab46fc939ae335fe67751c72e7fefe9e1043789a71401148c58da43efa7fc

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 520
cf-polished: origSize=504
status: 200
cf-bgj: minify
last-modified: Tue, 06 Aug 2019 04:36:40 GMT
server: cloudflare
etag: W/"a0044-1f8-58f6b5ef1e653"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 564c21e20f28d6cd-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 14 Feb 2020 07:59:57 GMT

GET
H2 200 jquery.cookie.js Show response
i3fresh.tw/js/ 2 KB
856 B 17ms
16ms Script
application/javascript 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/js/jquery.cookie.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2052236d805dcd4aebad8bd4f1e1bdb8b9474a881b63d9ea4263f7e2626170a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 335427
status: 200
vary: Accept-Encoding
content-length: 742
last-modified: Sat, 21 Jul 2018 15:59:20 GMT
server: cloudflare
etag: "786-571847ecf91aa-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1cc651756-FRA

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 29 KB
10 KB 50ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:00:50 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5df79c22-7533"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 15 Feb 2020 03:59:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-811237807

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

935a74376d29e5c25fdd5e8fe36a26fd17d9fed60d21eed5ce4218b90f68de29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28495
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:57 GMT

GET
H2 200 masonry-docs.min.js Show response
i3fresh.tw/js/ 32 KB
9 KB 222ms
221ms Script
application/javascript 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/js/masonry-docs.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7649f9afddb239f6eedee4f3d778ce2fb2a496b5060e83fe0a7578e945590a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
vary: Accept-Encoding
content-length: 9411
last-modified: Sat, 21 Jul 2018 15:59:21 GMT
server: cloudflare
etag: "8078-571847ed52f2a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1cc661756-FRA

GET
H2 200 jquery.lazyload.js Show response
i3fresh.tw/js/ 9 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/js/jquery.lazyload.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93f992927d16d7f6437ff50f0a6ee05f0e4bd82e8b869af4463b6d3462ca419c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 410816
status: 200
vary: Accept-Encoding
content-length: 2316
last-modified: Sat, 21 Jul 2018 15:59:20 GMT
server: cloudflare
etag: "2360-571847ed1184a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1cc681756-FRA

GET
H2 200 jquery.min.js Show response
i3fresh.tw/js/ 91 KB
33 KB 18ms
17ms Script
application/javascript 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i3fresh.tw/js/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 586578
status: 200
vary: Accept-Encoding
content-length: 33397
last-modified: Sat, 21 Jul 2018 15:59:20 GMT
server: cloudflare
etag: "16cfb-571847ed2124a-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=2073600
accept-ranges: bytes
cf-ray: 564c21e1cc6a1756-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5185
date: Fri, 14 Feb 2020 02:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Fri, 14 Feb 2020 04:33:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 63 KB
22 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W244SQP

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09691d7ae2fd09560fbe5cfa8e61d3057d10de6d1624b5e7022e720fe902f4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22268
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:57 GMT

GET
H/1.1 200
OK ematic.min.js Show response
api.ematicsolutions.com/v1/ 152 KB
45 KB 1238ms
459ms Script
application/javascript 172.104.37.28
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ematicsolutions.com/v1/ematic.min.js
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.37.28 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: nb-172-104-37-28.singapore.nodebalancer.linode.com
Software: nginx/1.12.2 /
Resource Hash: 649312081d460f6cb67d35012194e08d5146345402e2936e85b111837240bc5d

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 15:47:52 GMT
Server: nginx/1.12.2
ETag: W/"5e023328-2604c"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
31 KB 106ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: 3h2W2Aktc5RKiR3YoQlzIEiKQsXboRSvrY0Su1SSBMKAveeXR6bX7UKQxIJo2XwmZ7ZiM+kJ5PAKWaPL9yP9Pw==
x-fb-trip-id: 1850256238
date: Fri, 14 Feb 2020 03:59:58 GMT, Fri, 14 Feb 2020 03:59:58 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK rec.js Show response
rec.scupio.com/recweb/js/ 18 KB
6 KB 1153ms
262ms Script
application/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/js/rec.js
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 161b287c6ef90559c0d0c1eca8943c90a26a102a73fa73b032b87314f509fbf0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 04:24:32 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "08040af5bcbd51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=10800
Accept-Ranges: bytes
Content-Length: 6224

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 13 KB
5 KB 95ms
95ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

a71e7db0a927ec8762817c8886d4b9f3e17e69650afd0b8d5faf68d9bfbcfa4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

ats-carp-promotion: 1
date: Fri, 14 Feb 2020 03:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3517
x-amz-server-side-encryption: AES256
status: 200
strict-transport-security: max-age=15552000
content-length: 5024
x-amz-id-2: VUISq6iXVee4nIMESl0tq6XFHd8W+STO9dkadIuM2dyAvH7ylEPeyN4jp8fo1rENe+NKcnLvCvQ=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 06 Feb 2020 10:53:56 GMT
server: ATS
etag: "a629eb59ae363e48f6a144c1797fd267-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-request-id: B6510F38F4DAEF53
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: HZ6H9E8I._q6cQxsFgsJNeSI__biDZay
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

event Show response
widget.as.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085
https://widget.as.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085

7 KB
3 KB

851ms
292ms

Script
application/x-javascript

182.161.73.211
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.as.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 182.161.73.211 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ef14a6ac55ef3f3c7f2a24c09fb9b5314a3f8565b18d46abc5ac4c5be5244506

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
content-type: application/x-javascript
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
timing-allow-origin: *
content-length: 2952
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:57 GMT
location: https://widget.as.criteo.com/event?a=19249&v=5.5.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Fi3b.tw&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=i3fresh.tw&dtycbr=3085
status: 302
cache-control: no-cache
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 33ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-811237807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 8273558640064030436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
30 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8C2ZSM

Requested by

Host: sun.advividnetwork.com
URL: https://sun.advividnetwork.com/include_code/i3fresh/20181022000001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e186ec6f36d5bf16dbb0f52d140a987f357b82c1a3e03e0dd054daa9a1a668ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30833
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 21601.json Show response
s.yimg.com/wi/config/ 2 B
170 B 119ms
118ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/21601.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: AA09F2D080CF09A2
x-amz-id-2: yul+V/U6KenFjDIYpZ9IZVZaPAXbM75kJeeLFNfMph1GYFcGOCR018su4BxjcQLKdGp7CsEpahU=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 10074847.json Show response
s.yimg.com/wi/config/ 2 B
146 B 120ms
120ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10074847.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: D4B7DD6859AF23E4
x-amz-id-2: S0p8BKoJsGNGhQJuW9yLKK2UNU0VEc1VVWyEvOFIRaezh9E87/INwoci3CLP33cQZkDQ7bxv7Jw=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=pageview&_s=1&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_gid=2097948779.1581652798&gjid=1124009103&_v=j81&z=1455380812
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812&slf_rd=1&random=1488871131

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812&slf_rd=1&random=1488871131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1025231592&_v=j81&z=1455380812&slf_rd=1&random=1488871131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=pageview&_s=1&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62398956-1&cid=1573060707.1581652798&jid=809773471&_gid=2097948779.1581652798&gjid=251393784&_v=j81&z=936037039

