bwh.5688123.xyz Open in urlscan Pro
188.114.97.3  Public Scan

100 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response bwh.5688123.xyz/	125 KB 27 KB	1286ms 715ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash cb95ef797c40ae7dce925bc18a13633f8c7805c96eaa00f7372c4f29357696d4 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=3, must-revalidate cf-cache-status DYNAMIC cf-ray 898644ef8c51366b-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 23 Jun 2024 17:41:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYD68n3RiOfCGZeK6raupoZZ1Yt4EueG0tRR18mpgfh2TNGwWg0fnyXTVqndtCWHkfcKDadk7nYjH9t1%2BovjztqD%2BL%2FsleVf%2BJ%2Fhe5GtyUHU%2F9Rxck11LIDnjrcN"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Cookie x-powered-by PHP/7.4.33
GET		ratemypost.ttf nicklee.tw/wp-content/plugins/rate-my-post/public/css/fonts/	0 0
GET H3	200	rocket-loader.min.js Show response bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	61ms 34ms	Script application/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:30 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 19 Jun 2024 08:39:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66729944-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynawMmtNg4ewvnbc%2BB9RBqDDA2pDnFn4zprOCQFA9LTOJJLxlU%2FVLuoNb0Yxvo7xRnnBwmfGMZMHgJus13aEwws1p6f%2FB9eWg%2Fas9%2Fesk5%2BfgSDocdAFWpk3szCL6DAhECM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 898644f44c72366b-FRA expires Tue, 25 Jun 2024 17:41:30 GMT
GET H3	200	head-mark-right-300.webp bwh.5688123.xyz/attachments/etc/	29 KB 29 KB	289ms 260ms	Image image/webp	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bwh.5688123.xyz/attachments/etc/head-mark-right-300.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a5cb645dc438451a2be33ed86a4d40498c2ad633f474fd7aeeab0cde7ade4733 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT cf-cache-status DYNAMIC last-modified Wed, 29 Nov 2023 12:36:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 938 etag "6567305b-7368" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzG5No8GSzCAGP9YpexVCOvPc8Krs1AOyuUwvoyK7V%2BJxa5krJJRwIGJTeX5%2BFyssBjMHJbNT3ZmHuP1b1npalzFHK%2Bs5qty%2FzKTgvZpDsBOU40He0NipFHQcOb2"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644f4ed5a366b-FRA alt-svc h3=":443"; ma=86400 content-length 29544
GET H3	200	/ nicklee.tw/_jb_static/	232 KB 41 KB	2640ms 1912ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/_jb_static/??-eJyVkt1OwzAMhd+GK7KoF7BxMfEok+O6XajzIzul6tsTOgm1YjD10jn+4qNj2ykbH5HHltSiqm29Fus44WDYOwGZrZaZ6VDFZ7vu/lAbqPVATIFi2RSZYSYxTD3gfAg+Psartq5/AEyxfOuZx97HahJywSssZjup4oVie9l6/I+ps4eS8gNCoJAJs8mpxpFHxx4Xev3+Cy7Xal1tL4DUjWyyJHt/zL1OUKVyW4KQ5hTVf+4mu9pmYCJNgTa57+CJOe3ltAY07IUySUdYjKIkZgey94MpJUwhkODfmyzgmHJN9Ia40XNbj6CDkZcNvodzc2xOx9fm9PL2hO7cfAGI7Cn4 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 33bd3db6cfc15490994cf56aeced463a1066eae18d9ce29d5aba64e19f0aab8f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 19 Jun 2024 01:50:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-page-optimize cached x-powered-by PHP/7.4.33 etag W/"64ddf9a9aa1603a9a1bcb9794d252388" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xj4cYiHZYX6JEOEXZulUbW1hyg1mnK6XfFOzLsIsIDKxiGu4QaMNbBBbcv925bpIHYeOe4NEU0kerGBjmboJ5etnh6uK97if%2FemEnTH6gQ5T9fjVkscFtNqMzJhn"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control max-age=31536000 cf-ray 898644fa1cb5bc6c-ZRH alt-svc h3=":443"; ma=86400
GET H3	200	dashicons.css nicklee.tw/wp-includes/css/	58 KB 35 KB	2321ms 1593ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/wp-includes/css/dashicons.css?ver=6.5.4 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49451896c130cc23f0fd2236f731b080f9e058d8aa6b3326d76be86f41adf4ea Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Wed, 09 Dec 2020 14:33:16 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=62361 etag W/"5fd0e02c-f399" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS6eVtaJq%2Ffhbqoux03FHJtJjtMgYdqswu9paQvZWCTO7cM%2FX28jKkYUOZ9rzg%2BLi3Owj3TkW0TANP0v0e%2Brjd0YUfEwXSrjNTB39I5C3obYLu3tnLYrpUseKtM3"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 898644fa1cb7bc6c-ZRH alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	15 KB 823 B	525ms 53ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1f8d56903a6f1696eba09315204a9f1656effe1597170edf0d092f1b0f840108 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 23 Jun 2024 17:41:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 23 Jun 2024 16:10:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jun 2024 17:41:31 GMT
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	523ms 51ms	Stylesheet text/css	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cormorant+Garamond%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7fdb0ff9943eebe9649d8df1ab7d11235da0f5c3349fa16a991ca516003f068b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 23 Jun 2024 17:41:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 23 Jun 2024 17:41:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 23 Jun 2024 17:41:31 GMT
GET H2	200	jp-coupon-600x400-1.webp i0.wp.com/nicklee.tw/wp-content/uploads/2023/08/	25 KB 26 KB	173ms 28ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2023/08/jp-coupon-600x400-1.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 3a666fdf1a411e5a54d11d65ba924897c4bb77fa6a2ddefd49538739afcdf216 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 25760 x-nc HIT ams 1 last-modified Tue, 12 Mar 2024 11:25:31 GMT server nginx etag "569f266085545be7" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2023/08/jp-coupon-600x400-1.webp>; rel="canonical" expires Thu, 12 Mar 2026 23:25:31 GMT
GET H2	200	9d8870499a0bd0f463f81929869189a6 secure.gravatar.com/avatar/	898 B 1 KB	159ms 16ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/9d8870499a0bd0f463f81929869189a6?s=30&d=mm&r=g Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 151096da86c536d0bb60c8b0a7cca6ed7a0bb36d234a0c0ca76053ee1548d6bb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT ams 1 date Sun, 23 Jun 2024 17:41:31 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="9d8870499a0bd0f463f81929869189a6.png" accept-ranges bytes link <https://gravatar.com/avatar/9d8870499a0bd0f463f81929869189a6?s=30&d=mm&r=g>; rel="canonical" content-length 898 alt-svc h3=":443"; ma=86400 expires Sun, 23 Jun 2024 17:46:31 GMT
GET H2	200	all-ccard-cover.webp i0.wp.com/nicklee.tw/wp-content/uploads/2024/03/	14 KB 14 KB	158ms 15ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2024/03/all-ccard-cover.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash c8c05070a8949420c8db9b71d70731623e849cfffa403df2ee1aa0447f503dfa Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 14294 x-nc HIT ams 1 last-modified Mon, 18 Mar 2024 11:16:41 GMT server nginx etag "a839416aa3d40fee" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2024/03/all-ccard-cover.webp>; rel="canonical" expires Wed, 18 Mar 2026 23:16:41 GMT
