urlscan.io logo urlscan.io
SecurityTrails logo

xn--9cs298dhvblx1b.tw Open in urlscan Pro Puny
國賓皇琚.tw IDN
60.249.45.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xn--9cs298dhvblx1b.tw/
Effective URL: https://xn--9cs298dhvblx1b.tw/
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 12 domains to perform 75 HTTP transactions. The main IP is 60.249.45.223, located in Taichung City, Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is xn--9cs298dhvblx1b.tw.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2023. Valid for: a year.
This is the only time xn--9cs298dhvblx1b.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    60.249.45.223 (Taichung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: windows06.twserver.net
xn--9cs298dhvblx1b.tw
2    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2600:9000:2250:e000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    3.115.35.112 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-35-112.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
1    35.186.201.15 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 15.201.186.35.bc.googleusercontent.com
t.holmesmind.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.64.212.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-212-189.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
1    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
cft.holmesmind.com
Apex Domain
Subdomains		 Transfer
24 xn--9cs298dhvblx1b.tw
xn--9cs298dhvblx1b.tw
3 MB
14 gstatic.com
fonts.gstatic.com
923 KB
13 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 148155
c.holmesmind.com — Cisco Umbrella Rank: 117915
fcm2.holmesmind.com — Cisco Umbrella Rank: 184333
t.holmesmind.com
ad.holmesmind.com — Cisco Umbrella Rank: 111934
cft.holmesmind.com — Cisco Umbrella Rank: 742465
45 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
364 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
37 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
140 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6147
579 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
2 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
759 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1102
12 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
422 KB
75 12
Domain Requested by
24 xn--9cs298dhvblx1b.tw 1 redirects xn--9cs298dhvblx1b.tw
14 fonts.gstatic.com fonts.googleapis.com
6 cdn.holmesmind.com www.googletagmanager.com
cdn.holmesmind.com
5 www.googletagmanager.com xn--9cs298dhvblx1b.tw
www.googletagmanager.com
5 cdnjs.cloudflare.com xn--9cs298dhvblx1b.tw
3 connect.facebook.net xn--9cs298dhvblx1b.tw
connect.facebook.net
fcm2.holmesmind.com
3 www.google.de xn--9cs298dhvblx1b.tw
3 c.holmesmind.com 1 redirects xn--9cs298dhvblx1b.tw
cdn.holmesmind.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 unpkg.com 1 redirects xn--9cs298dhvblx1b.tw
1 cft.holmesmind.com xn--9cs298dhvblx1b.tw
1 ad.holmesmind.com cdn.holmesmind.com
1 www.facebook.com xn--9cs298dhvblx1b.tw
1 www.google.com xn--9cs298dhvblx1b.tw
1 t.holmesmind.com cdn.holmesmind.com
1 fcm2.holmesmind.com cdn.holmesmind.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com xn--9cs298dhvblx1b.tw
75 19

This site contains links to these domains. Also see Links.

Domain
goo.gl
Subject Issuer Validity Valid
xn--9cs298dhvblx1b.tw
Sectigo RSA Domain Validation Secure Server CA		 2023-07-17 -
2024-07-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-27 -
2023-10-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://xn--9cs298dhvblx1b.tw/
Frame ID: 446470CC9FA13EA321C8114963708A3F
Requests: 67 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/getP.htm
Frame ID: F903609225FDACAF1540A56F8D2A6E17
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9957001&uum=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Frame ID: 9ABB4B4D7C2016AD08D7C34197665383
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/getP.htm
Frame ID: 5415D87A70FF7B750A6B4FD4D1D9BD5C
Requests: 1 HTTP requests in this frame

Frame: https://ad.holmesmind.com/adserver/cs?website=CF-230700136263
Frame ID: 7196C6D139CEF3E94037ED71756AE2E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

國賓 HOTEL RESIDENCES

Page URL History Show full URLs

  1. http://xn--9cs298dhvblx1b.tw/ HTTP 301
    https://xn--9cs298dhvblx1b.tw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

96 %
HTTPS

68 %
IPv6

12
Domains

19
Subdomains

20
IPs

5
Countries

4603 kB
Transfer

7088 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xn--9cs298dhvblx1b.tw/ HTTP 301
    https://xn--9cs298dhvblx1b.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
Request Chain 48
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--9cs298dhvblx1b.tw/
Redirect Chain
  • http://xn--9cs298dhvblx1b.tw/
  • https://xn--9cs298dhvblx1b.tw/
23 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bdcd9d98126aaff5c7ea83de5d9eacef881e98805a641b4672e4d99003fbf95f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
23546
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 14:29:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin

Redirect headers

Content-Length
153
Content-Type
text/html; charset=UTF-8
Date
Wed, 18 Oct 2023 14:29:09 GMT
Location
https://xn--9cs298dhvblx1b.tw/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
swiper.min.css
xn--9cs298dhvblx1b.tw/import/swiper-4.5.3/dist/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/import/swiper-4.5.3/dist/css/swiper.min.css
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e282423aa8119b1a151b7f7a54c052fa14c24dc110bb2dd541869858b31926b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 08:18:54 GMT
server
Microsoft-IIS/10.0
etag
"ea4d77189bebd91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
22325
swiper.min.js
xn--9cs298dhvblx1b.tw/import/swiper-4.5.3/dist/js/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/import/swiper-4.5.3/dist/js/swiper.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c51fcb73c911f8b85efa8ac61e1eb7a7d049fadf20a9b1ffc5e66a0f2b16a2e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 08:18:55 GMT
server
Microsoft-IIS/10.0
etag
"126be199bebd91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
128898
jquery-3.6.0.min.js
xn--9cs298dhvblx1b.tw/import/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/import/jquery-3.6.0.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 08:18:50 GMT
server
Microsoft-IIS/10.0
etag
"c7c012169bebd91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
89501
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain
  • https://unpkg.com/sweetalert/dist/sweetalert.min.js
  • https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13909858
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H031J8SMQR75557NE5PWAVR1-fra
server
cloudflare
etag
W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
818178d47ea51e60-FRA

Redirect headers

date
Wed, 18 Oct 2023 14:29:10 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HD1JXQ7195GJ11B9XVPPNCG3-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
124
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/sweetalert@2.1.2/dist/sweetalert.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
818178d43e571e60-FRA
aos.js
xn--9cs298dhvblx1b.tw/import/aos-master/dist/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/import/aos-master/dist/aos.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 08:18:53 GMT
server
Microsoft-IIS/10.0
etag
"c9d576179bebd91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
14243
aos.css
xn--9cs298dhvblx1b.tw/import/aos-master/dist/ 		25 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/import/aos-master/dist/aos.css
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 08:18:52 GMT
server
Microsoft-IIS/10.0
etag
"d4ae6f179bebd91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
26053
ScrollMagic.min.js
cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/ScrollMagic.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7151794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5437
last-modified
Thu, 22 Jun 2023 10:42:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"649425b0-153d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nISSdYk%2Bw8Wk06RKG0%2F42QRM%2FvTAM0gBMJIyYCqqmTK2Ty3uef0LCNIZkhVoGEzuJeyqF0VgnAJtMvlTN5yQSIY%2Fssh5KzMORHGuzePWbaTlkFHzTP%2FprfmTh8AW%2FeBs4zZznHkbyuE8ipLHVu4KUtnb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818178d419b61c9b-FRA
expires
Mon, 07 Oct 2024 14:29:10 GMT
debug.addIndicators.min.js
cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ScrollMagic/2.0.7/plugins/debug.addIndicators.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3014468
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1970
last-modified
Mon, 04 May 2020 16:04:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf2-1bb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjkNAsG6AD7VktIfM87MSU9zMOZyI0WSMcZzSrzKlddD3lDxSMHDOGFpp7yM2V8HhurICcjiPg%2FGcLT0469mZm4t%2BI8hnlNNdtGRlNx4KCx4Mwc0%2F5gy8ZI70jte9QuZZyI4EfJ%2FNK0f%2FuWnTjCZZJob"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818178d419bb1c9b-FRA
expires
Mon, 07 Oct 2024 14:29:10 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.4/gsap.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3524106
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23292
last-modified
Thu, 22 Jun 2023 11:03:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a86-5afc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Fz1%2BrUu9lRCP0sWinrS2MvhPBP5yhoHsUevIRsz0pzwhGi6SNCqGJgz8ZurxbcoLDWueTENEPFIqUEbDnW3NDgJ%2B3Scd47Hv12G3pda6k4cnDZ9GrN2sOlhaS23YK7AiLlj0QyTTSinlKT7BKMot%2Ft%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818178d419b91c9b-FRA
expires
Mon, 07 Oct 2024 14:29:10 GMT
device.min.js
cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/device.min.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff979b9e48677d58bca83cbe1c830ed046b4bd567a2a03d8030981c6654bf2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12166503
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
971
last-modified
Mon, 04 May 2020 16:09:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e39-ce0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWzH6pe70wBkcTeAUrnp1lFPYjL%2FQCry2tNRl1t8fcycwmwEeTDOMDwAoDza2aeJnclpZm8%2Fz4biYa0ZjZPYMfYruPEeh2KnAtGojVnvfoigbMa8IhsiU46qMM%2F9ZC78bK5qkzFczvcaMibLT5tw1hRC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818178d419b71c9b-FRA
expires
Mon, 07 Oct 2024 14:29:10 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5437984
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4220
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-107c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJ4%2BurfQOYtGumasMXC%2F19u6YTWSiMTkOfeAVLP%2FxhPOtkix4%2BMk8H3SkbszG1ZWgGec8Z0dIgMmb2WoxN%2Fqi2Z8UwulsaX6n%2FJtCdJVA%2Ba2qS7XPBZzDl45Y660l6P6llToxKfX9inQCpNzsgYG%2BwGK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
818178d419b01c9b-FRA
expires
Mon, 07 Oct 2024 14:29:10 GMT
index.css
xn--9cs298dhvblx1b.tw/css/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/css/index.css
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e43546ff3868ad03c2d71ec7a964696da1734dec52ac481dd05aa1459b221e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 07:56:43 GMT
server
Microsoft-IIS/10.0
etag
"bf1adcfe97ebd91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
14374
index.js
xn--9cs298dhvblx1b.tw/js/ 		964 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--9cs298dhvblx1b.tw/js/index.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
96e698b898a2f992ea8b841129a49d2b233eb301778aa030ba2ca5a52a0b7b98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Mon, 24 Jul 2023 02:10:44 GMT
server
Microsoft-IIS/10.0
etag
"a1c172dd4bdd91:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
964
bg1.jpg
xn--9cs298dhvblx1b.tw/img/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/bg1.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
52df8006f5254c035f8be9c4d83b4d792a6e9fd4ac2d32ef8ab5dfeb3200d700