35 B
111 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62398956-1&cid=1573060707.1581652798&jid=809773471&_gid=2097948779.1581652798&gjid=251393784&_v=j81&z=936037039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 14 Feb 2020 03:59:58 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-62398956-1&cid=1573060707.1581652798&jid=809773471&_gid=2097948779.1581652798&gjid=251393784&_v=j81&z=936037039
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986377343/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986377343/?random=1581652798094&cv=9&fst=1581652798094&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13181486fc4516b4ffa8ba37c217bc6a00f07fe3fc54cc5f80b87efb69c5084e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 390740601066290 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 84ms
84ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390740601066290?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef17f57b70294b5e747f4d1c028e16e6a300dad690a4a6fb2e2eb1fb561540b1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: L67XGBfjuinVIpVjYlIbee2lLTmybQkblWK91kRQLF1FXBSHt2XiLgpxcXXOLfgJDLHmJvQEJFD8f+RYeKy2qw==
x-fb-trip-id: 1850256238
date: Fri, 14 Feb 2020 03:59:58 GMT, Fri, 14 Feb 2020 03:59:58 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dablena.min.js Show response
static.dable.io/dist/ 17 KB
7 KB 89ms
23ms Script
application/javascript 23.201.182.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/dablena.min.js
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.201.182.46 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-182-46.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ebf4047d8a4fbb26924ba01ab992ea1c3dc5f3eae50fae404ff8bc9087de2cd3

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 00:35:57 GMT
Server: Apache
x-amz-request-id: 3B02984064097620
ETag: "b56bb84f33ab4db731bbf2b14219244b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6477
x-amz-id-2: RWOq2zLqPmK22T9al355Qg/aICyKW3df03GJ6KrOVaSVX0rQ7qBiCGpu457p0GNT8or4cYSp9+c=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
40 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9F4QDN&timestamp=1581652798107

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fae9b8db60341ccd0753a86fcba5efa975deb49a322820a42ddc0bb0290d1d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40427
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:06:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
26 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1581652798107

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71dbdfd7e3eb61e01d39abe4c55e1e5ada2d3a330d3846ad68ffd05e7a57890d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26957
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 fly-sohoauto.js Show response
whoscome.com/js/ 102 KB
19 KB 764ms
360ms Script
application/javascript 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://whoscome.com/js/fly-sohoauto.js?d=1581652798108

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-25-4.us-west-2.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

be20f7cba9d72cd54744cff7efaf704425cd9d19cb3049f246c06f8cd6dfbb63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
last-modified: Mon, 30 Dec 2019 13:50:14 GMT
server: nginx/1.16.1
x-frame-options: SAMEORIGIN
etag: W/"5e0a0096-1978d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000, public
expires: Sat, 13 Feb 2021 03:59:58 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 33ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9855
x-xss-protection: 0
server: cafe
etag: 7067135177091508594
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/811237807/ 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/811237807/?random=1581652798114&cv=9&fst=1581652798114&num=1&label=Yf6_CMTk6QQQjOD02wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5797089ba6cf03975153e59e9965c06bf96d408e8c1e95a0151be8f8190e5548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/986377343/ 42 B
113 B 22ms
22ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986377343/?random=1581652798094&cv=9&fst=1581649200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&fmt=3&is_vtc=1&random=2793246290&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/986377343/ 42 B
110 B 23ms
22ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986377343/?random=1581652798094&cv=9&fst=1581649200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&fmt=3&is_vtc=1&random=2793246290&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid_iframe.php
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame 02FC 0
0 387ms
296ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.95.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.2.15 (CentOS) / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: auto-load-balancer.likr.com.tw
:scheme: https
:path: /pushEndPoint/uuid_gen/uuid_iframe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.6.40
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
content-length: 2305
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
H2 200 avivid_pseudo_native_subscribe.css
avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/ 444 B
735 B 38ms
11ms Stylesheet
text/css 2606:4700:10::6814:320f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/avivid_pseudo_native_subscribe.css
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:320f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 814
status: 200
last-modified: Fri, 03 Nov 2017 02:54:19 GMT
server: cloudflare
etag: W/"1e0019-1bc-55d0b38977fa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 564c21e4ac323264-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998060044/ 2 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998060044/?random=1581652798160&cv=9&fst=1581652798094&num=2&label=Yf6_CMTk6QQQjOD02wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c7035a2fd8bc0f48e0942e49dce9aeeb0c3dda89befa6b82940a8b1a8125332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1157
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid_iframe.php
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame CEB7 0
0 366ms
302ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.95.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.2.15 (CentOS) / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: auto-load-balancer.likr.com.tw
:scheme: https
:path: /pushEndPoint/uuid_gen/uuid_iframe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.6.40
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
content-length: 2305
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 f_195956bf751416a6496b1b7307547df6.jpg
pic.i3fresh.tw/upload/product/ 338 KB
334 KB 14ms
13ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_195956bf751416a6496b1b7307547df6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7f449c4664e25715a2146caaf7985bb7bf931d841faa5c522752396e7846ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:45 GMT
server: cloudflare
age: 2663167
etag: W/"5471d-59b3dc189324e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e4afbd1756-FRA

GET
H2 200 f_f5ee02a7ee515f62b22b90121cc4b38c.jpg
pic.i3fresh.tw/upload/product/ 350 KB
350 KB 16ms
16ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_f5ee02a7ee515f62b22b90121cc4b38c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0128ecb26c14bf251efaefe23c5058f0d2e3a19c60dbbd59311c122fcad6e4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:06 GMT
server: cloudflare
age: 1311779
etag: W/"57733-59b3dc2c52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e4afbe1756-FRA

GET
H2 200 f_1c6a5265813d38323eff6fbc97d81413.jpg
pic.i3fresh.tw/upload/product/ 384 KB
384 KB 20ms
19ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_1c6a5265813d38323eff6fbc97d81413.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6144f2c9cf8e3ccb0323906b162aa52d95f7740923a96a527cc8f7f577acdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:46 GMT
server: cloudflare
age: 27088
etag: W/"5ff9c-59b3dc18e9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e4afbf1756-FRA

GET
H2 200 /
www.google.com/pagead/1p-user-list/811237807/ 42 B
113 B 23ms
23ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/811237807/?random=1581652798114&cv=9&fst=1581649200000&num=1&label=Yf6_CMTk6QQQjOD02wM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&async=1&fmt=3&is_vtc=1&random=1809248961&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/811237807/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/811237807/?random=1581652798114&cv=9&fst=1581649200000&num=1&label=Yf6_CMTk6QQQjOD02wM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa250&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&async=1&fmt=3&is_vtc=1&random=1809248961&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid_iframe.php
load-balancer.likr.com.tw/api/ Frame 683D 0
0 1902ms
1828ms Document
text/html 35.190.46.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://load-balancer.likr.com.tw/api/uuid_iframe.php
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T8C2ZSM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.46.27 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.46.190.35.bc.googleusercontent.com
Software: nginx/1.16.0 / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: load-balancer.likr.com.tw
:scheme: https
:path: /api/uuid_iframe.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
server: nginx/1.16.0
date: Fri, 14 Feb 2020 03:59:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
via: 1.1 google
alt-svc: clear

POST
H2 200 get_client_ip_for_ring.php Show response
auto-satellite.advividnetwork.com/api/ 15 B
188 B 334ms
284ms XHR
text/html 35.227.232.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-satellite.advividnetwork.com/api/get_client_ip_for_ring.php
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.232.198 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.232.227.35.bc.googleusercontent.com
Software: nginx/1.16.1 / PHP/5.6.40
Resource Hash: 8cbdb867099f42c9c690d1d9a4f96936a21eaee6fa8ea7e4724d6bf036ef8162

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
via: 1.1 google
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
status: 200
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: clear