GET H3	200	bic-camera-20240930-s2.webp bwh.5688123.xyz/attachments/coupon/bic_camera/	28 KB 28 KB	334ms 290ms	Image image/webp	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bwh.5688123.xyz/attachments/coupon/bic_camera/bic-camera-20240930-s2.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901f07f27140de519585c8d58dd73070a9e85c3c64ac24979ca3cf219cfed456 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT cf-cache-status DYNAMIC last-modified Tue, 14 Nov 2023 08:21:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 939 etag "65532e1c-6e24" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UfnVKDzH7mkOfZBfg6%2Fv4b7qynjT8dxOiOu030PiMGAdtplLzEMcJUtJSxmqR5VpB4fqfoAMaI5fcTm8ar3744Np8LVV2CkLzSJxXkxcAgQOvbRnvbm%2BbCTOAzzq"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644f54e2a366b-FRA alt-svc h3=":443"; ma=86400 content-length 28196
GET H/1.1	200 OK	boba-embed-icon.png s3.ap-southeast-1.amazonaws.com/media.anyonelab.com/images/boba/	942 B 1 KB	980ms 292ms	Image image/png	52.219.128.170 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.ap-southeast-1.amazonaws.com/media.anyonelab.com/images/boba/boba-embed-icon.png Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.128.170 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS s3-ap-southeast-1.amazonaws.com Software AmazonS3 / Resource Hash c81592f508aa065b848743c63d8b376b8357739f2e64102ad74524a6c5cb52d1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 17:41:32 GMT Last-Modified Mon, 25 Jul 2022 09:12:53 GMT Server AmazonS3 x-amz-request-id NJC8D1NM9MZ8A0M3 ETag "4246791f089954c7a2166ad34a3921c2" x-amz-server-side-encryption AES256 Content-Type image/png Accept-Ranges bytes Content-Length 942 x-amz-id-2 niYAWs2lh7DUzh82od5YT+nPsB6LbMK3vw0rY6NyYxOeNoJiYopHJQLp81t2OmPTq7aZc1ebrNc=
GET H2	200	e-202425.js Show response stats.wp.com/	7 KB 3 KB	138ms 14ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202425.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-minify-cache hit x-nc HIT ams date Sun, 23 Jun 2024 17:41:31 GMT content-encoding br server nginx x-minify t etag W/14421-1717166113344.7605 vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 alt-svc h3=":443"; ma=86400 expires Sun, 15 Jun 2025 22:10:52 GMT
GET H3	200	/ Show response nicklee.tw/_jb_static/	107 KB 35 KB	1492ms 803ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/_jb_static/??-eJydzTEOwjAMQNHbMOFaGaBlqDhLapmSKk6s2BHi9lCJAVbWLz19fChQLc7FUXNfUzFs0RnkCVrtHfuSE+H2mwdJZdjsiF/c7yxsuLZIfOsZtFWMZuy2a+rmVeDz+MsataS+26vMYQzTeA7T6XKgZQ4voORJlA== Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 8bece8d74c385ca5e0f7f951ae68226f5864062844dc837433be51159269be03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:32 GMT content-encoding br cf-cache-status DYNAMIC last-modified Wed, 19 Jun 2024 01:50:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-page-optimize cached x-powered-by PHP/7.4.33 etag W/"0ac92102d103e5de2185db4353a955c5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yViZgS%2BI3ukJbsww5KKQyc%2B5ys9v3qAYF7ys244p44Xhce80WbXnjrL13MjEPmdTJJfAmxe4xc2seSyTIlVwuLLHDgmelCZdKgTuR20Uqg8M1cmBTZ5ejS7deFgd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 898644fa1cb8bc6c-ZRH alt-svc h3=":443"; ma=86400
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	98 KB 31 KB	508ms 72ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9918551e389fa639ef7707f791a9185eee2d5ec7ba99192a2cbe53f7173d7005 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31596 x-xss-protection 0 server cafe etag 253 / 19897 / 31084717 / config-hash: 994685364493883849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 23 Jun 2024 17:41:31 GMT
GET H2	200	prepare.js Show response widget.funtime.com.tw/js/	634 B 849 B	2148ms 238ms	Script application/javascript	61.220.198.130 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://widget.funtime.com.tw/js/prepare.js?v1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 61.220.198.130 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS bear.wahoo.com.tw Software nginx / Resource Hash 1472220ae0de0e3982acc93dd3b7a2c337fd2ca48f9e39d95bbdd2aac47595f2 Security Headers Name Value X-Frame-Options allowall Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT last-modified Wed, 22 Nov 2023 08:05:47 GMT server nginx etag "655db65b-27a" x-frame-options allowall content-type application/javascript; charset=utf-8 cache-control max-age=2592000 accept-ranges bytes content-length 634 expires Tue, 23 Jul 2024 17:41:33 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	156 KB 51 KB	139ms 78ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 85a2cd0f6913bc78d4cfbb653457179b50343296febc6e472f8d88f4face2f88 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52663 x-xss-protection 0 server cafe etag 17990320914841075089 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 23 Jun 2024 17:41:31 GMT
GET H3	200	jquery-migrate.js Show response nicklee.tw/wp-includes/js/jquery/	19 KB 6 KB	1960ms 1279ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/wp-includes/js/jquery/jquery-migrate.js?ver=3.4.1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82815a7dba0c18a1092121e80005ee37b0390b8b755a6dc8ba03e199ed3a2501 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Thu, 10 Aug 2023 01:36:16 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=31978 etag W/"64d43f10-7cea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtYsPlmIEHBz1w%2B7NCoxyvBexRb7%2F2Tf4f8TfrhydcdHeWKDh6lfd%2FPapsz5USnS8UxUprz%2Bu0fGzo21EzxWzCa0p98mXLcL3KKdFCzeM%2FW3bjOpOCz%2Bew44SKdr"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 898644fa1cbbbc6c-ZRH alt-svc h3=":443"; ma=86400
GET H3	200	jquery.js Show response nicklee.tw/wp-includes/js/jquery/	138 KB 41 KB	1270ms 590ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/wp-includes/js/jquery/jquery.js?ver=3.7.1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 508a8d88a4db7b5ef87b1d5b6fc60e56b7c5384b75b75b10e77f298ea108b510 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 14 Nov 2023 02:42:41 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=285334 etag W/"6552dea1-45a96" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0T0%2BcWc%2FqnLpabvWB3nZelWv5CwHXz0YxmFQVAJqswBuo7qsYg5AzZoAh82JHUhiVqAwfWaqqCdupbB%2BY6jyFaM%2B8Zf4H0FC3FstN6hu2mKu%2BzRT%2FeiE4KaSli3B"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 898644fa4cf5bc6c-ZRH alt-svc h3=":443"; ma=86400
