urlscan.io logo urlscan.io
SecurityTrails logo

www.ibluecg.com Open in urlscan Pro
172.104.102.244  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ibluecg.com/
Effective URL: https://www.ibluecg.com/
Submission: On July 01 via manual from TW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 9 countries across 54 domains to perform 308 HTTP transactions. The main IP is 172.104.102.244, located in Tokyo, Japan and belongs to LINODE-AP Linode, LLC, US. The main domain is www.ibluecg.com.
TLS certificate: Issued by R3 on May 14th 2021. Valid for: 3 months.
This is the only time www.ibluecg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 172.104.102.244 63949 (LINODE-AP...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a03:2880:f01... 32934 (FACEBOOK)
7 151.101.112.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
44 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
15 2600:9000:210... 16509 (AMAZON-02)
4 151.101.64.134 54113 (FASTLY)
1 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 17 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.12.64 54113 (FASTLY)
24 151.101.13.44 54113 (FASTLY)
1 3 65.9.77.69 16509 (AMAZON-02)
4 2a04:4e42:62:... 54113 (FASTLY)
1 2600:1901:0:7... 15169 (GOOGLE)
5 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.49 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
3 3 35.227.252.103 15169 (GOOGLE)
7 22 142.250.185.162 15169 (GOOGLE)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
2 3 69.173.144.139 26667 (RUBICONPR...)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 79.137.68.187 16276 (OVH)
2 4 2.18.234.21 16625 (AKAMAI-AS)
4 7 185.33.221.13 29990 (ASN-APPNEX)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 142.250.186.66 15169 (GOOGLE)
1 199.232.137.44 54113 (FASTLY)
2 9 141.226.228.48 200478 (TABOOLA-AS)
5 8 35.244.174.68 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 104.111.239.217 16625 (AKAMAI-AS)
3 46.236.13.147 24931 (DEDIPOWER)
2 3 65.9.77.26 16509 (AMAZON-02)
1 1 63.33.81.89 16509 (AMAZON-02)
2 4 52.212.225.58 16509 (AMAZON-02)
1 65.9.77.14 16509 (AMAZON-02)
1 81.29.72.47 24931 (DEDIPOWER)
2 2 193.0.160.129 54312 (ROCKETFUEL)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 34.249.16.73 16509 (AMAZON-02)
1 2 198.148.27.140 19189 (PULSEPOINT)
1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 76.223.111.131 16509 (AMAZON-02)
1 2 72.251.249.14 29791 (VOXEL-DOT...)
1 185.86.138.144 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 1 139.162.84.221 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
3 3 35.157.168.25 16509 (AMAZON-02)
2 2 35.205.207.25 15169 (GOOGLE)
2 2 18.185.197.81 16509 (AMAZON-02)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 23.111.200.117 7979 (SERVERS-COM)
1 18.235.211.215 14618 (AMAZON-AES)
1 2 52.58.194.104 16509 (AMAZON-02)
1 2a04:4e42:3::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
308 66
23    172.104.102.244 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1712-244.members.linode.com
www.ibluecg.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
7    151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
shui-lan-mo-li-gong-lue-wang.disqus.com
referrer.disqus.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
44    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
15    2600:9000:2104:5800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
4    151.101.64.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
17    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleapis.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
6    151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
glitter.services.disqus.com
links.services.disqus.com
24    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
images.taboola.com
vidstat.taboola.com
match.taboola.com
3    65.9.77.69 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
4    2a04:4e42:62::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
5    2606:4700:3039::6815:c039 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
8    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.disquscdn.com
8    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
22    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
ade.googlesyndication.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a05:d01c:1d8:8101:e336:1261:a63c:d3a0 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
1    79.137.68.187 (France)

ASN16276 (OVH, FR)
PTR: gcm9.host.hit.gemius.pl
googlecm.hit.gemius.pl
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
7    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2606:4700::6810:a00d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
1    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
1    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
15.taboola.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
8    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
ejp.rlcdn.com
idsync.rlcdn.com
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
2    2a00:1450:4001:829::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
8    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
assets.ad4m.at
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
3    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
3    65.9.77.26 (United States)

ASN16509 (AMAZON-02, US)
live.rezync.com
1    63.33.81.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
4    52.212.225.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
io.narrative.io
1    65.9.77.14 (United States)