GET
H2 200 /
www.google.com/pagead/1p-user-list/998060044/ 42 B
113 B 23ms
23ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998060044/?random=1581652798160&cv=9&fst=1581649200000&num=2&label=Yf6_CMTk6QQQjOD02wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&fmt=3&is_vtc=1&random=3564405427&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998060044/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998060044/?random=1581652798160&cv=9&fst=1581649200000&num=2&label=Yf6_CMTk6QQQjOD02wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=dynx_itemid%3D%3Bdynx_pagetype%3Dhome%3Bdynx_totalvalue%3D&frm=0&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&tiba=i3Fresh%20%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&fmt=3&is_vtc=1&random=3564405427&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/ifresh/ 575 B
1 KB 1166ms
292ms Script
text/javascript 15.164.78.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/ifresh/prefs2?legacy_uid=&cached_uid=&callback=dablejson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/dablena.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.164.78.148 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-164-78-148.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

41139caf40f3644eb8dca0f9ce5fbcfa4c71ab3bb8bcf900a5d180bcc3d94b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
P3P: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 335
ETag: W/"23f-busNnsupHGctNx9bkfvSijGYiIk"

GET
H2 200 /
www.facebook.com/tr/ 44 B
350 B 66ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390740601066290&ev=ViewContent&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&rl=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&if=false&ts=1581652798243&cd[content_ids]=%5B%2251%22%2C%2279%22%2C%22138%22%2C%22361%22%2C%22365%22%2C%22459%22%2C%22520%22%2C%22556%22%2C%22718%22%2C%221099%22%2C%2246%22%2C%2250%22%2C%22152%22%2C%22176%22%2C%22189%22%2C%22376%22%2C%22381%22%2C%22493%22%2C%22695%22%2C%22890%22%2C%221014%22%2C%22306%22%2C%221039%22%2C%221057%22%2C%221060%22%2C%221106%22%2C%2225%22%2C%22595%22%2C%221055%22%2C%22157%22%2C%22818%22%2C%221097%22%2C%22525%22%2C%22969%22%2C%221098%22%2C%2223%22%2C%22644%22%2C%221105%22%2C%22455%22%2C%22824%22%2C%22183%22%2C%22531%22%2C%221103%22%2C%22352%22%2C%22437%22%2C%2269%22%2C%22101%22%2C%22103%22%2C%22282%22%2C%22335%22%2C%22431%22%2C%22523%22%2C%22554%22%2C%22562%22%2C%22664%22%2C%22691%22%2C%22699%22%2C%22700%22%2C%22803%22%2C%22832%22%2C%22854%22%2C%22951%22%2C%22952%22%2C%221058%22%2C%221061%22%2C%221062%22%2C%221063%22%2C%221104%22%2C%221129%22%2C%221130%22%2C%22844%22%2C%22544%22%2C%228%22%2C%2261%22%2C%22237%22%2C%22543%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581652798242.39507147&it=1581652798103&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT, Fri, 14 Feb 2020 03:59:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 14 Feb 2020 03:59:58 GMT

GET
H2 200 f_195956bf751416a6496b1b7307547df6.jpg
pic.i3fresh.tw/upload/product/ 338 KB
334 KB 13ms
13ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_195956bf751416a6496b1b7307547df6.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7f449c4664e25715a2146caaf7985bb7bf931d841faa5c522752396e7846ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:45 GMT
server: cloudflare
age: 2663167
etag: W/"5471d-59b3dc189324e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e508231756-FRA

GET
H2 200 f_f5ee02a7ee515f62b22b90121cc4b38c.jpg
pic.i3fresh.tw/upload/product/ 350 KB
350 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_f5ee02a7ee515f62b22b90121cc4b38c.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0128ecb26c14bf251efaefe23c5058f0d2e3a19c60dbbd59311c122fcad6e4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:06 GMT
server: cloudflare
age: 1311779
etag: W/"57733-59b3dc2c52e51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e518291756-FRA

GET
H2 200 f_1c6a5265813d38323eff6fbc97d81413.jpg
pic.i3fresh.tw/upload/product/ 384 KB
383 KB 17ms
17ms Image
image/jpeg 2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_1c6a5265813d38323eff6fbc97d81413.jpg

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a6144f2c9cf8e3ccb0323906b162aa52d95f7740923a96a527cc8f7f577acdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:46 GMT
server: cloudflare
age: 27088
etag: W/"5ff9c-59b3dc18e9154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21e5182d1756-FRA

POST
H/1.1 200
OK crescent_redis.php Show response
elephant.likr.com.tw/elephant_api/ 0
268 B 861ms
274ms XHR
text/html 35.194.183.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephant.likr.com.tw/elephant_api/crescent_redis.php
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.183.217 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 217.183.194.35.bc.googleusercontent.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Feb 2020 03:59:59 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive

POST
H2 200 /
www.facebook.com/tr/ 0
79 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNfbRO3WJg5fJwFHD

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://i3fresh.tw
date: Fri, 14 Feb 2020 03:59:58 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C81F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_cm&google_hm=OVb2TAv0OEiusxlfuGVWOA
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_cm=&google_hm=OVb2TAv0OEiusxlfuGVWOA&google_tc=
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_gid=CAESEGc60ZSr0gxjuOY1MAtPbak&google_cver=1&google_ula=913071,0

43 B
291 B

58ms
19ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_gid=CAESEGc60ZSr0gxjuOY1MAtPbak&google_cver=1&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
server: HTTP server (unknown)
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=4cf65639-f40b-4838-aeb3-195fb8655638&google_gid=CAESEGc60ZSr0gxjuOY1MAtPbak&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel
adx.dable.io/ Frame C81F 0
185 B 901ms
290ms Image
text/plain 52.78.94.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.78.94.121 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-78-94-121.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Fri, 14 Feb 2020 03:59:59 GMT
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
server: nginx/1.14.1
x-powered-by: Express

GET
H/1.1 200
OK /
sync.aralego.com/idSync/ Frame C81F 35 B
509 B 414ms
102ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC-01

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC-01, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C81F 0
239 B 108ms
26ms Image
image/gif 69.173.144.136
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame C81F
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46
https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46&verify=true

0
552 B

22ms
21ms

Image
text/plain

52.29.177.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46&verify=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.177.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-177-239.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 14 Feb 2020 03:59:59 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 14 Feb 2020 03:59:59 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=4cf65639-f40b-4838-aeb3-195fb8655638&_origin=1&apid=UP78021560-4ede-11ea-9d7a-0649693eef46&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C81F
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us

43 B
183 B

24ms
24ms

Image
image/gif

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.5 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
via: 1.1 google
server: OXGW/16.174.5
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 14 Feb 2020 03:59:59 GMT
via: 1.1 google
server: OXGW/16.174.5
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072953&val=4cf65639-f40b-4838-aeb3-195fb8655638&c=us
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame C81F
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

23ms
23ms

Image
image/gif

52.59.82.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-224.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:59 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Fri, 14 Feb 2020 03:59:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=2711&xuid=4cf65639-f40b-4838-aeb3-195fb8655638&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame C81F 42 B
585 B 74ms
19ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNTEmdGw9MTI5NjAw&piggybackCookie=uid:4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 03:59:59 GMT
X-lat: Pug22035:0:361
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame C81F
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30

43 B
380 B

21ms
21ms

Image
image/gif

52.59.13.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.13.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-13-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:59 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Fri, 14 Feb 2020 03:59:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=4cf65639-f40b-4838-aeb3-195fb8655638&expires=30
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C81F 43 B
679 B 175ms
29ms Image
image/gif 185.86.138.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 03:59:58 GMT
Cache-Control: no-cache, no-store
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type: image/gif
Content-Length: 43
Expires: -1

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/microad/ Frame C81F
Redirect Chain

https://s-cs.send.microad.jp/cs?key=criteo_1
https://dis.criteo.com/dis/rtb/microad/cookiematch.aspx?maid=&cmps_error=3