GET H3	200	farm-tomita-cover.webp nicklee.tw/wp-content/uploads/2024/06/	86 KB 86 KB	1827ms 1820ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/06/farm-tomita-cover.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aeb790c211094dbb9d63d337a4e1bfea854c118051b0045f49fe7764b039f35f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 07:08:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "667526e9-1560c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Md%2FdcEDPw4J6aX0NQ45LMWXD4Q2rySVF4LL0kHo%2FOLrqNhDm%2FW6iMstqusvAEKpX5L%2FOKZwhR6ZkKY%2F2dS6KoMofwHXNH5gAsymjGC%2BWtstT9L88z6YZtfEGHHDp"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fb6e07bc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 87564
GET H3	200	jwp-kansai-sanin-cover.webp nicklee.tw/wp-content/uploads/2024/01/	63 KB 64 KB	1560ms 1553ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/01/jwp-kansai-sanin-cover.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46fdf39457d064e405a947e56ea4a6437666a795ba93b105fef4ecfdb833e5a1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Thu, 01 Feb 2024 01:29:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65baf3f4-fc62" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rcnYdzcducB%2FD8v2siRQnq7AKaGlVxpRwC0z60HLjhOxLZh%2FQB1nFk1LW4xwJJU2LataL53mDJ%2BQgvivWmb9ZZ3kE8Wocam3s1Kf85tYs9R5VDw7YqK2LHckC2b"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fb6e0abc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 64610
GET H3	200	kusatsu.webp nicklee.tw/wp-content/uploads/2023/05/	61 KB 61 KB	1511ms 1504ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2023/05/kusatsu.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f90852dd0b11eec20f097d217ff6f5b0962372791e81c692d351b026d3563396 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Wed, 28 Feb 2024 05:05:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65debf26-f326" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HCGTrEZj55R8H3B3dI6CaBBU3qIrUGSh5fSt3hgOLqIksdXaagDnqE8bxaHR4JZdK3xj4JZgY4pdlP4U78NxKgM97VMP78pc6yNJJiQdvNchXsuvrwwmrlId8kC"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fb6e0cbc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 62246
GET H3	200	sunfish.webp nicklee.tw/wp-content/uploads/2024/06/	43 KB 43 KB	1437ms 1430ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/06/sunfish.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 184568f3d0342d3703bd915d36c02913eeb759d9b4475f3113817b570a4b2668 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Tue, 18 Jun 2024 07:50:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "66713c2b-aadc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6KcdUPUm7NNUT947OOTb5YHpjOH2t5xgJ0DX5boU6UztyHOMRPKr2TawA5YQCqLURmr61wc5SeSS%2FR8AfLwkQdM3lMdUmZJGaL0mQCLZ3dlsg3UVM1w%2Fc0OBid3"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fb6e0ebc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 43740
GET H3	200	jp-coupon-600x400-1.webp nicklee.tw/wp-content/uploads/2023/08/	36 KB 37 KB	1228ms 1221ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2023/08/jp-coupon-600x400-1.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47feab7432efd81f78c8ac9518fe954e8f400bc2dbf11c52cd74115a825caee8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Tue, 26 Sep 2023 06:03:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6512742f-90c2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5ARydlgYOSyziscd9SHYUKH24Vi9XplUCcZcvBec2Wp%2Bq6FxdK88YbkaKDkT3FZkyGtXqwJUh04J0Rx%2Bq%2Bp2jqaOV9h9n5AMWTPqa4yeLmoIStT9wjVR%2FgL8quu"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fb6e0fbc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 37058
GET H3	200	miyakawa.webp nicklee.tw/wp-content/uploads/2024/06/	61 KB 61 KB	1593ms 1586ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/06/miyakawa.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 439969949616bb7c0a831aa532ec6f16d986e0dd7e7ec20355f612b8ebe049f6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Mon, 17 Jun 2024 12:05:51 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6670269f-f210" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Le7uMhzj2dQldBqaX7BgSNBkvImn1pKJTnDFTIn6N%2BZpfkkwn6TUWuky%2FhaRh4L1Ajvl1O3i4XecHL%2Fx%2F10N20MS0h633R3qDawGPKLPPoxrUYAOC0BX2%2B%2B28Nb3"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fc1ec4bc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 61968
GET H3	200	oap-cover.webp nicklee.tw/wp-content/uploads/2024/03/	64 KB 64 KB	1305ms 1298ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/03/oap-cover.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d27ea19466bb79f37131a5db6d4fefff6e4ffa2b0d0095af18c5f0db0b420db Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Sun, 31 Mar 2024 11:14:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "660945aa-10008" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgMsbfOtphPQLlOukK9Mv9Jhioh7GMz5e8ScvBNMRZNMCm0NWuaGb4e%2BCE46j8%2BKfqJIqVH8Oushcfh0e9%2BLOpLZjYrKPRV3rx2gmB882YwIQiDJUBaSAiQCudcS"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fc4efbbc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 65544
GET H3	200	folkloro.webp nicklee.tw/wp-content/uploads/2024/06/	44 KB 44 KB	837ms 830ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/06/folkloro.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9c331b14347f1c7b6b1a68f15665f64d65b007f3550067a81d2942a91401d5d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:32 GMT cf-cache-status HIT last-modified Tue, 04 Jun 2024 10:08:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "665ee794-af7c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BXD8vqocR%2F0xvOlRdlc1JQk1fT4ngFYeAuLowizB2amI9qC4s4%2F0RUl3q%2FnT9hx0G7OHR8OUrToqPjcpee%2B2PdEzPFHVbzWX3HaX63IMfSYkQAEj0fbLqhlJHgQa"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fc4efdbc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 44924
GET H3	200	y-transfer-app-360x200.jpg nicklee.tw/wp-content/uploads/2023/09/	18 KB 18 KB	1339ms 1332ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2023/09/y-transfer-app-360x200.jpg Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61e9a6cdf8aa33ff93f8e41af937b84aa974eca55f94ba5dd018c334b7a670c9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Mon, 04 Sep 2023 12:43:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64f5d0f1-478b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbzvrQD%2BEBIajeIbsyEa%2FvejH2i4M262JVID88l9Jn2CvkhIsiaUp2zmAMVfpq0yYCeLxZf7lfHw%2BMd8WnX81AseMl2nxH8u3I88O%2FA3UjDfrckanO5TxE%2F58Hry"}],"group":"cf-nel","max_age":604800} content-type image/jpeg accept-ranges bytes cf-ray 898644fc4f00bc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 18315
GET H3	200	finance-cover.webp nicklee.tw/wp-content/uploads/2024/03/	32 KB 32 KB	1323ms 1317ms	Image image/webp	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nicklee.tw/wp-content/uploads/2024/03/finance-cover.webp Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50e0da3713a48688429f5219851345cf1926cb1577a3cab32cdb1259dd6d8fc9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:33 GMT cf-cache-status HIT last-modified Thu, 14 Mar 2024 10:33:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "65f2d27b-7fce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWaePi4czO432xIcqHNxcIG81L%2F3wXT4RYTitxN1SCIf25ExQP%2BnZgqtwzFOgxX%2FL6NG1%2BHIPJStgm2Wk825yp%2B0VjrUxZQ1HRbQLw338cMUEodvG9fakyhSQwDZ"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 898644fc4f02bc6c-ZRH alt-svc h3=":443"; ma=86400 content-length 32718