ASN16509 (AMAZON-02, US)
analytics.webgains.io
1    81.29.72.47 (Brixton, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    34.249.16.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
e1.emxdgt.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    35.157.168.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    35.205.207.25 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
ads.avads.net
2    18.185.197.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
2    23.111.200.117 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    18.235.211.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
jadserve.postrelease.com
2    52.58.194.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
1    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
Apex Domain
Subdomains		 Transfer
46 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
2 MB
40 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
images.taboola.com
vidstat.taboola.com
sync.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
324 KB
31 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
50 KB
23 ibluecg.com
www.ibluecg.com
79 KB
22 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
219 KB
17 facebook.com
www.facebook.com
56 KB
17 disquscdn.com
c.disquscdn.com
a.disquscdn.com
656 KB
17 disqus.com
shui-lan-mo-li-gong-lue-wang.disqus.com
disqus.com
tempest.services.disqus.com
referrer.disqus.com
glitter.services.disqus.com
links.services.disqus.com
77 KB
16 google.com
www.google.com
cse.google.com
adservice.google.com
clients1.google.com
apis.google.com
accounts.google.com
203 KB
13 fbcdn.net
static.xx.fbcdn.net
820 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
632 KB
8 rlcdn.com
id.rlcdn.com
ejp.rlcdn.com
idsync.rlcdn.com
3 KB
8 2mdn.net
s0.2mdn.net
176 KB
7 adnxs.com
ib.adnxs.com
6 KB
5 openx.net
rtb.openx.net
u.openx.net
1 KB
4 narrative.io
io.narrative.io
1 KB
4 webgains.com
track.webgains.com
diapi.webgains.com
99 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
2 KB
4 facebook.net
connect.facebook.net
140 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
1 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
60 KB
3 rezync.com
live.rezync.com
3 KB
3 rubiconproject.com
pixel.rubiconproject.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 googletagservices.com
www.googletagservices.com
103 KB
3 googleapis.com
fonts.googleapis.com
www.googleapis.com
197 KB
2 3lift.com
eb2.3lift.com
736 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 avads.net
ads.avads.net
561 B
2 lijit.com
ce.lijit.com
1018 B
2 adsrvr.org
match.adsrvr.org
914 B
2 contextweb.com
bh.contextweb.com
828 B
2 rfihub.com
p.rfihub.com
2 KB
2 awin1.com
www.awin1.com
1 KB
2 viglink.com
cdn.viglink.com
603 B
2 innovid.com
ag.innovid.com
684 B
2 quantserve.com
cms.quantserve.com
798 B
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 google.de
adservice.google.de
287 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 postrelease.com
jadserve.postrelease.com
427 B
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
362 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 smartadserver.com
rtb-csync.smartadserver.com
697 B
1 imrworldwide.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
108 B
1 createjs.com
code.createjs.com
63 KB
1 gemius.pl
googlecm.hit.gemius.pl
338 B
1 googleadservices.com
partner.googleadservices.com
655 B
1 jquery.com
code.jquery.com
33 KB
0 id5-sync.com Failed
id5-sync.com Failed
308 54
Domain Requested by
45 fonts.gstatic.com fonts.googleapis.com
23 www.ibluecg.com 1 redirects www.ibluecg.com
21 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
www.ibluecg.com
17 www.facebook.com 2 redirects www.ibluecg.com
c.disquscdn.com
connect.facebook.net
www.facebook.com
15 c.disquscdn.com shui-lan-mo-li-gong-lue-wang.disqus.com
disqus.com
c.disquscdn.com
tempest.services.disqus.com
13 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
13 images.taboola.com www.ibluecg.com
13 pagead2.googlesyndication.com www.ibluecg.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 cdn.taboola.com www.ibluecg.com
cdn.taboola.com
8 s0.2mdn.net www.ibluecg.com
s0.2mdn.net
googleads.g.doubleclick.net
8 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.ibluecg.com
googleads.g.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
c.disquscdn.com
7 www.google.com 1 redirects www.google.com
www.ibluecg.com
tpc.googlesyndication.com
6 sync.taboola.com 2 redirects
6 assets.ad4m.at as.ad4m.at
5 idsync.rlcdn.com 2 redirects c.disquscdn.com
live.rezync.com
5 ad4m.at googleads.g.doubleclick.net
ad4m.at
5 referrer.disqus.com www.ibluecg.com
4 io.narrative.io 2 redirects www.ibluecg.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 trc.taboola.com cdn.taboola.com
4 disqus.com shui-lan-mo-li-gong-lue-wang.disqus.com
c.disquscdn.com
4 connect.facebook.net www.ibluecg.com
connect.facebook.net
c.disquscdn.com
3 x.bidswitch.net 3 redirects
3 live.rezync.com 2 redirects c.disquscdn.com
3 links.services.disqus.com c.disquscdn.com
www.ibluecg.com
3 track.webgains.com as.ad4m.at
analytics.webgains.io
3 pixel.rubiconproject.com 2 redirects
3 image6.pubmatic.com 3 redirects
3 rtb.openx.net 3 redirects
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
www.ibluecg.com
3 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 eb2.3lift.com 1 redirects
2 ads.betweendigital.com 2 redirects
2 u.openx.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ads.avads.net 2 redirects
2 sync-t1.taboola.com
2 ce.lijit.com 1 redirects
2 match.adsrvr.org 2 redirects
2 bh.contextweb.com 1 redirects
2 api.webgains.io analytics.webgains.io
2 gum.criteo.com 2 redirects
2 p.rfihub.com 2 redirects
2 www.awin1.com as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 id.rlcdn.com 2 redirects
2 googleads4.g.doubleclick.net www.ibluecg.com
2 cdn.viglink.com www.ibluecg.com
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 apis.google.com c.disquscdn.com
apis.google.com
2 a.disquscdn.com www.ibluecg.com
c.disquscdn.com
2 tempest.services.disqus.com shui-lan-mo-li-gong-lue-wang.disqus.com
c.disquscdn.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.ibluecg.com
www.google-analytics.com
2 cse.google.com www.ibluecg.com
www.google.com
2 fonts.googleapis.com www.ibluecg.com
2 shui-lan-mo-li-gong-lue-wang.disqus.com www.ibluecg.com
1 ade.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 jadserve.postrelease.com
1 match.taboola.com
1 bttrack.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com
1 rtb-csync.smartadserver.com
1 simage2.pubmatic.com
1 diapi.webgains.com track.webgains.com
1 analytics.webgains.io track.webgains.com
1 obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com 1 redirects
1 ejp.rlcdn.com 1 redirects
1 glitter.services.disqus.com c.disquscdn.com
1 ssl.gstatic.com accounts.google.com
1 code.createjs.com s0.2mdn.net
1 vidstat.taboola.com cdn.taboola.com
1 trc-events.taboola.com www.ibluecg.com
1 15.taboola.com cdn.taboola.com
1 static-de.ad4mat.net ad4m.at
1 googlecm.hit.gemius.pl 1 redirects
1 prod-rtb.ad4mat.net www.ibluecg.com
1 clients1.google.com www.ibluecg.com
1 www.googleapis.com www.ibluecg.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.jquery.com www.ibluecg.com
0 id5-sync.com Failed
308 91

This site contains links to these domains. Also see Links.

Domain
store.line.me
www.bluecg.net
cg.skyey.tw
cgsword.com
bluecg.gamerch.com
webscan.360.cn
Subject Issuer Validity Valid
www.ibluecg.com
R3		 2021-05-14 -
2021-08-12		 3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
a.disquscdn.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-26 -
2022-05-28		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-31 -
2021-08-23		 3 months crt.sh
*.disquscdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-04-06 -
2021-10-13		 6 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
accounts.google.com
GTS CA 1O1		 2021-05-31 -
2021-08-23		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.rezync.com
Amazon		 2021-01-26 -
2022-02-23		 a year crt.sh
*.narrative.io
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh

This page contains 28 frames:

Primary Page: https://www.ibluecg.com/
Frame ID: 686F0E7636355A7A0F02E7DEC47E9CAE
Requests: 111 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Frame ID: 16CA2E831F84D087124381BD6ACCDBDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=280&slotname=3566400258&adk=1185755159&adf=3085374373&pi=t.ma~as.3566400258&w=1200&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377142&bpp=14&bdt=1262&idt=258&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=6851062296660&frm=20&pv=2&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ru4nItTiY9&p=https%3A//www.ibluecg.com&dtd=275
Frame ID: FC823ADA00A2F714D82E113574860AED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&adk=1812271804&adf=3025194257&lmt=1625102377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ibluecg.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377334&bpp=2&bdt=1455&idt=115&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=120
Frame ID: CDA41ABE84A5997CD850B4CC8F6E1AAD
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
Frame ID: 62AA5F1CA7CE61A70E67750A2CE27F16
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Frame ID: 241109A4B93050830CB89A6BB099F90D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Frame ID: BDCC3D86FBF21F1FCBABCE015914EA18
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Frame ID: F155FBDD4F514849A9A392F1F53D3DC7
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CwM50KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoExgFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHmnXJiTrgr9lQVFlDyaXldrlnSABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi03NDUwNTc4NTY1Njk0MzQ5&sigh=Cvo-HbsGm-8
Frame ID: 859DE2CE664BADE0BF83C25D19182A81
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
Frame ID: B4F71056BFC04CFAC2C8E2E37F89EA91
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D103E0A6281817A3522D7C434BCE0E94
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Frame ID: D24727BDCCEABA483EF613755A1A6006
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATptqFQ8v0paI-pZgyygdvHyh4F5usIf_8pd5OYjv9LUbpT6yBQt9ER7lCDmECCxjY8un6xt6AoOJbgl7DgGkzI1C8cOo4hYOMh0_161C6k12ePnzLLEM9rb4nK8RO86ZIzcTFKBI746rrhtq_7QIOsnnV9A&dbm_d=AKAmf-CMGW7tX8DdCbJDf_WdfNgcLESdUBHWHdnQV2lYZ_Ul-se0J3QuZXG8xuOvJIapp38YpROBbasf_4T8PdQWXz0q3FXtZNWm4rvaoBtPKJtcC9lDm6zCj1p5VKzixj-c3jhIhrSZUE6SmFBUMkPDe7wmTEdxTV0byqzz8TWw5SN4943vjdzRmwQ_KxCY-WL-EZNj7iUmb5ctbdWgMV3dnVEbGVvxKFQRaCuzo2ptsvSvR1XbpWEG8vm4_EZFA87wxW8IP-_GdP6CREFi-8bQaUIp5rPv8WHAGHHgUyZ9ZXqv56Kk3hVe6bXTF9O9omq4Uuu_qFRqHBlRMTmR9ktETFpcUxOT6Xdc8L5z2SZ_-nMjgf7iQtcTWeiGmLinpczjX6KxRl41Lll4CYncogpKwe3Vulch6QgaQiJr8RLBss5YiVHw5FGciNGs-ltoRcmQA-G40sdS5mTY4WLKHcDvJCTMSzxBLXVmGzkZ8D7PabMYSlQqh-r11WIbduWjzz2NjPXig3mDxsQLqmUbhLXqU7jU_UwXKZ0jEGuiRpftFb1k_udR3W70NwlBp_t9FNziay2M9xFdNfM1unnArASvRET2MluZ932BELxpCIWeaZ0mSEGe_WqDPvRroSi42BJRFNgVcWtE8o29L41IIQ6vE3-m29z0licMvWyNO2esVWtRiGoJatmcy6nYCABuYOKa4jwpcTRZMK4spw5fTCi3gxPMSV5wlFmO23YrV2bH7ta5uYMxrP31UI3-ZWvXINzD3vGIdGx7rbr06hOiATPrvFgw5THXrc8_qVcS6u3FuJtzsE5zELP20fy9UcPXqvO91892INOY7f1B-airAQk2Wyh3NOlwY_nMxsNt9bSVSUbzhKQbuM8DMUGfWlLkPU92b7NwDlN6LkEj2mz6PMDd9_Na0-BhAf-dDFk1dJff2WSp4gb9P6sgGFXDMuvV_E-RXPO7FdUPk4MQqjgVCd_NhuxEsRCYOZb_TSIUa1ywhvsDK6YwXliDpOktSbMHUntULtaceHNZU7JFXR8dL1e108YWjCGJ5vMzBUdRam6_DcG1dNNhlIHfUe2XBGUA4pymPPyBmZ50fqAwlm1J7_x2RqXYMuXrGx-1ruh-BD8HHzLcROfTwRgpNOac9G_SLFqQj5g1byQ4IhOdSjhLMEH2pu_-i_o3m9aH8IBg1ky30Hd8YWqNDIausEbvfTkj5BrQcg22w0NHIfIuCOsQbeg7nF1xMFk2AWAuEDcbhzVTCVtmjZroes4Stgy2s1LqLYAkFhrnlVN7SnXTsq3gaCpedWr_B5v9dhbFGMVTLfGJgk2OxmAsiDMq3YtVqUjWAJovNc59zv51IAYLIXk5mw4VKnMLDBPyrgSkjXT-FHMH5IQlbqEUJf3fRLQivpFh8kyLJ4auIaO6htlwTCHUR7ExTEgaMd0JgecgTM4I-hfcHoKEbuy-_I5PYVyLkIVILrCURRCA_geogkcz69DHio14H5ob-7wmLYPxNpy77oLXXV8TDdYjQ8CT3sltISjKBAfurN4cSPq_l3YMFoFlT5nupN9GL6YCsketAhKksYCpWbFt7LgIXHCRnfoU0G0lR9_xjHIswCW_0BadJ5zScPkp0eX5GLxbZXxKIjaK-ylU-4a7b3gdihclEUHOigzALJyGgJpNICeDOspYC9rCJLAanlApVdUQ_EoLNAdICePORJgi3S5XBshYkZl89opzrYKs7Q6ZojbD7u2XFjOBd7R6V19MEnwvmHqIVZ6J01XxbjnlciucKfOLIP_RUrNt5qbzv_YZlGaShZDxjdadKy69l5HAyug2Q1jYSeZegrTDw7xUZ0wzCrIRCCFreN7CRho97BhpZPHNy6Bt8JtEZG36FmJ_fnXdbJ36n_s3rfDhiNv21BD8PMO-ogMqw97uBdqX4L7yxPiO8-lJy4BKj8WjMsiW31Zi5UG2yYfkHEEUZIghKHuNsFUcXX5JN76nyXQKKUIeqPaH4l3qdkkuKj4ar6XDnJcXLsnuxBtKFKffeEUqxsg-ehfx8I3jwDOKE5hPMEFClkl7HVV6lnvcj51gwBrcKH6AkuLARG-jCt3kU6WZe54glrpfxA0i9hgdWFdU0jT5035QYUSZDDuO8SxdC5cHh76LSKw1F_WArfEfQvG1HAhEX5k354q7E07OXXQQmoNV5M3oVLO_R8wLuW9hmFSmFwGFFe2RugncYMsXiNnqduKTr1alOdJPRjhdclb3XYbmlrjojgjJGhsnTmSs70R_yjupg3nErj9PDPHxv5JK27z6SP7XnEh6IG77fVl4m1aR8TqqnG84S21ZqrRMYTuGA92VTtglTw0eft3p7VPUWQMM9HdD5pkUVwj3byGwuW3wvg7gey4VsR3LIbAO53qTKwhVcpD6KMNmeUIGE4soveBUR03-KkgnAHAFTwYHgp4zOQjJl68qoV1Qj9MWWWRt8Tzbp1NlGCynP11de5C8C6QdOHU_LNyqHzUwliiNhHrt8kp2bCCqSlmbM3JaB_89cpOBHEpJpeguFf3OldJyW9p2HmzJMWgdwtHMau_2KEwGFiFYzJQrA9RgUrQqaFv-E-QGO4YhfnZKykp0iIrcX9S6hdhnqPdUH-Bq8CUzC9pQfePPTVkJobbYLV-dJ5VrkfNsKadkj2VD9x7TKP-bqcVAyu6VEv01c16RfwNQlvXz9y-t2sp0iaJ2GgpxnHbLz-3gomhhFecdcsRJ1FS__MwgEggvBixfuSmu3h31fNvxZJAQNR0DEWZSF-ejCBJ-OwY7HXwPZX9nMxxvW1OcNq_v_4VyL_q1-xFzF8oXcubwclwg1COEGqYZF7NcSe1tv0wubgoEzXj_pKMpKah_DwYf5s8WOCMQT8JvyWMt9Y0MAGN8z4a7UOgibkuoyJ33rkxfOSzbtJfhsA-gWiPLDCbLlUDVU4erNeMxCzmH0iBPIVetgnD_2tPOxLYF2-ElzXkVDVoDL7y5AlV840Imdir88tI&cid=CAASEuRoxsKg7pFLriDzenjc08le9w&rfl=2%2Chttps%253A%252F%252Fwww.ibluecg.com%252F%240
Frame ID: A6F6389159DACFA2566C2990F041D4DB
Requests: 13 HTTP requests in this frame