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 07:56:55 GMT
server
Microsoft-IIS/10.0
etag
"234050698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
76489
main2-icon.png
xn--9cs298dhvblx1b.tw/img/ 		662 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/main2-icon.png
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0c3dec62bb1a4c697c9858239de0577bec99c2b123d74cf33174e501a3f76005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"9a8ed8698ebd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
662
main2-pic.jpg
xn--9cs298dhvblx1b.tw/img/ 		444 KB
445 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/main2-pic.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
180bf7c14f3c9e1dde6481cc805ca6d5c92155f79ef79f0270f63cd6fa9732d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:10 GMT
last-modified
Wed, 20 Sep 2023 07:56:57 GMT
server
Microsoft-IIS/10.0
etag
"e9d61d798ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
454826
main2-pic2.jpg
xn--9cs298dhvblx1b.tw/img/ 		531 KB
532 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/main2-pic2.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb20082ec23c62f5fcffbaf6756e27b11c0ecd279bbc9d31c9a6d6d4a241ec91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:57 GMT
server
Microsoft-IIS/10.0
etag
"482987798ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
543910
big1.jpg
xn--9cs298dhvblx1b.tw/img/ 		358 KB
358 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/big1.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
59a7ab4fca4f050fafd2012e344a4071eb062582a4104ea3413867cdf0b6da07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"6ecbb4698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
366484
txt-logo.png
xn--9cs298dhvblx1b.tw/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/txt-logo.png
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
be42ac4027cd06e81530769593e5de11afc3c76a5c6b4c4a4f458bc6c32ef2af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:58 GMT
server
Microsoft-IIS/10.0
etag
"6426c5798ebd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
9151
big2.jpg
xn--9cs298dhvblx1b.tw/img/ 		621 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/big2.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80c776da70e2e8b26f0642f3dd9338bac78a8c7f824c541d7d9422b2ad7350aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"14dfa8698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
636328
big3.jpg
xn--9cs298dhvblx1b.tw/img/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/big3.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
820897ef61de1c0994a4735c0d231101715e2d7576ea9fc6fe4b0d36a4ab2548

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"638fb9698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
117207
txt-logo3.png
xn--9cs298dhvblx1b.tw/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/txt-logo3.png
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
de1bb67ac110af03d01e62c250a390c56f28da432dc04477d766c400d5bd3de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:58 GMT
server
Microsoft-IIS/10.0
etag
"0c0d3798ebd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
14792
txt-logo4.png
xn--9cs298dhvblx1b.tw/img/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/txt-logo4.png
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
710e65a07f1a0d1be187929a637a66dd24589c3ed3c17263a90b6b9499ca4828