GET H2	200	vjw-2024-cover.webp i0.wp.com/nicklee.tw/wp-content/uploads/2024/02/	24 KB 24 KB	43ms 31ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2024/02/vjw-2024-cover.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash ee2fdf86eca9610172dae13457403b6341bf248444bc047b91e6fb32c5c5c129 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 24304 x-nc HIT ams 3 last-modified Mon, 19 Feb 2024 02:46:31 GMT server nginx etag "e0eb988a1964f7b9" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2024/02/vjw-2024-cover.webp>; rel="canonical" expires Wed, 18 Feb 2026 14:46:31 GMT
GET H2	200	farm-tomita-cover.webp i0.wp.com/nicklee.tw/wp-content/uploads/2024/06/	28 KB 28 KB	27ms 19ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2024/06/farm-tomita-cover.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash a41d37b8190438abbd5e355f9c9d0573750c7eb865c2e4dbbe25d3e5be1099f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 28498 x-nc HIT ams 7 last-modified Sat, 22 Jun 2024 13:53:41 GMT server nginx etag "bd4cc3699223d5fc" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2024/06/farm-tomita-cover.webp>; rel="canonical" expires Tue, 23 Jun 2026 01:53:41 GMT
GET H2	200	jwp-kansai-sanin-cover.webp i0.wp.com/nicklee.tw/wp-content/uploads/2024/01/	35 KB 36 KB	39ms 31ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2024/01/jwp-kansai-sanin-cover.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 6555b967383aac9a8723d96ef1e0ee90d767e6152b61b5648a218923cabebbc6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 36042 x-nc HIT ams 3 last-modified Thu, 20 Jun 2024 07:55:52 GMT server nginx etag "33c12fcc7e6d4f3c" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2024/01/jwp-kansai-sanin-cover.webp>; rel="canonical" expires Sat, 20 Jun 2026 19:55:52 GMT
GET H2	200	kusatsu.webp i0.wp.com/nicklee.tw/wp-content/uploads/2023/05/	10 KB 10 KB	39ms 31ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2023/05/kusatsu.webp?resize=500%2C330&ssl=1 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash 7ca927efb9d32290e58afe624dcd020165de3cfb33537d370e189b296cae4ce8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:31 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 10088 x-nc HIT ams 1 last-modified Thu, 20 Jun 2024 03:07:28 GMT server nginx etag "f2f19511ad7b93d4" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2023/05/kusatsu.webp>; rel="canonical" expires Sat, 20 Jun 2026 15:07:28 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	162ms 30ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bwh.5688123.xyz Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 15:27:45 GMT x-content-type-options nosniff age 440026 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 15:27:45 GMT
GET H2	200	co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2 fonts.gstatic.com/s/cormorantgaramond/v16/	20 KB 20 KB	226ms 96ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorantgaramond/v16/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cormorant+Garamond%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bwh.5688123.xyz Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 15:15:58 GMT x-content-type-options nosniff age 440733 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20648 x-xss-protection 0 last-modified Tue, 09 Aug 2022 02:18:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 15:15:58 GMT
GET H2	200	co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2 fonts.gstatic.com/s/cormorantgaramond/v16/	20 KB 20 KB	208ms 93ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cormorantgaramond/v16/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-I.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cormorant+Garamond%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&ver=1.0.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e15b441759854e4477fe214540848ceb993199d31c04bc59691dde7ed5621eb7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://bwh.5688123.xyz Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:59:08 GMT x-content-type-options nosniff age 441743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20168 x-xss-protection 0 last-modified Tue, 09 Aug 2022 02:13:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:59:08 GMT
GET		fontawesome-webfont.woff2 nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/	0 0
GET BLOB	200 OK	ffc5ed44-97aa-4f65-a37f-80c0c31a4c01 https://bwh.5688123.xyz/	5 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bwh.5688123.xyz/ffc5ed44-97aa-4f65-a37f-80c0c31a4c01 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e96379eb4b6430c032586b48e70b2b5f6e8c0a346f3efd89ad20aca93ca09d11 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Length 4729 Content-Type text/javascript
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	130ms 59ms	Script text/javascript	2606:4700:10::6814:1247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:44:16 GMT server cloudflare age 78493 etag "-375139978" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 8986450daea18fe8-FRA content-length 4547
GET H3	200	cropped-%E5%B0%8F%E6%B0%A3%E5%B0%91%E5%B9%B4%E9%A0%AD%E5%83%8F-1.png i0.wp.com/nicklee.tw/wp-content/uploads/2023/09/	2 KB 3 KB	14ms 13ms	Other image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://i0.wp.com/nicklee.tw/wp-content/uploads/2023/09/cropped-%E5%B0%8F%E6%B0%A3%E5%B0%91%E5%B9%B4%E9%A0%AD%E5%83%8F-1.png?fit=32%2C32&ssl=1 Protocol H3 Security QUIC, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i0.wp.com Software nginx / Resource Hash d01f4255f28990f0da00922181a46e28b1cba14b77e9c4dd9c303898d147d4ee Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:34 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 2232 x-nc HIT ams 4 last-modified Sun, 18 Feb 2024 19:57:53 GMT server nginx etag "42a37294cfcb698d" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://nicklee.tw/wp-content/uploads/2023/09/cropped-%E5%B0%8F%E6%B0%A3%E5%B0%91%E5%B9%B4%E9%A0%AD%E5%83%8F-1.png>; rel="canonical" expires Wed, 18 Feb 2026 07:57:53 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/	431 KB 145 KB	102ms 102ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash b959081b7191d9ce130b2eeabe47e4ec1b10750bfd2cc6c8b4da2198e104ba4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148826 x-xss-protection 0 server cafe etag 2192770868301345311 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 23 Jun 2024 17:41:35 GMT