43 B
291 B

20ms
20ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/microad/cookiematch.aspx?maid=&cmps_error=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Access-Control-Allow-Origin: *
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Location: https://dis.criteo.com/dis/rtb/microad/cookiematch.aspx?maid=&cmps_error=3
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 um
criteo-sync.teads.tv/ Frame C81F 23 B
287 B 137ms
78ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
server: akka-http/10.1.5
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 23
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame C81F 49 B
49 B 104ms
52ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=4cf65639-f40b-4838-aeb3-195fb8655638

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 14 Feb 2020 03:59:59 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 49
x-mnet-hl2: E
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H2 200 um
sync.e-planning.net/ Frame C81F 42 B
104 B 60ms
18ms Image
image/gif 5.178.65.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.e-planning.net/um?uid=4cf65639-f40b-4838-aeb3-195fb8655638&dc=6884a087b48abdb1&ibd=1&iss=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.178.65.249 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Fri, 14 Feb 2020 03:59:59 GMT
server: openresty
content-type: image/gif

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame C81F 43 B
805 B 113ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=438920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/yahoogemini/ Frame C81F
Redirect Chain

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0

43 B
291 B

18ms
18ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 14 Feb 2020 03:59:59 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
location: https://dis.criteo.com/dis/rtb/yahoogemini/cookiematch.aspx?xid=E0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status: 302
x-content-type-options: nosniff
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 204 t.gif
cw.addthis.com/ Frame C81F 0
426 B 204ms
147ms Image
text/plain 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame C81F 43 B
724 B 1076ms
269ms Image
image/gif 202.241.208.100
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.100 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-SO-Cluster-ID: 40
Date: Fri, 14 Feb 2020 04:00:00 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=4cf65639-f40b-4838-aeb3-195fb8655638&proto=criteo","cluster_id":40,"gdpr":true,"ipv4":"0.0.0.0","key":"XkYbQMCo5mIAALkcSloAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad360"}
X-SO-Key: XkYbQMCo5mIAALkcSloAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad360
Connection: keep-alive
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: m-ad360.dc4p.scaleout.jp
X-SO-Ads-Time: 1
Content-Type: image/gif
Content-Length: 43
X-SO-LB-Hostname: a-tgng28.dc2p.scaleout.jp
X-SO-IP: 82.102.19.132

GET
H2 200 /
cs.adingo.jp/sync/ Frame C81F 43 B
406 B 799ms
260ms Image
image/gif 54.65.183.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.183.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-183-137.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C81F
Redirect Chain

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6419119492301125227

43 B
291 B

19ms
18ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6419119492301125227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 04:00:01 GMT
AN-X-Request-Uuid: ffe3cac3-c731-4536-8921-7ce4ad86d213
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6419119492301125227
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame C81F
Redirect Chain

https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638
https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638&rdrctExp=true

0
447 B

92ms
91ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId: b3ac12163967c6e31aa5eacb345ca29b
Date: Fri, 14 Feb 2020 03:59:59 GMT
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=criteo&uid=4cf65639-f40b-4838-aeb3-195fb8655638&rdrctExp=true
Date: Fri, 14 Feb 2020 03:59:59 GMT
X-TraceId: 9bddd79fa30c9887df6a9b7393501ac8
Content-Length: 0

GET
H/1.1 200
OK /
sync.ad-stir.com/ Frame C81F 35 B
160 B 1101ms
269ms Image
image/gif 52.196.23.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=CRITEO&uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.196.23.153 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-196-23-153.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame C81F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638

95 B
451 B

25ms
24ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(8.1.13.v20130916) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
server: Jetty(8.1.13.v20130916)
date: Fri, 14 Feb 2020 03:59:59 GMT
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 200
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

strict-transport-security: max-age=31536000
via: 1.1 google
server: Jetty(8.1.13.v20130916)
date: Fri, 14 Feb 2020 03:59:59 GMT
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2926&partner_device_id=4cf65639-f40b-4838-aeb3-195fb8655638
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 302
alt-svc: clear
content-length: 0

GET
H2 200 sync
ad.as.amanad.adtdp.com/v1/ Frame C81F 42 B
972 B 344ms
269ms Image
image/gif 143.204.94.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-110.fra50.r.cloudfront.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 42
x-amz-cf-id: kZ6nhbdMoA4KmwgRkMmvubRve-uhCQrvwUY7Y_FuC7QvuYBPOw6xrg==
expires: Thu, 01 Jan 1970 09:00:00 GMT

GET
H/1.1 200
OK cookiesync
ad.caprofitx.adtdp.com/v1/ Frame C81F 35 B
357 B 1131ms
271ms Image
image/gif 13.114.168.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.caprofitx.adtdp.com/v1/cookiesync?criteo_uid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.168.72 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-168-72.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
Connection: keep-alive
Server: nginx
X-Trace-Token: 135101a72f05-3933658
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK user_match.ashx
ssp-sync.i-mobile.co.jp/ Frame C81F 120 B
544 B 1084ms
271ms Image
image/png 52.192.208.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-sync.i-mobile.co.jp/user_match.ashx?dspid=24&dspuid=4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.208.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-208-142.ap-northeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 04:00:30 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
P3P: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/png
Content-Length: 120
Expires: -1

GET
H/1.1 200
OK jquery-1.7.2.min.js Show response
code.jquery.com/ 93 KB
33 KB 22ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.7.2.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-17278"
Vary: Accept-Encoding
X-HW: 1581652799.dop109.fr8.shc,1581652799.dop109.fr8.t,1581652799.cds153.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33626

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame C81F 42 B
871 B 18ms
18ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMjMmdGw9MTI5NjAw&piggybackCookie=uid:4cf65639-f40b-4838-aeb3-195fb8655638
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 03:59:59 GMT
X-lat: Pug22050:0:435
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control: no-store, no-cache, private
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection: close
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C81F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=OVb2TAv0OEiusxlfuGVWOA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
291 B

18ms
18ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:58 GMT
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 03:59:59 GMT
server: HTTP server (unknown)
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
img.scupio.com/js/ 93 KB
37 KB 80ms
24ms Script
application/javascript 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/jquery.min.js
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:09 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2016 02:46:48 GMT
server: nginx/1.12.1
age: 208
etag: "57578718-17277"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
access-control-allow-origin: *
x-amz-cf-id: Or_SzH8jHKEQvoj9iHjQbqI_ugjGlUCpRgDxraR-7A1_3snvIDIWeQ==
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
expires: Sat, 13 Feb 2021 03:56:31 GMT

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame C81F 43 B
572 B 37ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=438920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H/1.1 200
OK visit Show response
sp-api.dable.io/logs/clients/ifresh/users/17102894.1581652799252/ 58 B
391 B 1162ms
290ms Script
text/javascript 13.125.193.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sp-api.dable.io/logs/clients/ifresh/users/17102894.1581652799252/visit?ref=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&cid=17102894.1581652799252&utm_source=sms-Evonne&utm_medium=200120-Newyear-End&z=70595&callback=dablejson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/dablena.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.125.193.18 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-125-193-18.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.14.1 / Express

Resource Hash

6d3b63183a45b86a96c2ccab0e1639fcf26e5a565020a1353d1adc69bd55dc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.14.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 69
ETag: W/"3a-dQk9lCGWIvJZjgLgfqF8jRRwFO4"