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:58 GMT
server
Microsoft-IIS/10.0
etag
"8c35e9798ebd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
40192
big4.jpg
xn--9cs298dhvblx1b.tw/img/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/big4.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9a564f3af780df2dd2a0a2341658657f00e6f3ba6de83dabf55c8b8f217b1370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"dd7bc5698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
109526
logo.svg
xn--9cs298dhvblx1b.tw/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/logo.svg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
150e8d20abf11aa60e65776ff96842e1a9ebc8424882f7695dfadb78e4e3ef40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"a89c3798ebd91:0"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
17182
map.svg
xn--9cs298dhvblx1b.tw/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/map.svg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4826c41303c2c83f4840b183d4addf43c8b3515556157b1fb6821e056b9d08b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:57 GMT
server
Microsoft-IIS/10.0
etag
"e3518e798ebd91:0"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
8948
close.png
xn--9cs298dhvblx1b.tw/img/ 		335 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/close.png
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3eb16685c7f0a57ce50878b9898aa20e3989e1c9a4fab2786378b1706cfb725a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"585cf698ebd91:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
335
css2
fonts.googleapis.com/ 		1 MB
422 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
069093894279b11a3da5f93ef583dac0e42faebfdbc1c4056921455ed6eb4f17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 14:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 14:29:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 14:29:15 GMT
gtm.js
www.googletagmanager.com/ 		183 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PN9FHPN
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c84b7f0a6442ce97cce0dd9593952f85c0a6f058b12ec5d64c3814a4d65a49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66664
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 14:29:15 GMT
gtm.js
www.googletagmanager.com/ 		120 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04d6ff68615a9f68c0e54dbbf7ddd19ac47e5283a75253cc0f7d162b9cbe3152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46260
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 14:29:15 GMT
bg5.jpg
xn--9cs298dhvblx1b.tw/img/ 		173 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--9cs298dhvblx1b.tw/img/bg5.jpg
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/css/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
60.249.45.223 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
windows06.twserver.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Wed, 18 Oct 2023 14:29:15 GMT
last-modified
Wed, 20 Sep 2023 07:56:56 GMT
server
Microsoft-IIS/10.0
etag
"16b984698ebd91:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
606759
check.png
xn--9cs298dhvblx1b.tw/img/ 		0
0
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		66 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2aa3ec37a85298ef1ae028a96005305c2e0590367ca6db0152e643be8501b04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 18:45:26 GMT
x-content-type-options
nosniff
age
243829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67964
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Oct 2024 18:45:26 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda130ada00304e6c269a3749e7ebb1167629ce5c08e01122aff68e837efbb3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 19:50:54 GMT
x-content-type-options
nosniff
age
412701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33872
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 19:50:54 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a440a92ed0aaa814751b70057069686aee8d98fc2619725a7f8910b841b76113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:14:48 GMT
x-content-type-options
nosniff
age
504867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75404
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 18:14:48 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485d52e15d1f2f39ad7c292124dff830832e5de388f5b818ecaf8f0c2642c147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 23:55:09 GMT
x-content-type-options
nosniff
age
311646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74236
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 23:55:09 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2e336fc10a1b7b59e0063ef8e292fb2236ac728e039d77592dbb5fd0570267d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 08:57:52 GMT
x-content-type-options
nosniff
age
365483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76052
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 08:57:52 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93e922da3c17437291cb85e54f75a35b3d514f17ecc16813ea9ec09960c94cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 01:50:37 GMT
x-content-type-options
nosniff
age
563918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76892
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Oct 2024 01:50:37 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1708aa1025bcc513d0af34c6c5365a2455d1b4de3909e7685c1026db8f9a8a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:31:56 GMT
x-content-type-options
nosniff
age
446239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72792
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 10:31:56 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1911aa33f28c69a6d4b09f2fd52200ef8287846dc8267b68b5fa5f3169e2032b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 09:50:30 GMT
x-content-type-options
nosniff
age
362325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73304
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 09:50:30 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
634725c7d2756dc3a7219218cf8f9d7b673bea9b698878636605dd25a1a356bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:08:51 GMT
x-content-type-options
nosniff
age
163224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77156
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 17:08:51 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		77 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b13b78c9c88fb94afbc72a25a17d13c6319d43cddee28b80cd8aee1aee3e69b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 14:36:45 GMT
x-content-type-options
nosniff
age
345150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79304
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 14:36:45 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddd03e308f577a9003f1b7487ea8314e71cff0571491a3554d42a78935690883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:13:05 GMT
x-content-type-options
nosniff
age
72970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62572
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Oct 2024 18:13:05 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.52.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.52.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99f98438169d352f536550d7e2704da58afa248190dc1a40b9eb1db383be9d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:51:59 GMT
x-content-type-options
nosniff
age
409036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37468
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:29:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 20:51:59 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce6d34b31a7aa47ab73c71183f96f80e39f4e89be1c4747bcb7d30033dbeba30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 12:30:48 GMT
x-content-type-options
nosniff
age
439107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73860
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:12:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 12:30:48 GMT
XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.101.woff2
fonts.gstatic.com/s/notoseriftc/v23/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoseriftc/v23/XLY9IZb5bJNDGYxLBibeHZ0Bvq8qbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC:wght@100;300;400;500;700;900&family=Noto+Serif+TC:wght@200;300;400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb9391d5736756c47bdc011bfbbe246701177caf59b25ceaa9a1a94f187ed948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xn--9cs298dhvblx1b.tw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 21:07:27 GMT
x-content-type-options
nosniff
age
321708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61800
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:45:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Oct 2024 21:07:27 GMT
rtid.js
cdn.holmesmind.com/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtid.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19c3b9515d29e24bd4db3a9edb807411a88c419d7bfc583e2dd6c6a3cc07ad82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Ng2DLQjpyEmjLJfoQad2DzcXr9aYyIbX
date
Wed, 18 Oct 2023 14:28:40 GMT
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified
Fri, 14 Jul 2023 03:27:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
36
x-amz-server-side-encryption
AES256
etag
"02bf8ba06088c1e9034e592de5f8fad4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5826
x-amz-cf-id
2n1ObaWyv4dEwKl9KSj5Qrru699XJSk-hx9zuZhCD9QO2fgncr5MUg==
js
www.googletagmanager.com/gtag/ 		275 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YF97D4ZGSQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PN9FHPN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
30cfadb368a5acf5de679b1db1f8d9429559c4e559a0a97533e6c0e0ef0e6541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93210
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 14:29:15 GMT
cm
c.holmesmind.com/
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:16 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 18 Oct 2023 14:29:15 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
triggerTracker.js
cdn.holmesmind.com/dmp/cft/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/dmp/cft/triggerTracker.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9000fc8ecec95f6461c91aa01e279028703be153cd93a66591d4c264258f2a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
4Yrufkip1R4wQHTkWS6dgL63xLqEZjOv
date
Wed, 18 Oct 2023 14:28:34 GMT
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 09:18:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
42
x-amz-server-side-encryption
AES256
etag
"1e04967fd75cf24a6b8fe16036d4f22b"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1554
x-amz-cf-id
bnP5biol-EziMsFuboJ8oqIluDUp65FmogWC2PXXfeVMcgTVj32V-w==
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YF97D4ZGSQ&gtm=45je3ag0&_p=254847692&_gaz=1&cid=1892456167.1697639356&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697639355&sct=1&seg=0&dl=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&dt=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YF97D4ZGSQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--9cs298dhvblx1b.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YF97D4ZGSQ&cid=1892456167.1697639356&gtm=45je3ag0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YF97D4ZGSQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--9cs298dhvblx1b.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YF97D4ZGSQ&cid=1892456167.1697639356&gtm=45je3ag0&aip=1&z=916245906
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracker.js
cdn.holmesmind.com/dmp/cft/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/dmp/cft/tracker.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecedbf94b420eb2111edee11c55fba472271494b84c6cbc4b84780073022aa9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
qP2xgGWM76MesyjnYcbcM9HMG.6sI6Sx
date
Wed, 18 Oct 2023 14:24:59 GMT
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 09:18:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
257
x-amz-server-side-encryption
AES256
etag
"61818076a62402cc2a8ea842e9a1bd9d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27926
x-amz-cf-id
-MdIwHR203KLrgKMQFe9kTjTsSPqDrcgXvRsVnCDkOZ4kc3J9ZOSdg==
getP.htm
cdn.holmesmind.com/js/ Frame F903 		368 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/getP.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72