Frame: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=shui-lan-mo-li-gong-lue-wang&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ibluecg.com%2F&typeface=sans-serif&disqus_version=f3697df
Frame ID: F0565910D100F49D56B96AE3FEE75E60
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F8DB7B390F6B1232B016D2CF341B3CA
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 5E3EE5F2E7A4CE018BCC2F97F6257639
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 05E31CFB387389861F7412E8A3C750FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10176009/1601280494923/index.html
Frame ID: 133BBEE227F602EF4CE8AA26C8B6B476
Requests: 8 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B4AF330D64C97AC6422890B63C00D882
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Frame ID: 065764564214CB6339AFBBE98976CC1E
Requests: 16 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
Frame ID: EEABB8BF6C3D60DF7744E35AF0505F4B
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c4mk7f9t1hlt8d7&pctry=DE&referrer=https%3A%2F%2Fwww.ibluecg.com%2F
Frame ID: 67D8994F617AA4B16D0D5DF3ACF6331D
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Frame ID: CE76E4A2144200DAEBD533CC58A9EE2B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Frame ID: 1C88D909F290EFF4F3D06C0ABFB93BD9
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Frame ID: 7E11AA13E34C5E70491FE73F826FFFF2
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C95FD6651101829B946E4E7F062B01FD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E616E356EF3061AC0F552EBE727C191C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 603BD3266631E61F36AD8204AB0618C2
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.ibluecg.com/ HTTP 301
    https://www.ibluecg.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