GET
H/1.1 200
OK settings.php Show response
sg3-api.ematicsolutions.com/v1/scripts/ 8 KB
1 KB 625ms
282ms Script
application/json 3.219.82.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sg3-api.ematicsolutions.com/v1/scripts/settings.php?callback=_EmaticCallbacks.settings&json=%7B%22method%22%3A%22%22%2C%22apikey%22%3A%22aa56111c84b611e8b2ba0242ac110002-sg3%22%2C%22listId%22%3Anull%2C%22debug%22%3A0%2C%22opt%22%3A%7B%22isControl%22%3Anull%2C%22email%22%3Anull%2C%22cookieless%22%3Anull%7D%2C%22env%22%3A%7B%22deviceHeight%22%3A1200%2C%22deviceWidth%22%3A1600%2C%22viewportHeight%22%3A1200%2C%22viewportWidth%22%3A1585%7D%2C%22session%22%3A%7B%22utmData%22%3A%7B%22utm_source%22%3A%22sms-Evonne%22%2C%22utm_medium%22%3A%22200120-Newyear-End%22%2C%22utm_campaign%22%3A%22%22%7D%7D%7D&page_url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&page_referer=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&_=1581652799410
Requested by: Host: api.ematicsolutions.com
URL: https://api.ematicsolutions.com/v1/ematic.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.82.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-82-28.compute-1.amazonaws.com
Software: nginx/1.10.0 / PHP/7.1.13
Resource Hash: 853bfd1543c92244cbb57b89b1ccbe94415e62466b83520a6bc0c42ef7acbaaa

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
Content-Encoding: gzip
Server: nginx/1.10.0
Connection: keep-alive
X-Powered-By: PHP/7.1.13
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame C81F 43 B
1 KB 26ms
26ms Image
image/gif 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=4cf65639-f40b-4838-aeb3-195fb8655638&seg=1005440

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 14 Feb 2020 04:00:01 GMT
AN-X-Request-Uuid: fb49b2cf-a170-4abc-a69f-d5d8349acf39
Content-Type: image/gif
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.166:80
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
67 KB 7ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js?_=1581652799612
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 14 Feb 2020 03:59:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 16:34:16 GMT
Server: nginx
ETag: W/"57d97c08-3dee4"
Vary: Accept-Encoding
X-HW: 1581652799.dop109.fr8.shc,1581652799.dop109.fr8.t,1581652799.cds153.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 67751

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 22 KB
7 KB 16ms
15ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.min.js?_=1581652799613

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 9146402
cf-ray: 564c21ef6afed705-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:20:58 GMT
server: cloudflare
etag: W/"5afd497a-58a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Feb 2021 03:59:59 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.002

GET
H2 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.11.0/js/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700::6811:4104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.11.0/js/md5.min.js?_=1581652799613

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4af672bf0e54b51c77db0774a6273daa45fb16e53820ff28a64413872e6c24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 12093726
cf-ray: 564c21ef8b1fd705-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Mon, 15 Jul 2019 10:31:05 GMT
server: cloudflare
etag: W/"5d2c55e9-e96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Feb 2021 03:59:59 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H2 200 ls.html
img.scupio.com/html/ Frame 73C8 0
0 83ms
20ms Document
text/html 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=119
Requested by: Host: rec.scupio.com
URL: https://rec.scupio.com/recweb/js/rec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html?mid=119
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Thu, 13 Feb 2020 21:39:12 GMT
etag: "583295c9-4dc"
expires: Thu, 20 Feb 2020 21:39:12 GMT
cache-control: max-age=604800
x-cache: Hit from cloudfront
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: MmhHRPl0ivt5HMXf-sIvF2Qul1sznZJtfq8BY3nO5bAq3uzVKACtSw==
age: 1995

POST
H/1.1 200
OK rec.aspx Show response
rec.scupio.com/recweb/ 1 KB
1 KB 261ms
261ms XHR
text/javascript 210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/rec.aspx?cb=0.3360081311805152
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.7.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.175 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1af79313306bebfe020f505be5fce6e489a1d832b6d23f425f56431d8c2c32f8

Request headers

Accept: */*
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Feb 2020 03:59:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://i3fresh.tw
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
24 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTZPL6L

Requested by

Host: i3b.tw
URL: http://i3b.tw/qq6qwGB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

401a30d45fba6541af91c577bd9ae754fd15dfe9783dd83d0ae348ade1cb57b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:59:59 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23993
x-xss-protection: 0
last-modified: Fri, 14 Feb 2020 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Feb 2020 03:59:59 GMT

GET
H2 200 validate Show response
whoscome.com/sohoauto/ga/ 3 KB
2 KB 297ms
296ms Script
text/javascript 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whoscome.com/sohoauto/ga/validate?uid=18538&id=96&url=i3fresh.tw&callback=jQuery18206972049292603055_1581652797756&_=1581652799935
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-25-4.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.0.33
Resource Hash: cd6d0f5d2af20df65eebaebaab3f8f701205251d2b48de4236c0c3e8a1227533

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
content-encoding: gzip
server: nginx/1.16.1
access-control-allow-origin: *
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK crescent_redis.php Show response
elephant.likr.com.tw/elephant_api/ 0
268 B 279ms
279ms XHR
text/html 35.194.183.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://elephant.likr.com.tw/elephant_api/crescent_redis.php
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.183.217 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 217.183.194.35.bc.googleusercontent.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 14 Feb 2020 04:00:00 GMT
Server: nginx/1.12.2
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 pixel.js Show response
img.scupio.com/js/ 27 KB
10 KB 28ms
28ms Script
application/javascript 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/pixel.js
Requested by: Host: i3b.tw
URL: http://i3b.tw/qq6qwGB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 530a594f354ce4b66f37902da359ed575676eebd1fc14c0070ace6624f5376d1

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 14 Feb 2020 03:39:51 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 08:36:56 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA2-C2
etag: "5e43b928-6b6a"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=1200
access-control-allow-origin: *
x-amz-cf-id: TDoHkGzR6HCEoN-Q763qmwG-SBRledWsX8dcdYuS_A3Xtw5Udj-kuQ==
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
expires: Fri, 14 Feb 2020 03:59:51 GMT

GET
H2 200 em.html
img.scupio.com/html/ Frame EC04 0
0 23ms
22ms Document
text/html 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/em.html
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/em.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 429
server: nginx/1.12.1
last-modified: Wed, 12 Feb 2020 08:36:57 GMT
access-control-allow-origin: *
accept-ranges: bytes
date: Fri, 14 Feb 2020 03:48:40 GMT
etag: "5e43b929-1ad"
expires: Fri, 14 Feb 2020 04:13:40 GMT
cache-control: max-age=1500
x-cache: Hit from cloudfront
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: tX3cufXzM72sGD5Ttbi4rxfnqNSHoPLd96LU-95FOsPXKj5gd_27GQ==
age: 680

GET
H2 200 ls.html
img.scupio.com/html/ Frame E7AD 0
0 25ms
25ms Document
text/html 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html?mid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End

Response headers

status: 200
content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 14 Feb 2020 01:44:29 GMT
etag: "583295c9-4dc"
expires: Fri, 21 Feb 2020 01:44:29 GMT
cache-control: max-age=604800
x-cache: Hit from cloudfront
via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: p4IPqpdUoXAnHPWgqITZh5knhmvNFR2XuNIk-O5g5DbqgWqjW8aXhg==
age: 706