Request headers

Referer
https://xn--9cs298dhvblx1b.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
content-length
368
content-type
text/html
date
Wed, 18 Oct 2023 14:29:10 GMT
etag
"5a73a8424da0d3c569e5ee22d9327c5a"
last-modified
Fri, 14 Jul 2023 03:28:53 GMT
server
AmazonS3
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-id
3dFd0pdnpgL4OZe4NH3mNf7L1MMOGtBA3Om-HFiJmfjF1dGiXhTn9g==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
6Wt1e_.8laCOtvVcdZIQu4q080ahuSqd
x-cache
Hit from cloudfront
js
www.googletagmanager.com/gtag/ 		192 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11250919573
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f285c1f1993ef4ef553e7414a96090d21d3a70cd8f57eca3606e597ba8e4a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71596
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Oct 2023 14:29:16 GMT
js
www.googletagmanager.com/gtag/ 		282 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N1FGHH8T07
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9HB5HQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
276d42c3cd9859925dfcdb126b133851dd6dd1a4501611758db65257ece3f97f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94394
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 18 Oct 2023 14:29:16 GMT
capmapping_dmp.htm
cdn.holmesmind.com/js/ Frame 9ABB 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9957001&uum=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11f5814d05b56c070a4022babe1f79c5ae8f3faed7bcbd463fa9978411dffc4b

Request headers

Referer
https://xn--9cs298dhvblx1b.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15
content-length
4462
content-type
text/html
date
Wed, 18 Oct 2023 14:29:02 GMT
etag
"9eee116ff4e4ef789862bbd05b9f8ec8"
last-modified
Mon, 16 Oct 2023 05:42:02 GMT
server
AmazonS3
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-id
paicK6neH6T3FnQxvwewIIpS313UOfK2O7iBGgl5axLTtTccjU9oSQ==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
PyL5Rpa96.V547gg6TqSTA2l7Qvjdzzf
x-cache
Hit from cloudfront
getP.htm
cdn.holmesmind.com/js/ Frame 5415 		368 B
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/getP.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:e000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72