GET H2	200	/ widget.funtime.com.tw/ Frame 3FCE	0 0	916ms 291ms	Document text/html	61.220.198.130 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL https://widget.funtime.com.tw/?bfrom_city=&city=&theme=white&ad_name=nicklee Requested by Host: widget.funtime.com.tw URL: https://widget.funtime.com.tw/js/prepare.js?v1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 61.220.198.130 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS bear.wahoo.com.tw Software nginx / Resource Hash Security Headers Name Value X-Frame-Options allowall Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 23 Jun 2024 17:41:35 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-frame-options allowall
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/	464 KB 145 KB	157ms 20ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash f40e23ed3e42b0bfee05cb46d8ebc0982b6d05e2a4c7398bf9e8f680f5a0f4c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 12:08:56 GMT content-encoding br x-content-type-options nosniff age 19959 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147919 x-xss-protection 0 server cafe etag 11576365170569119095 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 23 Jun 2025 12:08:56 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	69 B 82 B	185ms 52ms	XHR application/json	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bwh.5688123.xyz Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a22c24b2eb5b339d961f13f231c0613af7d08a886f3c187afad279491edd4fae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58 x-xss-protection 0 expires Sun, 23 Jun 2024 17:41:35 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 178 B	129ms 15ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&blog=80494435&post=0&tz=8&srv=nicklee.tw&j=1%3A13.5&host=bwh.5688123.xyz&ref=&fcp=1779&rand=0.8027425114817552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 23 Jun 2024 17:41:35 GMT cache-control no-cache server nginx alt-svc h3=":443"; ma=86400 content-length 50 content-type image/gif
GET H3	200	twemoji.js Show response nicklee.tw/wp-includes/js/	17 KB 5 KB	439ms 426ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/wp-includes/js/twemoji.js?ver=6.5.4 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ade52260ad86871776c42acac58a2d5ba4c184dc7f54139d6a34af11343ca23 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 08 Apr 2024 11:37:52 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=32934 etag W/"6613d710-80a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ719aPnU2LRPPbJ0yBz%2FPwmM69pAlss5Dw%2FFcPNbhK3S3t8wXfxR8nBW1g%2FbOQ4eIVt9bD%2BRGuLm15XWZJenXzQmVO2pNHqRXsyN1W8MN0CnzK9%2FQmazTT42yRu"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 898645112caabc6c-ZRH alt-svc h3=":443"; ma=86400
GET H3	200	wp-emoji.js Show response nicklee.tw/wp-includes/js/	4 KB 2 KB	1329ms 1316ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nicklee.tw/wp-includes/js/wp-emoji.js?ver=6.5.4 Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1528c535d339849cea1f4b18416229bd962819949c62574dcd184cdfa6d056b2 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 04 Apr 2023 15:26:01 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=8969 etag W/"642c4189-2309" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGyFVhpdG6Agds%2F00Isuya4F5tP3Fh60TDcfw43NhPzRTST0reE%2Bv60wbooNxMdAIVs9U4IRAr2eaCffqMnpsB09TKP611ZLb%2FgSg0%2Bb1qMLZwV7PV2MYFNC1VnX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 898645117d12bc6c-ZRH alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	94 B 228 B	338ms 112ms	Script text/html	149.56.240.129 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?2824185&@f16&@g1&@h1&@i1&@j1719164495397&@k0&@l1&@m%E5%B0%8F%E6%B0%A3%E5%B0%91%E5%B9%B4%E7%9A%84%E9%83%A8%E8%90%BD%E6%A0%BC%20%E2%80%93%20%E6%97%A5%E6%9C%AC%E8%88%87%E4%B8%96%E7%95%8C%E5%90%84%E5%9C%B0%E8%87%AA%E5%8A%A9%E6%97%85%E8%A1%8C%E5%88%86%E4%BA%AB%E8%88%87%E6%95%99%E5%AD%B8&@n0&@o1000&@q0&@r0&@s0&@tnl-NL&@u1600&@b1:-101620584&@b3:1719164495&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fbwh.5688123.xyz%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns534297.ip-149-56-240.net Software / Resource Hash 2f35b5434fa086f79bd9396d932994604eda51f78c172871ba6ea63fab86d2aa Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 23 Jun 2024 17:41:35 GMT Connection close Content-Length 94 Content-Type text/html;charset=UTF-8
GET H3	200	zrt_lookup_fy2021.html pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame E48C	0 0	72ms 25ms	Document text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 21494 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4164 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 11:43:21 GMT etag 9187630395144177108 expires Sun, 07 Jul 2024 11:43:21 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	403	ads pagead2.googlesyndication.com/pagead/ Frame 5F39	0 0	60ms 52ms	Document text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9791417877380191&output=html&h=600&slotname=8034104054&adk=2478211379&adf=3256859905&pi=t.ma~as.8034104054&w=160&abgtt=1&lmt=1719164495&format=160x600&url=https%3A%2F%2Fbwh.5688123.xyz%2F&region=test&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164495068&bpp=8&bdt=4194&idt=586&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=8135710401483&frm=20&pv=2&ga_vid=2138301479.1719164496&ga_sid=1719164496&ga_hid=660746068&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1275&ady=777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084687%2C31084689%2C42531705%2C95331689%2C95334509%2C95334529%2C95334573%2C95334579%2C95335896%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566201584540820&tmod=1405194135&uas=0&nvt=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=681 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 17:41:35 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	134ms 68ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 3cfc8968b7a9774892d90cc0fc3025a71da418f371b37de9870138bb281b0d09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12683 x-xss-protection 0