POST
H2 200 event Show response
pixel-api.scupio.com/v0/ 252 B
562 B 1409ms
563ms XHR
application/json 210.59.219.31
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-api.scupio.com/v0/event?cb=0.6469102643140783
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.59.219.31 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx/1.15.2 /
Resource Hash: af9a175d1cbb93426682089d3e9e23090ca4346b74ab0ff4d5ee916bd143f3d4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
Origin: https://i3fresh.tw
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 Feb 2020 04:00:01 GMT
content-encoding: gzip
server: nginx/1.15.2
status: 200
access-control-allow-methods: POST
p3p: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
access-control-allow-origin: https://i3fresh.tw
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 fly.css
whoscome.com/css/ 13 KB
3 KB 190ms
190ms Stylesheet
text/css 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://whoscome.com/css/fly.css?dev=1581652800264

Requested by

Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-25-4.us-west-2.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

c6d9de8a247c486c7276c608beac1f241e336c093a7d280d8a5cef109a3b51b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Fri, 14 Feb 2020 04:00:00 GMT
content-encoding: gzip
last-modified: Mon, 23 Dec 2019 10:57:28 GMT
server: nginx/1.16.1
x-frame-options: SAMEORIGIN
etag: W/"5e009d98-32b3"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Sat, 13 Feb 2021 04:00:00 GMT

GET
H2 200 index Show response
whoscome.com/sohoauto/out/ 50 B
404 B 282ms
282ms Script
text/javascript 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whoscome.com/sohoauto/out/index?ga_client_id=1573060707.1581652798&webrecord_id=96&callback=jQuery18206972049292603055_1581652797756&_=1581652800266
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-25-4.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.0.33
Resource Hash: 8f18ac404456b650b83cd706759ef6c60975244df90fec36c0ea0f05a48f4a97

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
content-encoding: gzip
server: nginx/1.16.1
access-control-allow-origin: *
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 getRules Show response
whoscome.com/sohoauto/out/ 66 KB
6 KB 397ms
397ms Script
text/javascript 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whoscome.com/sohoauto/out/getRules?callback=jQuery18206972049292603055_1581652797757&fly_webrecord=96&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&sitead_params=%7B%22ga_country%22%3A%22United+Kingdom%22%2C%22ga_client_id%22%3A%221573060707.1581652798%22%2C%22ga_device_category%22%3A%22Desktop%22%2C%22ga_language%22%3A%22en-us%22%2C%22referrer%22%3A%22http%3A%2F%2Fi3b.tw%2Fqq6qwGB%22%2C%22ga_source%22%3A%22sms-Evonne%22%2C%22ga_medium%22%3A%22200120-Newyear-End%22%2C%22ga_source_medium%22%3A%22sms-Evonne+%2F+200120-Newyear-End%22%2C%22domain%22%3A%22https%3A%2F%2Fi3fresh.tw%22%2C%22product_urls%22%3A%5B%22%2F%22%5D%7D&_=1581652800267
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-25-4.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.0.33
Resource Hash: f7db23f42859695003ef2d76b008b839a367d51fb113b45670eb321bb2affde5

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
content-encoding: gzip
server: nginx/1.16.1
access-control-allow-origin: *
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 browsecreate Show response
whoscome.com/sohoauto/out/ 101 B
440 B 289ms
289ms Script
text/javascript 52.43.25.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whoscome.com/sohoauto/out/browsecreate?callback=jQuery18206972049292603055_1581652797757&webrecord_id=96&url=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&page_title=i3Fresh+%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&client_id=1573060707.1581652798&ga_client_id=1573060707.1581652798&type=0&event_category=loading%3A%3Ai3Fresh+%E6%84%9B%E4%B8%8A%E6%96%B0%E9%AE%AE&event_label=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&fly_data=%7B%22ga_country%22%3A%22United+Kingdom%22%2C%22ga_client_id%22%3A%221573060707.1581652798%22%2C%22ga_device_category%22%3A%22Desktop%22%2C%22ga_language%22%3A%22en-us%22%2C%22referrer%22%3A%22http%3A%2F%2Fi3b.tw%2Fqq6qwGB%22%2C%22ga_source%22%3A%22sms-Evonne%22%2C%22ga_medium%22%3A%22200120-Newyear-End%22%2C%22ga_source_medium%22%3A%22sms-Evonne+%2F+200120-Newyear-End%22%7D&ukey=1573060707.1581652798-1581652800679&_=1581652800679
Requested by: Host: i3fresh.tw
URL: https://i3fresh.tw/js/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.25.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-25-4.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/7.0.33
Resource Hash: 21da9ed220c07a7760f9cbbae2670419696cf6751ca41642e89adcaa98a709af

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
content-encoding: gzip
server: nginx/1.16.1
access-control-allow-origin: *
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
status: 200
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: origin, x-requested-with, content-type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=946389809&t=event&_s=2&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&dr=http%3A%2F%2Fi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_gid=2097948779.1581652798&gjid=421210655&_v=j81&z=2111597826
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826&slf_rd=1&random=3455323934

42 B
109 B

20ms
19ms

Image
image/gif

2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826&slf_rd=1&random=3455323934

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Feb 2020 04:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-37210982-1&cid=1573060707.1581652798&jid=1150052497&_v=j81&z=2111597826&slf_rd=1&random=3455323934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1149455511754876&ev=PageView&dl=https%3A%2F%2Fi3fresh.tw%2Findex.html%3Futm_source%3Dsms-Evonne%26utm_medium%3D200120-Newyear-End&rl=http%3A%2F%2Fi3b.tw%2Fqq6qwGB&if=false&ts=1581652801600&cd[b]=0&cd[c]=0&cd[cv]=0&cd[g]=10&cd[i]=0&cd[u]=0&cd[a]=0&cd[m]=119&cd[sr]=0&cd[s]=0&cd[sb]=0&cd[tm]=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 14 Feb 2020 04:00:01 GMT, Fri, 14 Feb 2020 04:00:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Fri, 14 Feb 2020 04:00:01 GMT

GET
H/1.1 200
OK 10902.jpg
whoscome-s3.s3.us-west-2.amazonaws.com/upload/customer/18538/ 1 MB
1 MB 1569ms
206ms Image
application/octet-stream 52.218.221.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whoscome-s3.s3.us-west-2.amazonaws.com/upload/customer/18538/10902.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.221.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8dab97dff38f14ef62269a6f5c093bd98e3d24d689972ab231c177dc9b5a0f4e

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 14 Feb 2020 04:00:04 GMT
Last-Modified: Fri, 31 Jan 2020 02:19:38 GMT
Server: AmazonS3
x-amz-request-id: 8B6FD9FB07DE3706
ETag: "e31fb76d87b09f9297236d6b717d1d52"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1435221
x-amz-id-2: kBQ3CpXreO4Bp6HcBTN68bkHduVy/Zqu5NSipH/uVJvywzpTS8/Gj+Jn0XWX1APMfXP+CLP+RAI=

GET
H2

200

f_3aa9f2dd7458051a5ca102c492b34fd1.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg
https://pic.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg

227 KB
221 KB

21ms
21ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bd49594e14f105923963dba7585209140a883431a40f2ce5b1243b9c61cdcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:48 GMT
server: cloudflare
age: 1059707
etag: W/"38a24-59b3dc1ad6417"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ff8ebf1756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_3aa9f2dd7458051a5ca102c492b34fd1.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_fd15828a3ef104fdab2acfae01d1a3e1.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg
https://pic.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg

451 KB
448 KB

25ms
25ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21db42e3cefc9b8411ae7e163fc8363a95522c886c7c77c8273988e3f154b136

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:07 GMT
server: cloudflare
age: 13222
etag: W/"70a70-59b3dc2d3c4c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ff9ed21756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_fd15828a3ef104fdab2acfae01d1a3e1.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_e6fd6560344f3c408b63e5c855de0530.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg
https://pic.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg

302 KB
302 KB

18ms
18ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92145ee68d2ec4cd27fe0672fa5f6862cf7db2c6c41c9b93c5295cee8c692b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:05 GMT
server: cloudflare
age: 584697
etag: W/"4b67a-59b3dc2b2909c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ff9ed31756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_e6fd6560344f3c408b63e5c855de0530.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_54cd9bb8fb94b404205e44e9eb16429c.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg
https://pic.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg

254 KB
246 KB

17ms
16ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af8a44fa1234f18d74e746aa6cc3bef3bb0ce8bca9180090e58555535061fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:50 GMT
server: cloudflare
age: 2223979
etag: W/"3f8af-59b3dc1cc84fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ffaeea1756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_54cd9bb8fb94b404205e44e9eb16429c.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg
https://pic.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg

379 KB
378 KB

19ms
19ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15f6bda6014f194de7f7b5538235507c00dd31953a4ace829e2f7ff9e8eff38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:00 GMT
server: cloudflare
age: 583861
etag: W/"5eb3e-59b3dc2677d88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ffaeeb1756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_b071fb3570dad5d76e17c9c3cbeadcc4.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_07348b8fd9a9a9b698dec2e2e7e40127.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg
https://pic.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg

266 KB
266 KB

21ms
20ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ac87f1f539e4c357725e06eac9752eb334fed1e7fe4305ceb42a242e3e670b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:44 GMT
server: cloudflare
age: 244770
etag: W/"42691-59b3dc176b3da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c21ffaef31756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_07348b8fd9a9a9b698dec2e2e7e40127.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_042e006db25b6aa5893420f2196fb057.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg
https://pic.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg

256 KB
254 KB

17ms
17ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45241d770ebfff3bee2bf3779b2f04e86b202c5ae6452cf03a1297292fc962cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:44 GMT
server: cloudflare
age: 1584876
etag: W/"40016-59b3dc174b037"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c220169791756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_042e006db25b6aa5893420f2196fb057.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg
https://pic.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg

287 KB
286 KB

39ms
38ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19d0140a7019a50857f635941da05ef860b1ffe5339d2da4fae2122792b39383

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:05 GMT
server: cloudflare
age: 1169765
etag: W/"47c4f-59b3dc2b68840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c2201697a1756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_eb6976ce14b25b0e74c54bfd064c7c6e.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_00e296097e06c4f7987eb7b13f126d71.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg
https://pic.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg

341 KB
341 KB

14ms
13ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47cafcd457b2c2c9a06c463d5647669c011312efc796521f414ac675e46a279f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:13:44 GMT
server: cloudflare
age: 67726
etag: W/"55577-59b3dc16d5d2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c220179911756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_00e296097e06c4f7987eb7b13f126d71.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

GET
H2

200

f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg
pic.i3fresh.tw/upload/product/
Redirect Chain

https://webedit.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg
https://pic.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg

351 KB
340 KB

21ms
20ms

Image
image/jpeg

2606:4700:10::6814:24e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:24e4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8412c7005d2476be14aebfd296afff8c2242acc172759669277597c27d1cff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://i3fresh.tw/index.html?utm_source=sms-Evonne&utm_medium=200120-Newyear-End
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Feb 2020 04:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 03 Jan 2020 15:14:04 GMT
server: cloudflare
age: 1291173
etag: W/"57a38-59b3dc2aad033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=2073600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 564c220169821756-FRA

Redirect headers

Location: https://pic.i3fresh.tw/upload/product/f_e3eeb2eeef81a86ff6dc64d8ae96c235.jpg
Date: Fri, 14 Feb 2020 04:00:02 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 145
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

823 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			i3fresh.tw/	1969-12-31 23:59:59	Name: PHPSESSID Value: domecfiali01obtn4pu7mku90j
			.i3fresh.tw/	1970-01-19 08:04:04	Name: __cfduid Value: d6db89a2f3dee83f486569df4c1de16571581652797