Request headers

Referer
https://xn--9cs298dhvblx1b.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
content-length
368
content-type
text/html
date
Wed, 18 Oct 2023 14:29:10 GMT
etag
"5a73a8424da0d3c569e5ee22d9327c5a"
last-modified
Fri, 14 Jul 2023 03:28:53 GMT
server
AmazonS3
via
1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
x-amz-cf-id
2b9I-QD4IW9HKIFTWvI8LvvKYZQgL5YfPF1NzFEglgxLlNBpZufL8w==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
6Wt1e_.8laCOtvVcdZIQu4q080ahuSqd
x-cache
Hit from cloudfront
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11250919573/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11250919573/?random=1697639356268&cv=11&fst=1697639356268&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&auid=1563694803.1697639356&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11250919573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4beb5ee6e431377e79aa20aafcf5434a0000e2b8e2c806f1f57c6fd81d038ffa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1344
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-N1FGHH8T07&gtm=45je3ag0&_p=254847692&_gaz=1&cid=1892456167.1697639356&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697639356&sct=1&seg=0&dl=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&dt=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N1FGHH8T07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--9cs298dhvblx1b.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N1FGHH8T07&cid=1892456167.1697639356&gtm=45je3ag0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N1FGHH8T07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--9cs298dhvblx1b.tw
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 14:29:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
O/JOGPEerSba5+KCLNds5SnRXPfDcmphiPyJKBRh8O90MP8mRQNzMZduDhwUXaGAlc33aQCESQSi3t2Y7jtOCw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N1FGHH8T07&cid=1892456167.1697639356&gtm=45je3ag0&aip=1&z=948112414
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm.js
fcm2.holmesmind.com/ Frame 9ABB 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9957001&uum=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.115.35.112 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-115-35-112.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Oct 2023 14:29:17 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
cm
c.holmesmind.com/ Frame 9ABB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9957001&uum=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:17 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
rl
t.holmesmind.com/rt/ Frame 9ABB 		0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.holmesmind.com/rt/rl?rtid=9957001&cf_uid=825887-QOJ7iV9Qv2BwW9xnR7nNXDrXdjZjSPst&uu_m=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9957001&uum=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.201.15 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.201.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:17 GMT
x-guploader-uploadid
ADPycdtl7MaJEnJ9IjGe8LK0nU0rr2u6v3KmtHnMPB6T0CG-xvFLIkPcs6Iy0use-eBROcthSiXG8ziYh68Ax95Vt_BPXw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Mon, 11 Sep 2017 07:14:47 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1505114087975422
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Wed, 18 Oct 2023 15:29:17 GMT
1043110500399219
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1043110500399219?v=2.9.134&r=stable&domain=xn--9cs298dhvblx1b.tw
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be9578b9f7b8a763f145e3f662a9445a94fcd41c0ffa3b52c573e1e7e629c11d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 14:29:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
5AhKCthH8Ep62lrjfVRliAUr9cEvjV0v4QtlNnYbB+nizPr/cFjhuyody13DwN4OHFmgOvclJDBarUSJP4TV3A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11250919573/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11250919573/?random=1697639356268&cv=11&fst=1697637600000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&frm=0&tiba=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4213152242&rmt_tld=0&ipr=y
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11250919573/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11250919573/?random=1697639356268&cv=11&fst=1697637600000&bg=ffffff&guid=ON&async=1&gtm=45be3ag0&u_w=1600&u_h=1200&url=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&frm=0&tiba=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4213152242&rmt_tld=1&ipr=y
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 14:29:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1043110500399219&ev=PageView&dl=https%3A%2F%2Fxn--9cs298dhvblx1b.tw%2F&rl=&if=false&ts=1697639356603&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697639356601.2019179045&ler=empty&it=1697639356426&coo=false&rqm=GET
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Oct 2023 14:29:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
fbevents.js
connect.facebook.net/en_US/ Frame 9ABB 		198 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Oct 2023 14:29:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
O/JOGPEerSba5+KCLNds5SnRXPfDcmphiPyJKBRh8O90MP8mRQNzMZduDhwUXaGAlc33aQCESQSi3t2Y7jtOCw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs
ad.holmesmind.com/adserver/ Frame 7196 		0
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/cs?website=CF-230700136263
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.212.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-212-189.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xn--9cs298dhvblx1b.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 18 Oct 2023 14:29:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
analytics
cft.holmesmind.com/dmp/ 		0
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cft.holmesmind.com/dmp/analytics?en=pageview&cftuid=2daff097-4e10-9726-e43e-46f85f234f51&cf_p=825887-QOJ7iV9Qv2BwW9xnR7nNXDrXdjZjSPst&uu_m=6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa&sid=CF-230700136263&sc=1600x1200x24&bn=Chrome&bv=118&pn=Windows&pv=10&dv=&dm=&dt=PC&tz=2&tu=0&de=UTF-8&ul=en-us&if=N&tt=%E5%9C%8B%E8%B3%93%20HOTEL%20RESIDENCES&rf=&uh=xn--9cs298dhvblx1b.tw&up=%2F&z=1549679307&t=20231018T142917
Requested by
Host: xn--9cs298dhvblx1b.tw
URL: https://xn--9cs298dhvblx1b.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xn--9cs298dhvblx1b.tw/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:29:18 GMT
x-guploader-uploadid
ADPycdvLvZYbqIK01IpT0V1iQzs52RuJ89vP6a-446R2ZBP6q-tkHKGT1QOkRpGWkOWwyAVmq3mKqHJzmCpKe_Pf-f9s
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601650311
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Wed, 18 Oct 2023 15:29:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xn--9cs298dhvblx1b.tw
URL
https://xn--9cs298dhvblx1b.tw/img/check.png