308
Requests

99 %
HTTPS

42 %
IPv6

54
Domains

91
Subdomains

66
IPs

9
Countries

6111 kB
Transfer

12706 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ibluecg.com/ HTTP 301
    https://www.ibluecg.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k HTTP 301
  • https://cse.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
Request Chain 114
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9=
Request Chain 149
  • https://rtb.openx.net/sync/dds?google_gid=CAESELs4sb_IhxJrevbpPNC0ezc&google_cver=1&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESELs4sb_IhxJrevbpPNC0ezc&google_cver=1&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&google_hm=rthgkfagwfobN9WiQ2LVuQ==
Request Chain 150
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENHvEDu0wVV6qrFMdNXNViM&google_cver=1&google_push=AYg5qPJt2r3Dxcj2C0R1A41s0IgK3hsrMMJenKn9Gmy1uN3QJgxUO8G4QdQIp34cSiFj2WSO6FUuul9XtPsLqMLxywSrUc3Ub6YY HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENHvEDu0wVV6qrFMdNXNViM&google_cver=1&google_push=AYg5qPJt2r3Dxcj2C0R1A41s0IgK3hsrMMJenKn9Gmy1uN3QJgxUO8G4QdQIp34cSiFj2WSO6FUuul9XtPsLqMLxywSrUc3Ub6YY&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt2r3Dxcj2C0R1A41s0IgK3hsrMMJenKn9Gmy1uN3QJgxUO8G4QdQIp34cSiFj2WSO6FUuul9XtPsLqMLxywSrUc3Ub6YY
Request Chain 151
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI7aFM74eec7764Rh_7g-iA&google_cver=1&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqlyCnHFCseJay44sM__s1UTCc5q8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXOVUtMS1EWTFZ&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqlyCnHFCseJay44sM__s1UTCc5q8
Request Chain 152
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4
Request Chain 154
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEQWJhNY80Zmz0R6R0IPtAI&google_cver=1&google_push=AYg5qPJXbvzugOhsR77w_ywdD0nrDFvJpx0J9IpNQV_AL0wc2tMk5vzOlifPMzFcAPghSNLRLvG2DGRf1ie2lC5wrtWIlN8VlHFAEA HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJXbvzugOhsR77w_ywdD0nrDFvJpx0J9IpNQV_AL0wc2tMk5vzOlifPMzFcAPghSNLRLvG2DGRf1ie2lC5wrtWIlN8VlHFAEA&google_hm=
Request Chain 156
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
Request Chain 157
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YN0YKjE5AIKakMMjaoOr1gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMa_w8i85eEU21mU48dIcwo&google_cver=1
Request Chain 159
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE1NDA1ODY0ODU3OTUzMDc5NA%3D%3D
Request Chain 181
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAA7421ly0WwECIfG72Rt_4&google_cver=1&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsieboUqQm-Iohj3C2bQdOvyUKc01qjXEXaqKBW6EKklHh HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsieboUqQm-Iohj3C2bQdOvyUKc01qjXEXaqKBW6EKklHh&google_hm=EoqK1vdgnGGUxlCSLIWqfA
Request Chain 182
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKJNGNyPDqAM2nqMmiHRyC3AGz0s3xbKKfxbmXHN1PXHqnvfninVh8OqufIpnRzgumTBUvVTaZ7jIzFbgDanhmIku1xuN-N&google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKqw9IYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLSk5HTnlQRHFBTTJucU1taUhSeUMzQUd6MHMzeGJLS2Z4Ym1YSE4xUFhIcW52Zm5pblZoOE9xdWZJcG5Semd1bVRCVXZWVGFaN2pJekZiZ0RhbmhtSWt1MXh1Ti1O HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb3AxQXkwY0d1a3JKMVNPZy1rX3lmOWZreEliZFdvMTlDMkpTcFZsbUItYw==&google_push
Request Chain 183
  • https://rtb.openx.net/sync/dds?google_gid=CAESELjJxjB4LVQV8_HU_ZouJhE&google_cver=1&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE&google_hm=rthgkfagwfobN9WiQ2LVuQ==
Request Chain 184
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPfjjdPVCwRl49bG3fYIdhg&google_cver=1&google_push=AYg5qPJI6QIQNqkj05HvbmD4brrRiIzqpsX0k1cX9W8ruxNnfTzYZ3nKoLSYKpa8UBvbGwrVMMd3syImFgMGi4DkgQoD1z7oaxBV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI6QIQNqkj05HvbmD4brrRiIzqpsX0k1cX9W8ruxNnfTzYZ3nKoLSYKpa8UBvbGwrVMMd3syImFgMGi4DkgQoD1z7oaxBV
Request Chain 185
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIu38ylV1UgJn_SpgyaBId0&google_cver=1&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_qYygasEujcSZw0IXepg8SpJen HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXRFItOC0yR0ZO&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_qYygasEujcSZw0IXepg8SpJen
Request Chain 186
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_cver=1&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5
Request Chain 187
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEL4JECth1SUnIg7cIPVYaW8&google_cver=1&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixVzfMe- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixVzfMe-&google_hm=9T_A4qQTRxG7kq_tQOVI0g
Request Chain 238
  • https://ejp.rlcdn.com/501709.html HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
Request Chain 240
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac4mk7f9t1hlt8d7 HTTP 302
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=67ccdf60-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7
Request Chain 241
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=67c82470-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F
Request Chain 246
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3154058648579530794 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4ef55096-9fba-4cf3-9f95-9df2a7d8e38f%3A1625102379.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc4mk7f9t1hlt8d7 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c4mk7f9t1hlt8d7 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3154058648579530794
Request Chain 247
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4ef55096-9fba-4cf3-9f95-9df2a7d8e38f%3A1625102379.07&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316021246751551 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c4mk7f9t1hlt8d7 HTTP 307
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=yd3bM_gPx_Wp4cZxezYW75Oa2TfAsE5N
Request Chain 251
  • https://www.facebook.com/v10.0/plugins/comments.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700 HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Request Chain 285
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TQvnkBfws8Nm&ev=1&orig=trc&pid=562107
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjPX3g-iGrjJ8loVwTjhWk&google_cver=1
Request Chain 289
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac
Request Chain 290
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e82ea55f-db8e-4a2e-ba93-0b238d8609d4
Request Chain 291
  • https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 295
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3167addb-b19a-4099-8ddf-77f7959f9092
Request Chain 296
  • https://id5-sync.com/s/464/9.gif?puid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQtN7zuK6jUBkG_nXxcpHnuDsMxkHCcUx9ZYH9g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQtN7zuK6jUBkG_nXxcpHnuDsMxkHCcUx9ZYH9g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=14e58419-1276-40b4-b315-0eea64c8367f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_660ae0c2-f69e-476e-bcbd-8de078694482&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEEjJn780IkMpeNHlu_y2ojY&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjJn780IkMpeNHlu_y2ojY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjJn780IkMpeNHlu_y2ojY%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8039684527946255092&opid=apx&ops=&utidl=tech:goo:CAESEEjJn780IkMpeNHlu_y2ojY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18354791621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/3/5.gif?puid=e4217a211c2629921960146ef2216075&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/2/6.gif?puid=38ff1056-8f1e-4fa2-974d-8cbf4ed10532&gdpr=1&gdpr_consent=
Request Chain 297
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ky06AGDkBry3Fi2VLRjdYA
Request Chain 299
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5&gdpr=0&av_tc=True HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=17f60418-d01f-4fee-aa57-8c09841aae37&expires=2&ssp=taboola&bsw_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5
Request Chain 300
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084&tbid=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac&query=taboola_hm%3Dba063716-7d74-4506-8c14-5fbf2dbd8084&isDirect=0
Request Chain 301
  • https://u.openx.net/w/1.0/sd?id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
Request Chain 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=53d644e5-4232-51b6-b15d-b173d180a95f
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=pGVQ2wY4RAiwjW5-_5XJXw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9%26ui%3DpGVQ2wY4RAiwjW5-_5XJXw HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&ui=pGVQ2wY4RAiwjW5-_5XJXw
Request Chain 305
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=

308 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ibluecg.com/
Redirect Chain
  • http://www.ibluecg.com/
  • https://www.ibluecg.com/
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3e5d328cd9e893b1c6edc8a31cd86d82d66fa1894597c541abc81cb8559f19ea

Request headers

Host
www.ibluecg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:35 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8381
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 01 Jul 2021 01:19:34 GMT
Server
Apache/2.4.29 (Ubuntu)
Location
https://www.ibluecg.com/
Content-Length
313
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
css.css
www.ibluecg.com/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/css.css?v=pppppaoaookokokokokoekofkoefefefef
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
54dd16271add2decd1baaaa2f05620ff731f46324687566fe6001777886be364

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 11:15:37 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3605-5c42b292d579f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2416
animate.css
www.ibluecg.com/ 		71 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/animate.css?v=pppppaoaookokokokokoekofkoefefefef
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"11cda-5956697f75bc6-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4172
mbcsmbmcp.css
www.ibluecg.com/index_files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/index_files/mbcsmbmcp.css
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b2e6b9c9ebd628247c54beb7ddb75b8259dc8fa47f1bd4e14483e2a3c200e97d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"190f-5956698011fc5-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1371
mbcsmbmcp.css
www.ibluecg.com/menu2/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/menu2/mbcsmbmcp.css
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7bc24bf3e1b5202928e07175d7a86820afbe2b1ea33fd02a4492022372aa4108