GET H3	200	ads pagead2.googlesyndication.com/pagead/ Frame 0A2C	0 0	37ms 36ms	Document text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9791417877380191&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719164495&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbwh.5688123.xyz%2F&region=test&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_16~30_19~27_14~29_18&aiixl=28_4~30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719164495367&bpp=12&bdt=4493&idt=404&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=160x600&nras=1&correlator=8135710401483&frm=20&pv=1&ga_vid=2138301479.1719164496&ga_sid=1719164496&ga_hid=660746068&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084687%2C31084689%2C42531705%2C95331689%2C95334509%2C95334529%2C95334573%2C95334579%2C95335896%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566201584540820&tmod=1405194135&uas=0&nvt=1&fsapi=1&fc=896&brdim=180%2C180%2C180%2C180%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=491 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 17:41:35 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	124ms 57ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9791417877380191&plah=bwh.5688123.xyz&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 23 Jun 2024 17:41:36 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	41 KB 16 KB	65ms 64ms	Fetch text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=3566201584540820&correlator=2492809997669400&eid=31084400%2C31084740%2C31083016%2C31084717%2C95332150%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406180101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=124885136%2Cnicklee_home_160x600_PC_test&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&sfv=1-0-40&sc=1&abxe=1&dt=1719164496107&lmt=1719164496&adxs=1275&adys=3268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fbwh.5688123.xyz%2F&vis=1&psz=270x600&msz=160x-1&fws=4&ohw=270&ga_vid=2138301479.1719164496&ga_sid=1719164496&ga_hid=660746068&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719164490874&idt=5113&adks=1447545451&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash e05439d66d3fa4d8da6f234b2fc62955a8c47bd0b3548ff90b3c8697a3fd36ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16718 x-xss-protection 0 google-lineitem-id 5835383271 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138371471507 content-type text/plain; charset=UTF-8 access-control-allow-origin https://bwh.5688123.xyz cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html a7b7998a97c7f88bea5f60162a3a388c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9906	0 0	341ms 35ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a7b7998a97c7f88bea5f60162a3a388c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 17:41:36 GMT expires Sun, 23 Jun 2024 17:41:36 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		fontawesome-webfont.woff nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/	0 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame BBFE	0 0	107ms 43ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 9858 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 14:57:18 GMT expires Mon, 23 Jun 2025 14:57:18 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 94F4	0 0	101ms 100ms	Fetch image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssbXcoTvydWweKS4q28avf6wUzcfKw_2F3D7Tfmtu1Z5S-je9o0wQqH5lltAUiM8T3DWnDZYwanb0XsZitbTl1UjxUty5-X-PyvHZjDckxAiKprWqUUW_HiqK3kSGSTLIyUX9hdx0-u0vAlEFQzwEOcIT2Tbrn2Zy-XgMSA2uhnyoyF9qqB_Uwe0W7vFYZ8mNB6dI6grIwNo23RfDXAzZ9F71glliI37f_vXOm-M8w54j4AvDZexld6jmdfrZimwcoZnLRBAwoRUqj1FVpBbQpCrP1DTn1drX3KfaWl7dlhck1jljyWhxEWWwlW0MWGAdB1gxM4ctAU0V4ElHat8jdB5Xe9sl0XkkeYHH9Uk4hEhv7PDYZt2uFoWQlkW7FKON6Vqts&sig=Cg0ArKJSzFE-GqTPIhWVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/ Frame 94F4	23 KB 9 KB	28ms 28ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240620/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash f0af53a1ec82b356c4ce2c4c5445d2549cd8a828ba7161df04ed2270d4ede463 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 16:20:35 GMT content-encoding br x-content-type-options nosniff age 4861 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9325 x-xss-protection 0 server cafe etag 6167529555892538299 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jul 2024 16:20:35 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 94F4	97 KB 31 KB	137ms 137ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 055452c53b623cf718c94e832a7b723e5bf17553ab98c00ee59b856932df93b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31464 x-xss-protection 0 server cafe etag 374 / 19897 / m202406170101 / config-hash: 994685364493883849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 23 Jun 2024 17:41:36 GMT
GET H3	200	db1e095267d4b1814b7f71b88cdeaf6d.js Show response cdn2.sales-frontier.com/js/ Frame 94F4	464 B 1 KB	273ms 120ms	Script text/javascript	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.sales-frontier.com/js/db1e095267d4b1814b7f71b88cdeaf6d.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02a73c76aa12a0b231a7c21c792d817f7f0453ac4c6f3dedf4a96375e0e7d15c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ABPtcPrua8Pyilt14TvMqwjY3vgBcyYvpOlQ7z-G8hjU21Mfr5Xs_D-78quxzH1EcA__LxWspyE x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Jan 2021 06:55:38 GMT server cloudflare etag W/"e2deb349343b47cba34973d0f32c1fe1" vary Accept-Encoding x-goog-hash crc32c=zjUOTA==, md5=4t6zSTQ7R8ujSXPQ8ywf4Q== x-goog-generation 1611125738483243 content-type text/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBUckmg4eqdT6p%2Fe6VMtjMmhCYyzmTKCJf5g7LQVyhho6KqWsb8fq%2Fwfu30Rh2oiIF5ydIVQnTBb%2BLfdwz6FMuG1sDVACvOlldxcaNuA3YgU9u9gIhxFOtcHD7QF6KkBmWPUa2jRIEgLEA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=14400 x-goog-stored-content-length 464 cf-ray 89864517fe5018df-FRA expires Sun, 23 Jun 2024 18:16:17 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 94F4	211 KB 65 KB	26ms 26ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js?cb=31084717 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash c399b7bdfe397ba580791d798d7e570fc6a4fe438105d0a8401348d15c085c90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:20:36 GMT content-encoding br x-content-type-options nosniff age 1260 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66383 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 23 Jun 2024 18:20:36 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ Frame 94F4	463 KB 144 KB	51ms 44ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash 89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 16:17:17 GMT content-encoding br x-content-type-options nosniff age 5059 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147664 x-xss-protection 0 server cafe etag 1926151935331161023 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 23 Jun 2025 16:17:17 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/ Frame 94F4	69 B 0	46ms 46ms	XHR application/json	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bwh.5688123.xyz Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a22c24b2eb5b339d961f13f231c0613af7d08a886f3c187afad279491edd4fae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58 x-xss-protection 0 expires Sun, 23 Jun 2024 17:41:35 GMT