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| Swiper function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert object| AOS function| ScrollMagic object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin object| device object| dataLayer function| SendForm function| ClickMap function| ClickPhone function| ClickFB object| google_tag_manager object| google_tag_data function| clickforce_rtid function| c_tag_mk function| makeCFFPCKUUID function| getCFFPCKUUID function| getCFFPCKUUIDMAIN function| passfck function| getDomain object| CFFPCKUUIDday string| maindomain string| CFFPCKUUID string| CFFPCKUUIDMAIN function| onYouTubeIframeAPIReady object| gaGlobal function| _____WB$wombat$assign$function_____ function| clickForceDelayLoading function| clickForceSetSite function| clickForceLoadJs function| __WB_pmw object| bbkkbbk function| cft function| clickForceMyyCFT function| gtag object| GooglebQhCsO function| fbq function| _fbq number| e

20 Cookies

Domain/Path Name / Value
xn--9cs298dhvblx1b.tw/ Name: CFFPCKUUID
Value: 5658-Q4pDWp1Q8gp1HtMs0GN9GWSeJo2sY5an
.xn--9cs298dhvblx1b.tw/ Name: CFFPCKUUIDMAIN
Value: 6322-3VAikcnmjPo7szbfwcuPNVhavDR3PwOa
.xn--9cs298dhvblx1b.tw/ Name: _ga_YF97D4ZGSQ
Value: GS1.1.1697639355.1.0.1697639355.60.0.0
.xn--9cs298dhvblx1b.tw/ Name: _ga
Value: GA1.1.1892456167.1697639356
.xn--9cs298dhvblx1b.tw/ Name: _cft_uid
Value: 2daff097-4e10-9726-e43e-46f85f234f51
.holmesmind.com/ Name: P
Value: 825887-QOJ7iV9Qv2BwW9xnR7nNXDrXdjZjSPst
.holmesmind.com/ Name: Vision
Value: 20231018-23:59,20231019-01,20231019-01,20231018-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.xn--9cs298dhvblx1b.tw/ Name: _gcl_au
Value: 1.1.1563694803.1697639356
.xn--9cs298dhvblx1b.tw/ Name: _ga_N1FGHH8T07
Value: GS1.1.1697639356.1.0.1697639356.60.0.0
.xn--9cs298dhvblx1b.tw/ Name: _cft_P
Value: 825887-QOJ7iV9Qv2BwW9xnR7nNXDrXdjZjSPst
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.xn--9cs298dhvblx1b.tw/ Name: _fbp
Value: fb.1.1697639356601.2019179045
.holmesmind.com/ Name: fcm
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
ad.holmesmind.com/ Name: AWSALBCORS
Value: 2xdckIegcPGEZGUoOXLGlMWesu1YhbC19vION3/xl8l6z/7XL9TSg0WJRcVowZgODBh9VmLjRfWNR2JnldKknBDsPxJ6o2Ssk/eUASVnkPdYXD2zldFCRIz30qGK
ad.holmesmind.com/ Name: PHPSESSID
Value: pqdkrcjndoa9duvr8kuu6aech1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.holmesmind.com
c.holmesmind.com
cdn.holmesmind.com
cdnjs.cloudflare.com
cft.holmesmind.com
connect.facebook.net
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
region1.analytics.google.com
stats.g.doubleclick.net
t.holmesmind.com
unpkg.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
xn--9cs298dhvblx1b.tw
xn--9cs298dhvblx1b.tw
2001:4860:4802:32::36
2600:9000:2250:e000:0:e06c:e940:93a1
2606:4700::6810:7caf
2606:4700::6811:190e
2a00:1450:4001:800::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c03::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.115.35.112
35.186.201.15
35.201.76.93
35.227.249.156
54.64.212.189
60.249.45.223
04d6ff68615a9f68c0e54dbbf7ddd19ac47e5283a75253cc0f7d162b9cbe3152
069093894279b11a3da5f93ef583dac0e42faebfdbc1c4056921455ed6eb4f17
0c3dec62bb1a4c697c9858239de0577bec99c2b123d74cf33174e501a3f76005
0f285c1f1993ef4ef553e7414a96090d21d3a70cd8f57eca3606e597ba8e4a76