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Oct 2019 07:25:53 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"194d-595669801ac65-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1357
mbjsmbmcp.js
www.ibluecg.com/index_files/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/index_files/mbjsmbmcp.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
30d18f17a42e1aea9a713bad3bac0f0c42240aedc63a1059f96f025a17acb93e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3fe0-5956698011fc5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5166
mbjsmbmcp.js
www.ibluecg.com/menu2/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/menu2/mbjsmbmcp.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
30d18f17a42e1aea9a713bad3bac0f0c42240aedc63a1059f96f025a17acb93e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 21 Oct 2019 07:25:53 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3fe0-595669801ac65-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5166
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:35 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:08 GMT
server
nginx
etag
"54499a48-1762a"
vary
Accept-Encoding
x-hw
1625102375.dop243.fr8.t,1625102375.cds250.fr8.hc,1625102375.cds280.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
gotop.js
www.ibluecg.com/ 		342 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/gotop.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e8865b7f438adb9639235b5b40bc3519bf7b1dbd27118b4f3b97f4ab80eb1329

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Jun 2021 04:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"156-5c3fcdbd7ec5e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
199
godown.js
www.ibluecg.com/ 		165 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/godown.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
bc4dac9a386ca2bb0f51b8f89fbe4582e767a2c917129a698197d41d367cc705

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Jun 2021 04:01:11 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a5-5c3fcdbd7ec5e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
138
words.js
www.ibluecg.com/ 		575 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/words.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
5071d5d3c6fd02eabca30cfc97e8d1b11b9dc2c901cc0d79f74d1ced8738cd7a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 08:09:28 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"23f-5c464e906c1ba-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
482
logo.png
www.ibluecg.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/images/logo.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
7c1e3cbfe28d4c575abf82446b366f6cb109b3edf5f317eceec3081c70bed720

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"2187-5956697f7c926"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8583
1.js
www.ibluecg.com/ 		66 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/1.js?date=1625102375
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
607622d89626f3a7ee728372163078e2dbdc98f70b03732b48866f28a7e23bfb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Last-Modified
Thu, 10 Jun 2021 08:09:28 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"42-5c464e906b21a"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
66
index_ad.png
www.ibluecg.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/index_ad.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
246e38c978d0fb5aa218a60ad4dedffd883dd176241e9a96d6a917307c486ce9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"38a1-5956698011fc5"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14497
index_ad2.png
www.ibluecg.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/index_ad2.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
94aa69848ff4a838257fe0106ab4bd5677b01fac80866c82ef8e208d9b295685

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"aa6-5956698011fc5"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2726
index_ad3.png
www.ibluecg.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/index_ad3.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3794163e0d9ebdcc1ffbc4ff173522fbc3a37617111e9bb845272c476c3c87ec

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7d8-5956698011fc5"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2008
pollsmall.webp
www.ibluecg.com/images/0604/ 		354 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/images/0604/pollsmall.webp
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
62a0c0799f05836a3d65b5510b7fd3f183d9518c502a44beb1777144f202e9cb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Fri, 04 Jun 2021 02:32:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"162-5c3e78071a58c"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
354
hot_1.webp
www.ibluecg.com/images/0604/ 		416 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/images/0604/hot_1.webp
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
c4e5b3741572d9d1e9f9bed9d8b3e99e9a9749626261e1e6984d5c726e0b6263

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Fri, 04 Jun 2021 02:32:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1a0-5c3e78071a58c"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
416
new.png
www.ibluecg.com/images/0604/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/images/0604/new.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fcedc32f2cd81ee5add22f279101e34901b164b533e8ce541b573b2bf39678e3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Fri, 04 Jun 2021 05:20:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"218e-5c3e9da74b098"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8590
digest_1.webp
www.ibluecg.com/images/0604/ 		336 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/images/0604/digest_1.webp
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
11eb8da6bede1edea74066c511e2c739186154b7b9a8059a631151c012dcbd08

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/
Cookie
_ga=GA1.2.1171587868.1625102377; _gid=GA1.2.574405492.1625102377; _gat=1
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Fri, 04 Jun 2021 02:32:23 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"150-5c3e78071a58c"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
336
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48719
x-xss-protection
0
server
cafe
etag
7891261082821145910
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 01:19:36 GMT
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55293f84549026e3864ef056db5ce23f8726f2d390436e40df3b520a1117dae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ibluecg.com
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5Z+b19+IL3L1NscRTd4I8g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
+vqGnlgSVUCjX1p0oEeZbI20H3qAzkO25ISXUERFFXMp2OfCR/pt9b9T99jW5dnI5qLqkMsfFs1g4iUAVX9dMQ==
x-fb-trip-id
2050670934
x-fb-content-md5
5bdf8b912c61b1145062e51fce466cf8
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a561de0040489925b09668eaff314fac"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 01 Jul 2021 01:20:18 GMT
count.js
shui-lan-mo-li-gong-lue-wang.disqus.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shui-lan-mo-li-gong-lue-wang.disqus.com/count.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 25 Jun 2021 00:23:49 GMT
Server
nginx
ETag
"60d52215-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW3-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
O4skMsDvoa0c66TzShTeC9ksdD2N3al_GbtwsvzEaoVMzvtM5umm6w==
update-record.js
www.ibluecg.com/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibluecg.com/update-record.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
118e7d049469ee4245167a8318e662d783d26ede907638d785a8adc947dc6665

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://www.ibluecg.com/
Connection
keep-alive
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jun 2021 16:13:44 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"3eea-5c3dedbfbd0ca-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
7135
css2
fonts.googleapis.com/ 		568 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Material+Icons
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/css.css?v=pppppaoaookokokokokoekofkoefefefef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:19:36 GMT
server
ESF
date
Thu, 01 Jul 2021 01:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 01:19:36 GMT
css2
fonts.googleapis.com/ 		710 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/css.css?v=pppppaoaookokokokokoekofkoefefefef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e43851245ad701afc71c5014c93c58ebb57812c20718556a77aef3dd18b33b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 01:19:36 GMT
server
ESF
date
Thu, 01 Jul 2021 01:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Jul 2021 01:19:36 GMT
ebab_mbmcp_d.png
www.ibluecg.com/index_files/ 		98 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/index_files/ebab_mbmcp_d.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/index_files/mbcsmbmcp.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
209003dd975bf086030ddd66117656c153409d032279adde6db73f6c88ef64d4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/index_files/mbcsmbmcp.css
Connection
keep-alive
Referer
https://www.ibluecg.com/index_files/mbcsmbmcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:52 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"62-5956698011fc5"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
98
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:22:03 GMT
x-content-type-options
nosniff
age
82653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 02:22:03 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
  • https://cse.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
504f9a18c90c8800d96b4b06cdcccef2fd7f2bbef74fc2d0d6e90357adaef399
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in
unload
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3464
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:37 GMT