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 39) Message: 82.102.19.132

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.as.amanad.adtdp.com
ad.caprofitx.adtdp.com
ads.yahoo.com
adx.dable.io
ajax.cloudflare.com
api.dable.io
api.ematicsolutions.com
auto-load-balancer.likr.com.tw
auto-satellite.advividnetwork.com
avivid.likr.tw
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
cw.addthis.com
dis.criteo.com
eb2.3lift.com
elephant.likr.com.tw
googleads.g.doubleclick.net
i3b.tw
i3fresh.tw
ib.adnxs.com
img.scupio.com
load-balancer.likr.com.tw
pic.i3fresh.tw
pixel-api.scupio.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.tapad.com
rec.scupio.com
rtb-csync.smartadserver.com
s-cs.send.microad.jp
s.yimg.com
secure.adnxs.com
sg3-api.ematicsolutions.com
simage2.pubmatic.com
sp-api.dable.io
sp.analytics.yahoo.com
sslwidget.criteo.com
ssp-sync.i-mobile.co.jp
static.criteo.net
static.dable.io
stats.g.doubleclick.net
sun.advividnetwork.com
sync.ad-stir.com
sync.aralego.com
sync.e-planning.net
sync.outbrain.com
tg.socdm.com
ups.analytics.yahoo.com
us-u.openx.net
webedit.i3fresh.tw
whoscome-s3.s3.us-west-2.amazonaws.com
whoscome.com
widget.as.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.242.245
13.114.168.72
13.125.193.18
13.225.78.21
143.204.94.110
15.164.78.148
162.210.196.208
172.104.37.28
178.250.0.163
178.250.2.151
182.161.73.211
185.64.189.110
185.86.138.114
2.18.235.93
2001:4de0:ac19::1:b:3a
202.241.208.100
210.160.193.168
210.59.219.175
210.59.219.31
210.71.253.52
212.82.100.181
216.58.205.226
216.58.206.2
23.201.182.46
23.210.248.44
2606:4700:10::6814:24e4
2606:4700:10::6814:320f
2606:4700::6811:4104
2606:4700::6812:ec3
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:817::2003
2a00:1450:4001:818::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.219.82.28
34.95.120.147
34.96.95.4
35.190.46.27
35.194.183.217
35.227.232.198
35.227.248.159
37.252.173.27
37.252.173.38
5.178.65.249
52.192.208.142
52.196.23.153
52.218.221.1
52.28.145.127
52.29.177.239
52.43.25.4
52.59.13.16
52.59.82.224
52.68.64.82
52.78.94.121
54.65.183.137
69.173.144.136
70.42.32.31
0128ecb26c14bf251efaefe23c5058f0d2e3a19c60dbbd59311c122fcad6e4a3
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
040ff3d984b7ea23b7290c66bb3e21cb1a796d83dc5162b53d155fa41d004fec
09691d7ae2fd09560fbe5cfa8e61d3057d10de6d1624b5e7022e720fe902f4eb
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13181486fc4516b4ffa8ba37c217bc6a00f07fe3fc54cc5f80b87efb69c5084e
14ac87f1f539e4c357725e06eac9752eb334fed1e7fe4305ceb42a242e3e670b
15f6bda6014f194de7f7b5538235507c00dd31953a4ace829e2f7ff9e8eff38c
161b287c6ef90559c0d0c1eca8943c90a26a102a73fa73b032b87314f509fbf0
19d0140a7019a50857f635941da05ef860b1ffe5339d2da4fae2122792b39383
1af79313306bebfe020f505be5fce6e489a1d832b6d23f425f56431d8c2c32f8
2052236d805dcd4aebad8bd4f1e1bdb8b9474a881b63d9ea4263f7e2626170a5
21da9ed220c07a7760f9cbbae2670419696cf6751ca41642e89adcaa98a709af
21db42e3cefc9b8411ae7e163fc8363a95522c886c7c77c8273988e3f154b136
2af8a44fa1234f18d74e746aa6cc3bef3bb0ce8bca9180090e58555535061fad
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36c7667c1d564f90691f146f3751e89233e516895beecc70d9ed50a881810e63
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
401a30d45fba6541af91c577bd9ae754fd15dfe9783dd83d0ae348ade1cb57b6
41139caf40f3644eb8dca0f9ce5fbcfa4c71ab3bb8bcf900a5d180bcc3d94b4b
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4436001c67e288f0ea01b8988af2bc023e3f2dff60e201070835f224e18f5c1b
45241d770ebfff3bee2bf3779b2f04e86b202c5ae6452cf03a1297292fc962cd
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
47cafcd457b2c2c9a06c463d5647669c011312efc796521f414ac675e46a279f
4a6144f2c9cf8e3ccb0323906b162aa52d95f7740923a96a527cc8f7f577acdb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52673c6e48ef90234a6a69fcbe4a8bbd6eb1b26b52164fa7a497781273db33be
530a594f354ce4b66f37902da359ed575676eebd1fc14c0070ace6624f5376d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5797089ba6cf03975153e59e9965c06bf96d408e8c1e95a0151be8f8190e5548
57d8711c089ef3c426cc0995938edd3b28b70b403892530cfc85d59a7a3dbc4e
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b
649312081d460f6cb67d35012194e08d5146345402e2936e85b111837240bc5d
6859b45bcdb5b1c09b27090e281bf9a8ab0b3ae02c851e94fec1ea892aa582ae
6a60018cab3d38d035188490d869d5dc1283a7dd115917226df457ca92887f7f
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3b63183a45b86a96c2ccab0e1639fcf26e5a565020a1353d1adc69bd55dc10
6d7f449c4664e25715a2146caaf7985bb7bf931d841faa5c522752396e7846ec
6e07ee7d070560966c3f1486e0a15094e7f6b1e5d5e0e2c83bfe78fb168c95a0
71dbdfd7e3eb61e01d39abe4c55e1e5ada2d3a330d3846ad68ffd05e7a57890d
72e3e2d8459c88affcf507e8aea1f5c73f563210af6639f6752517acce9c8fb5
747ddaa3f6565cc384fb1c64abed9df7dbf2e37be783fac8d8794f21d2bf9b04
7649f9afddb239f6eedee4f3d778ce2fb2a496b5060e83fe0a7578e945590a58
82f30de9906c3e5a4b91909b8196c58f099f9d7f39b33105a31cc6d7face3530
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840fd69493a64ca58a24b0c4b0dce6fed890e915a6f5aa1fcc0f8f2061d69c03
853bfd1543c92244cbb57b89b1ccbe94415e62466b83520a6bc0c42ef7acbaaa
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd49594e14f105923963dba7585209140a883431a40f2ce5b1243b9c61cdcec
8c7035a2fd8bc0f48e0942e49dce9aeeb0c3dda89befa6b82940a8b1a8125332
8cbdb867099f42c9c690d1d9a4f96936a21eaee6fa8ea7e4724d6bf036ef8162
8dab97dff38f14ef62269a6f5c093bd98e3d24d689972ab231c177dc9b5a0f4e
8f18ac404456b650b83cd706759ef6c60975244df90fec36c0ea0f05a48f4a97
900a2dae12bb9baf4fb4ca59d08f2e74cb192afbbc70aa33298da99cccceeef8
92145ee68d2ec4cd27fe0672fa5f6862cf7db2c6c41c9b93c5295cee8c692b18
935a74376d29e5c25fdd5e8fe36a26fd17d9fed60d21eed5ce4218b90f68de29
93f992927d16d7f6437ff50f0a6ee05f0e4bd82e8b869af4463b6d3462ca419c
9ccab46fc939ae335fe67751c72e7fefe9e1043789a71401148c58da43efa7fc
9d838904bace2073a9214834eed05619720edda9d06f797586aa1885ec6b7bbd
9e462b47e13c1217b0b3ea332262680c1573b008a76531d884e6665ad93dc6b5
a326b6c104eea71de44edf9653ae9ecabb20c3287a4f0c552261de253a1b1ab9
a3db55dc436d57cf1ac283b54814c45422c1af778034f60f30adbed829559d62
a71e7db0a927ec8762817c8886d4b9f3e17e69650afd0b8d5faf68d9bfbcfa4a
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
af9a175d1cbb93426682089d3e9e23090ca4346b74ab0ff4d5ee916bd143f3d4
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e43308ad37fba80d03dac9a497a96febac77a457711dab836dcf12efb80cef
b5e6829c2134c231008107e3aa6cb7573adda8b49471a7af1926bc7b9398558c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be20f7cba9d72cd54744cff7efaf704425cd9d19cb3049f246c06f8cd6dfbb63
c44a3ebcddf2d25f71aca3d5f1e643e496a6d38367802385471c2610d06b2539
c6d9de8a247c486c7276c608beac1f241e336c093a7d280d8a5cef109a3b51b3
c8866237f603fc9fe1e1d8503a4113e5b02b92d7c3f1a2dd74d2948a1fa65459
cd6d0f5d2af20df65eebaebaab3f8f701205251d2b48de4236c0c3e8a1227533
cdda2a0198e2e71fdd810e88269ba5c015c3370278f76d74e4821de8a4cc3014
d345db5a8699fbb130393de64afc321f7f5793b8e4b9d7b3dc718604cac85b58
d4af672bf0e54b51c77db0774a6273daa45fb16e53820ff28a64413872e6c24d
e186ec6f36d5bf16dbb0f52d140a987f357b82c1a3e03e0dd054daa9a1a668ae
e2aaeafddaf3ebacb3586debc561064a9375ff70acca810c540f896ee3394202
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4654523a194a4b691d9ca4ca13723fd40fa564abb86a80f3a7ff40b63e40b49
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf4047d8a4fbb26924ba01ab992ea1c3dc5f3eae50fae404ff8bc9087de2cd3
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef14a6ac55ef3f3c7f2a24c09fb9b5314a3f8565b18d46abc5ac4c5be5244506
ef17f57b70294b5e747f4d1c028e16e6a300dad690a4a6fb2e2eb1fb561540b1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36e758b9c0db74a9390eb031ff9657ff2a5ec0644726c80cb33409750aa9b53
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f734890b28c6caf8d5d3cfdce7f418e75ca2cb762eb8763a0078a5515c39fad4
f7db23f42859695003ef2d76b008b839a367d51fb113b45670eb321bb2affde5
f8210c37e62949d2179c0cbef06e734c8aeccd4ec52fa8c9b4dfcac0fdcbd094
f8412c7005d2476be14aebfd296afff8c2242acc172759669277597c27d1cff1
fae9b8db60341ccd0753a86fcba5efa975deb49a322820a42ddc0bb0290d1d94

i3fresh.tw Open in urlscan Pro 2606:4700:10::6814:24e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

142 Requests

99 %HTTPS

24 %IPv6

45 Domains

65 Subdomains

57 IPs

13 Countries

7661 kBTransfer

9505 kBSize

2 Cookies

13 Outgoing links

Redirected requests

142 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

i3fresh.tw Open in urlscan Pro
2606:4700:10::6814:24e4 Public Scan

Screenshot
Live screenshot

Full Image

142
Requests

99 %
HTTPS

24 %
IPv6

45
Domains

65
Subdomains

57
IPs

13
Countries

7661 kB
Transfer

9505 kB
Size

2
Cookies

142 HTTP transactions
1 data transactions