11f5814d05b56c070a4022babe1f79c5ae8f3faed7bcbd463fa9978411dffc4b
150e8d20abf11aa60e65776ff96842e1a9ebc8424882f7695dfadb78e4e3ef40
180bf7c14f3c9e1dde6481cc805ca6d5c92155f79ef79f0270f63cd6fa9732d9
1911aa33f28c69a6d4b09f2fd52200ef8287846dc8267b68b5fa5f3169e2032b
19c3b9515d29e24bd4db3a9edb807411a88c419d7bfc583e2dd6c6a3cc07ad82
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1b765b0cbd95391f6db0b565988eeb70ea68aa77bb9f8f7c8a880d96474c2aa8
276d42c3cd9859925dfcdb126b133851dd6dd1a4501611758db65257ece3f97f
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
30cfadb368a5acf5de679b1db1f8d9429559c4e559a0a97533e6c0e0ef0e6541
3eb16685c7f0a57ce50878b9898aa20e3989e1c9a4fab2786378b1706cfb725a
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
4826c41303c2c83f4840b183d4addf43c8b3515556157b1fb6821e056b9d08b1
485d52e15d1f2f39ad7c292124dff830832e5de388f5b818ecaf8f0c2642c147
4beb5ee6e431377e79aa20aafcf5434a0000e2b8e2c806f1f57c6fd81d038ffa
52df8006f5254c035f8be9c4d83b4d792a6e9fd4ac2d32ef8ab5dfeb3200d700
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72
59a7ab4fca4f050fafd2012e344a4071eb062582a4104ea3413867cdf0b6da07
5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
634725c7d2756dc3a7219218cf8f9d7b673bea9b698878636605dd25a1a356bc
710e65a07f1a0d1be187929a637a66dd24589c3ed3c17263a90b6b9499ca4828
7c84b7f0a6442ce97cce0dd9593952f85c0a6f058b12ec5d64c3814a4d65a49c
80c776da70e2e8b26f0642f3dd9338bac78a8c7f824c541d7d9422b2ad7350aa
820897ef61de1c0994a4735c0d231101715e2d7576ea9fc6fe4b0d36a4ab2548
9000fc8ecec95f6461c91aa01e279028703be153cd93a66591d4c264258f2a36
93e922da3c17437291cb85e54f75a35b3d514f17ecc16813ea9ec09960c94cad
96e698b898a2f992ea8b841129a49d2b233eb301778aa030ba2ca5a52a0b7b98
99f98438169d352f536550d7e2704da58afa248190dc1a40b9eb1db383be9d19
9a564f3af780df2dd2a0a2341658657f00e6f3ba6de83dabf55c8b8f217b1370
a440a92ed0aaa814751b70057069686aee8d98fc2619725a7f8910b841b76113
b13b78c9c88fb94afbc72a25a17d13c6319d43cddee28b80cd8aee1aee3e69b7
bdcd9d98126aaff5c7ea83de5d9eacef881e98805a641b4672e4d99003fbf95f
be42ac4027cd06e81530769593e5de11afc3c76a5c6b4c4a4f458bc6c32ef2af
be9578b9f7b8a763f145e3f662a9445a94fcd41c0ffa3b52c573e1e7e629c11d
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c51fcb73c911f8b85efa8ac61e1eb7a7d049fadf20a9b1ffc5e66a0f2b16a2e2
ce6d34b31a7aa47ab73c71183f96f80e39f4e89be1c4747bcb7d30033dbeba30
da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7
dda130ada00304e6c269a3749e7ebb1167629ce5c08e01122aff68e837efbb3f
ddd03e308f577a9003f1b7487ea8314e71cff0571491a3554d42a78935690883
de1bb67ac110af03d01e62c250a390c56f28da432dc04477d766c400d5bd3de8
e282423aa8119b1a151b7f7a54c052fa14c24dc110bb2dd541869858b31926b0
e2e336fc10a1b7b59e0063ef8e292fb2236ac728e039d77592dbb5fd0570267d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43546ff3868ad03c2d71ec7a964696da1734dec52ac481dd05aa1459b221e7b
ecedbf94b420eb2111edee11c55fba472271494b84c6cbc4b84780073022aa9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff979b9e48677d58bca83cbe1c830ed046b4bd567a2a03d8030981c6654bf2f
f1708aa1025bcc513d0af34c6c5365a2455d1b4de3909e7685c1026db8f9a8a7
f2aa3ec37a85298ef1ae028a96005305c2e0590367ca6db0152e643be8501b04
fb20082ec23c62f5fcffbaf6756e27b11c0ecd279bbc9d31c9a6d6d4a241ec91
fb9391d5736756c47bdc011bfbbe246701177caf59b25ceaa9a1a94f187ed948
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e