GET H2	200	2721.svg s.w.org/images/core/emoji/15.0.3/svg/	880 B 820 B	130ms 13ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/15.0.3/svg/2721.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash 2773cc563ba9d80d5263f3c314f05b1f262eab98ada36f8029f78d1e25473ad2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT ams 1 date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br x-content-type-options nosniff last-modified Tue, 30 Jan 2024 01:18:13 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=315360000 alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 94F4	361 KB 96 KB	166ms 63ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NV3WHPK Requested by Host: cdn2.sales-frontier.com URL: https://cdn2.sales-frontier.com/js/db1e095267d4b1814b7f71b88cdeaf6d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cd7283b44a2ec7bf23ee9491cb20b36cde08842380bda1b3fe39b11bb59a70b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 98177 x-xss-protection 0 last-modified Sun, 23 Jun 2024 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 23 Jun 2024 17:41:36 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 94F4	0 0	183ms 179ms	Fetch image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 17:41:37 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 94F4	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 46baec986410bf07ba60be7456af0e1d0a7da8819b6b4db203dcc6ffbaea7eac Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/ Frame 94F4	516 B 260 B	56ms 50ms	Fetch text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2409096618554911&correlator=1364880000479828&eid=31084728%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fif&ltd_cs=1&iu_parts=7682122%3A124885136%2Csf_nicklee_home_160x600_pc_test&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1719164497244&lmt=1719164497&adxs=1275&adys=3268&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=k3aq1cre857l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&nhd=1&url=https%3A%2F%2Fbwh.5688123.xyz%2F&ref=https%3A%2F%2Fbwh.5688123.xyz%2F&top=https%3A%2F%2Fbwh.5688123.xyz%2F&vis=1&psz=0x0&msz=160x0&fws=256&ohw=0&ga_vid=988503193.1719164497&ga_sid=1719164497&ga_hid=1598213519&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719164496425&idt=758&adks=3751507356&frm=23 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash d77739f5254f1d6c4eac32ecfe422971d48e1902807aaa967a61c5b7f8a29e85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 231 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://bwh.5688123.xyz cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html dd77e9e90e580047a1125020a0449343.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64E7	0 0	47ms 27ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://dd77e9e90e580047a1125020a0449343.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 17:41:37 GMT expires Sun, 23 Jun 2024 17:41:37 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 94F4	0 0	327ms 326ms	Fetch image/gif	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst3s_o_0VIokVE9FTNVHiB5IRM2N71Ic5uSH-wZARxsBj9C-mQtVyfBlu5-yV6XyR7g9bKKu-0grAA-LKu8g97-LESFVvhW1idwjeJFWusyupUKxRcvFe0JeWOMUAmkOgVNvRNOKBDdZ6amZUNPbx7qe_pBUDx2kz8LB61GpKe_ag2KC4hU_ET7GKyHUJdoykUHCTfclcaPqQrRHxxyb90OuWTs68Plksyz1A4uizGpgJ6bSRUsYwpUj4ki-n63NhX5-ShkxXynb3nWeziyle59QCIiDs6jKOFI5V30UCPWysUbHQne8711PXlqzGwXExwtxqLjRi2LkJF_uyO_sZiHJ-60uUzag4JbkO5wV4UrWmwYyWUhsuwTmcqWMn2JRGoXMiOBHw&sig=Cg0ArKJSzCNZrO8NgzH3EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:37 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 94F4	17 KB 13 KB	72ms 71ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash d133f0f225d79eb2afd018d7b86cce471f6d543bc148ff0740fca52d4591c251 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:37 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12846 x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 94F4	266 KB 93 KB	59ms 57ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NV3WHPK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 477aa32ef5e0d9cacdaf7af0692ee3695603b4c04544cb24772638f33d246c9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94886 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 23 Jun 2024 17:41:37 GMT
GET		fontawesome-webfont.ttf nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/	0 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 94F4	17 KB 0	124ms 57ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 23 Jun 2024 17:41:36 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 23 Jun 2024 17:41:36 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E89	0 0	1ms 0ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://bwh.5688123.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 9858 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 23 Jun 2024 14:57:18 GMT expires Mon, 23 Jun 2025 14:57:18 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.analytics.google.com/g/ Frame 94F4	0 0	235ms 19ms	Fetch text/plain	2001:4860:4802:32::36
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-3S3JP22CEQ&gtm=45je46j0v878947337za200&_p=1719164496782&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=988503193.1719164497&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=1&pscdl=noapi&_s=1&sid=1719164497&sct=1&seg=0&dl=https%3A%2F%2Fbwh.5688123.xyz%2F&dr=https%3A%2F%2Fbwh.5688123.xyz%2F&dt=&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1516&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 17:41:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bwh.5688123.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/ Frame 94F4	0 256 B	241ms 23ms	Ping text/plain	2a00:1450:400c:c0b::9d
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3S3JP22CEQ&cid=988503193.1719164497&gtm=45je46j0v878947337za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3S3JP22CEQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9d -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 17:41:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bwh.5688123.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/ Frame 94F4	42 B 409 B	428ms 171ms	Image image/gif	2a00:1450:4001:82a::2003
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3S3JP22CEQ&cid=988503193.1719164497&gtm=45je46j0v878947337za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=1&z=889243064 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 -, , ASN (), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 23 Jun 2024 17:41:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/ Frame 94F4	219 KB 59 KB	220ms 23ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: bwh.5688123.xyz URL: https://bwh.5688123.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 -, , ASN (), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://bwh.5688123.xyz/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 23 Jun 2024 17:41:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1297, tbw=2765, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug 0iBwaQ4MhrQhHjDxNFeBe40vLXEERZ7b1SQWmi6VjuUhkCl9RJN9TxiQYc//SNI+YHS0gItkHz0XBcyOQxUJ3A== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET		sodar pagead2.googlesyndication.com/pagead/ Frame 94F4	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