Redirect headers

date
Thu, 01 Jul 2021 01:19:36 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://cse.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
267
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:49:36 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5968
date
Wed, 30 Jun 2021 23:40:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 01 Jul 2021 01:40:08 GMT
ebab_mbmcp_d.png
www.ibluecg.com/menu2/ 		97 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ibluecg.com/menu2/ebab_mbmcp_d.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/menu2/mbcsmbmcp.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
172.104.102.244 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1712-244.members.linode.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d909c8db078f3316b78acc5917f9abf7b7ca8bbc49472b17f11c608914caad1b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.ibluecg.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.ibluecg.com/menu2/mbcsmbmcp.css
Connection
keep-alive
Referer
https://www.ibluecg.com/menu2/mbcsmbmcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Last-Modified
Mon, 21 Oct 2019 07:25:53 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"61-595669801ac65"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
97
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v92/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v92/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Icons
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbba257dc39b6005dfbd9a19b047beb96a5af5dd737690f896222cbd89893caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 22:59:22 GMT
x-content-type-options
nosniff
age
94814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104948
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 22:47:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 22:59:22 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 21:36:49 GMT
x-content-type-options
nosniff
age
99767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 21:36:49 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:13:50 GMT
x-content-type-options
nosniff
age
122746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25756
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:22:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 15:13:50 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 09:26:27 GMT
x-content-type-options
nosniff
age
57189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44784
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 09:26:27 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 05:11:31 GMT
x-content-type-options
nosniff
age
72486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 05:11:31 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 15:07:50 GMT
x-content-type-options
nosniff
age
123107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 15:07:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:55:11 GMT
x-content-type-options
nosniff
age
66266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:55:11 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 03:01:54 GMT
x-content-type-options
nosniff
age
80263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 03:01:54 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:21:58 GMT
x-content-type-options
nosniff
age
82659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 02:21:58 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 19:48:15 GMT
x-content-type-options
nosniff
age
106282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 19:48:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 11:39:34 GMT
x-content-type-options
nosniff
age
135603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:39:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 12:12:05 GMT
x-content-type-options
nosniff
age
47252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 12:12:05 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:58:48 GMT
x-content-type-options
nosniff
age
1249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48552
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jul 2022 00:58:48 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:35:42 GMT
x-content-type-options
nosniff
age
67435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46208
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:58 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:35:42 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 11:36:32 GMT
x-content-type-options
nosniff
age
135785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49124
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:15 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:36:32 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8198d0b92c175322a1cf167c65f8f410a46758ad62c0ed614baa635a55022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:32:10 GMT
x-content-type-options
nosniff
age
118047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53252
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:22:05 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 16:32:10 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9dbb676c4a844ee34b38c48b41a16f2ee145a6135d72d42d9fc9ec9abb2355c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 14:36:16 GMT
x-content-type-options
nosniff
age
125001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57836
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:22:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 14:36:16 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 07:03:27 GMT
x-content-type-options
nosniff
age
65770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 07:03:27 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 01:40:01 GMT
x-content-type-options
nosniff
age
85176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 01:40:01 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:35:42 GMT
x-content-type-options
nosniff
age
67435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48324
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:35:42 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 05:48:56 GMT
x-content-type-options
nosniff
age
70241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53604
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 05:48:56 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca66e264d4906c08646740254c325851bf0d83e203369d776d82202ec3c04c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 01:56:45 GMT
x-content-type-options
nosniff
age
602572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54492
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:14:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 01:56:45 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c14811543c43177335c8ba22be194d26067fa76bcf0c1b12bb4c0bdab9f6397e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 08:40:30 GMT
x-content-type-options
nosniff
age
59947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54312
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 08:40:30 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 14:34:00 GMT
x-content-type-options
nosniff
age
125137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 14:34:00 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:29:11 GMT
x-content-type-options
nosniff
age
67826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:29:11 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:22:57 GMT
x-content-type-options
nosniff
age
68200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57968
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:14 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 06:22:57 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 00:59:22 GMT
x-content-type-options
nosniff
age
87615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 00:59:22 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 11:35:20 GMT
x-content-type-options
nosniff
age
49457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44828
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 11:35:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.56.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.56.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab8340e6711533857e9d93c36010e35add901418352623109c3e6df93a3d4c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 18:15:18 GMT
x-content-type-options
nosniff
age
111859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35568
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:21:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 18:15:18 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.35.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.35.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5da5b945cab56c1f4ee24e430ded7250d1fab6495d2b76d73943ffd3f9e1e330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 19:47:00 GMT
x-content-type-options
nosniff
age
106357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31776
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:35:21 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 19:47:00 GMT
embed.js
shui-lan-mo-li-gong-lue-wang.disqus.com/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
22730069324340d5edd7ae54ca11d14830c9232e0d9e79ef9a9b027ee0293104
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24805
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 12:54:53 GMT
x-content-type-options
nosniff
age
44684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25600
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:58 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 12:54:53 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 04:26:23 GMT
x-content-type-options
nosniff
age
75194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43952
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:24:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 04:26:23 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 23:18:16 GMT
x-content-type-options
nosniff
age
93681
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47960
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:24:07 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 23:18:16 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:47:49 GMT
x-content-type-options
nosniff
age
52308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:25:59 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:47:49 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 00:21:31 GMT
x-content-type-options
nosniff
age
89886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52916
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:24:08 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 00:21:31 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
314c6b7c95012c5646ac120abbf788b1b2fca067dcb877a69596bbbeb380a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:17:39 GMT
x-content-type-options
nosniff
age
39718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55956
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 14:17:39 GMT
-nFkOG829Oofr2wohFbTp9i9uwYvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9uwYvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecf9ddab2148aaec478a2819abd263aca10d160d9b32638f8445de816fc2729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 21:41:10 GMT
x-content-type-options
nosniff
age
99507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46116
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:21:22 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 21:41:10 GMT