nicklee.tw

URL

https://nicklee.tw/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf

Domain

nicklee.tw

URL

https://nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain

nicklee.tw

URL

https://nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/fontawesome-webfont.woff?v=4.7.0

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=3566201584540820&bg=!ERKlEl3NAAb64txl2uI7ADQBe5WfOPu3ropEW47ulpe9VYK3VYhZ_vJ5ZIlzER-3U-LaiPA5apb26GaNSGWhlVXOjoWgAgAAAcRSAAAABWgBB34ANn7DPgsw8FgRmjRSjKoHE0jZAzKQSazZos9gUGjF-jraISjqHzTyAFn5kfMkRFXVvAxqx9fAWgoAUnRgGG-smQviW9rsUk8nssk6YXBgVZp21yAI4M3cDo0JXZJ4IKsRf9G9xQZpvqFTm_3QzvG871yntOQ73aleQkCAOZd4OVluDy2tAePRH0ubt3-ZAsinb04eSY_ui3sNz2YfbPRKxiie2y9bPx_AsRd3sFzryLDhA0yo5Rk1K37bG8pq_IKlZ7M-WFFWS7JlftYv80NTQhoLLiH8q1zrK9m52djHnC8Q55XAx1m2cV-lQk0e5fqjQdWsOdVD1IzBt2CsKbcuzdJIXsJwN1FtUeWtUFVlb1J4UOBzU0jaZOAI-JZ_1utW6MYsn6B6TEUQ49U5utWkKu9AdEjFlH1beqhRLzP1k7THb07DsARBTnejvnLWeSZDU0QNvHICwuxlB-y4_ykXKAjDV9p426VYrgrl2ldjQduXnxHdny4K4MLFwEkEfG6ZLv0DSb8jBA_t5BQ1GcOZthwuyOLj-3BT5MD_rZErJmLbGfVtzso_S3Ys8H4HiFz-sfYN6lQUPEJ04R1ykZpA6i7UmV4Nic6c58cxlf4Z84uL5BjZ1WFVgeQvcFj2mJt674U_VVrucVJ5JCPs-69KLvX1B5FdYdktjo9UMzNgPGuMJshJ8Q8DIAUObNC4vT82vWo0Xa4R1FVz0gB1bsZFBfhOKO9QWZTD6EoEm-oQBRZ4nyyte4onfBnFQOByCvcO_NvMpK5jaO3y7I6Cpt-UcpGH5dIxSqgHgQ_Srvongtc5Y2whbmdyxYwUq2GsZMPub0nRK5Bd2ZoXpqM9JS-AtQ4hmnFxNiBOuMf99I_jpK9-Gf8991uG7sei_5eSpTuR9dC4Q8KIUqUUtVXkjGoFYN3Sj8aE6_VuBYCArl7yeMA0DWhz45qQa7tSH7qyerLGuuTJf_Tcd2l7DR7JTQ75ARb7S53eOMvj4Cu-S7zvrym9s6WvH6RKGRA0D-VJoOROztX0ABzJiGbDutR7Ig83gF5Hkw7dE5f5ZOXbaI44WcQ8KY6Mfjn8jI6XRcDI2nK8oiIi_cqusVaCxpkGl6AxMmkS2VWtsI5wzwVkedbefv3mom4vSeYV

Domain

nicklee.tw

URL

https://nicklee.tw/wp-content/themes/graceful-pro/assets/fonts/fontawesome-webfont.ttf?v=4.7.0

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=2409096618554911&bg=!kZKlkt3NAAb64txl2uI7ADQBe5WfOKqxCEPrlBGZrVAgjrfP8f2WjV96DSQuzLdEFgX2mX34oFT_SKuvaeArjFEJ6zBxAgAAAYBSAAAACWgBB34ANvXBtVgQDbfhbQbPYVsQ7wcDARH9pWvEb7SCVzzcWwNUq-gaql4uk3SVP0oxX1m-UvGCxnDWBpkC9nuQZafYE8-FOZmHNZPTDZamomRPYELXmt7W3Jaib5Op86RSJd0maeWIt8Wkcu8GcLT157dSEu4FDJCfnETEfDQoIMXSsFsFl6lZE7dej7OWFdaO7CoipEZkEsaq16vt8w7LfC6PBQcUuFZ8JFCtZtUqLrHVRjCEfXlYmGhQaNnvVdvRx2oj_0FTHQv5lyBXgCyzKC3HSUqBZs7ThS9axBdvjstsR_kuI4kqDIjBjfxWcMHk8dOw9W6ENfw69KGG6lMTFtF3AcqwkW4jPEQyISYooJokM9iCqV36K6y9BN7rWKrGrUz-Xjdxn6fIYaGrFGRla0xuMZ5gkg7EK7ayWBQK7DjQCtynCu9fSLNZbW4WZMUJYlID9n_-oNTBZeAUjt1lof3ewZ9a-vVlKD0eFTHBX2vZD_xHxPDjs5xmg3kf2m75M4svgrdgSMnIEQZfksdhSTMMivZHvet8m2w7IUWLpvcOc1RqIIVxmX1heMWy_9h2JkuJIMbsNYBHnh-u25Nb8gOP0rS9kXtsi77xPuKMAZHxHjGaYhpk6JJ-UAsE47b2x8meBlE80fnWur8ENDHX-6Kfzp8bHd9BLoHx-DpR1xe05I-D4B8nXoAjZTMsEtT4h3v-YZE91tqRvdheTBSpNT5qS9ur9lR1QMAyd5eZUG1bKIHrPMwhCIXKWEPZklPw-rYAiSoWUD3Fj4yt2UcTOBwUk1tKS-EBy77ghnC-DyWZTvAdL_Jjzhs5MgQX0mRh1Ta86KW0TORuWiE5sulDM4yKFUFoCUaYojcyngj5VSVIKRkTYOVJAatFGV67s0mZnbCdauZPMXKbaMRuq8C8blvkJ2RytuS03UuXIgyfmWiWf2WrzN68LukTLt_0FQtmnIDpSYK19P4q8P6_RAOv4GOrsRxFW-nqnHYxcax0UvG78ZggrLkUN5L-cw7jpjhDzKMijNKxPC0s8zzV0BAs788QIIN_aHrmTRusJ7BzcoH-UlXfS6BWnBxkOdr_SCM6ehEC