-nFkOG829Oofr2wohFbTp9i9uwYvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9uwYvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70b77838abb2862fd53756d69d6369a781d2e97d854b15a99463f5365b566e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 17:45:31 GMT
x-content-type-options
nosniff
age
113646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52424
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:21:13 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 17:45:31 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91162
x-xss-protection
0
server
cafe
etag
13729711335453486071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 01 Jul 2021 01:19:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/ Frame 16CA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210628/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210628/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 30 Jun 2021 19:14:00 GMT
expires
Wed, 14 Jul 2021 19:14:00 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
21937
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/zh_TW/ 		233 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=46428424cb62aa4030725f1b60130361
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2398c3642fb5001cce79445c3065037403ea15d70bd6a71be65ea599fac5fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.ibluecg.com
Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
X2EaPq2+dMcQsdUQThTy5Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69338
x-fb-rlafr
0
x-fb-debug
HP0YHfzBNGXympFBmYMirtvwn06f/qzEIqle2++5QF/juzMqxpiMs2WaSq8W69a5RQ0USMvZZ24sRuhY4r+DcA==
x-fb-content-md5
2f0c7567fbf5739baf747eaeae6e2c09
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:37 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"aef1a74ec77b2150878d2803d120bbe4"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Jul 2022 00:59:15 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1297111893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ibluecg.com%2F&ul=en-us&de=UTF-8&dt=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=127150794&gjid=1642305878&cid=1171587868.1625102377&tid=UA-61773368-1&_gid=574405492.1625102377&_r=1&_slc=1&z=623428126
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ibluecg.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 10:53:10 GMT
x-content-type-options
nosniff
age
138387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46808
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:14:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:53:10 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.70.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.70.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18adfe8cb7b956553c8d520cdc60e1370aac4f42dc01c9198f398bd3b39332cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 00:59:24 GMT
x-content-type-options
nosniff
age
87613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21472
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 00:59:24 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 22:47:13 GMT
x-content-type-options
nosniff
age
95544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50856
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 22:47:13 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.63.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.63.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91ccb2e6b3cd73d1f3da34aa1925bdeded87114309ec4538bee4382cd6f339a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:49:09 GMT
x-content-type-options
nosniff
age
52228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25676
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:49:09 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.23.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.23.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7653bc8d0b70e8d10e40a7f99669b31170b5e1b89947983380083b01b9d8fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 11:24:47 GMT
x-content-type-options
nosniff
age
136490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38000
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:22:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:24:47 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.61.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.61.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500&family=Noto+Sans+TC:wght@100;300;400;500;700;900&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7656d51b948402c8e5980f1eeb8c1a50544b1ecf40c698f50df2f91331410d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.ibluecg.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 18:49:42 GMT
x-content-type-options
nosniff
age
109795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38628
x-xss-protection
0
last-modified
Thu, 12 Nov 2020 04:23:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 18:49:42 GMT
cse_element__zh_tw.js
www.google.com/cse/static/element/323d4b81541ddb5b/ 		275 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__zh_tw.js?usqp=CAI%3D
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ba383b4c301973f5b8c0e0dcfc327f6716dc54fd510c9b07aa2ce80bdbf48c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:07:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92632
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 00:07:34 GMT
default+zh_TW.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/323d4b81541ddb5b/default+zh_TW.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 06:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9032
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 19:23:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 06:15:45 GMT
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=004516489009721926324:db38li4dn8k
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Thu, 01 Jul 2021 02:00:11 GMT
lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2011768
x-cache
Hit from cloudfront
content-length
25570
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-63e2"
content-type
text/css; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
UTQ6b5201fLhiLRMhoN9krrXIzdI-CyHyekDOusyr3xVZVVX1reFpQ==
x-cache-hits
0
common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2011768
x-cache
Hit from cloudfront
content-length
94800
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-17250"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
M2h7XnnYKOd68yJY6QuK7op_dUYqt3pfnA9nlpJGFSjI07nnbugp3w==
x-cache-hits
0
lounge.bundle.152a1430e3267673ea556dc28bb34a79.js
c.disquscdn.com/next/embed/ 		0
118 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.152a1430e3267673ea556dc28bb34a79.js
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24310
x-cache
Hit from cloudfront
content-length
120424
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 30 Jun 2021 17:42:54 GMT
server
nginx
etag
"60dcad1e-1d668"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Thu, 30 Jun 2022 18:34:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
rqc8bQWMykILaPVUpzplke02_cNEso00_sN6MNHNBWt6gVIAV7YKUQ==
x-cache-hits
0
config.js
disqus.com/next/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
21
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12153
X-XSS-Protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		201 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.ibluecg.com&callback=_gfp_s_&client=ca-pub-7450578565694349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
893b233d73517f25e5c43cb774222580404e916d52c5db5a35f7e3729e2eb2af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ibluecg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ibluecg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FC82 		430 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=280&slotname=3566400258&adk=1185755159&adf=3085374373&pi=t.ma~as.3566400258&w=1200&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377142&bpp=14&bdt=1262&idt=258&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=6851062296660&frm=20&pv=2&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ru4nItTiY9&p=https%3A//www.ibluecg.com&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78c65dc206374352832ce34fdbe4e1c52db9dbfe9321977f11089868bd4e5fbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7450578565694349&output=html&h=280&slotname=3566400258&adk=1185755159&adf=3085374373&pi=t.ma~as.3566400258&w=1200&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377142&bpp=14&bdt=1262&idt=258&shv=r20210628&ptt=9&saldr=aa&abxe=1&correlator=6851062296660&frm=20&pv=2&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=4679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ru4nItTiY9&p=https%3A//www.ibluecg.com&dtd=275
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Jul 2021 01:19:37 GMT
server
cafe
content-length
209
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 01:34:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jul 2021 01:19:37 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879999447392"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27719
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-7450578565694349&c=5&n=0&t=0&w=1234&x=4
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4242578805821029&ev=fb_page_view&dl=https%3A%2F%2Fwww.ibluecg.com%2F&rl=&if=false&ts=1625102377446&sw=1600&sh=1200&at=
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 01 Jul 2021 01:19:37 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CDA4 		8 KB
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&adk=1812271804&adf=3025194257&lmt=1625102377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ibluecg.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377334&bpp=2&bdt=1455&idt=115&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b22ab2faa4dbde5e2b8e62a9405b75f0c81020bf6623bc253fd3401e24c6d812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7450578565694349&output=html&adk=1812271804&adf=3025194257&lmt=1625102377&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.ibluecg.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377334&bpp=2&bdt=1455&idt=115&shv=r20210628&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Jul 2021 01:19:37 GMT
server
cafe
content-length
702
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 01-Jul-2021 01:34:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jul 2021 01:19:37 GMT
cache-control
private
async-ads.js
cse.google.com/adsense/search/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__zh_tw.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ded4ad0ac8ce6cf2b2f9ae707b0ad6f76a6c4bcf6e908acc2f9d668e35632f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
vary
Accept-Encoding
server
sffe
x-content-type-options
nosniff
etag
"137577775355942768"
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:37 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+zh_TW.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/cse/static/element/323d4b81541ddb5b/default+zh_TW.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 07:37:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
age
63752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
expires
Thu, 30 Jun 2022 07:37:05 GMT
branding.png
www.google.com/cse/static/images/1x/zh_TW/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/zh_TW/branding.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19e84e29fc980777914408b80b93d74ffb1266b65a1745aacac3ba5dd3f8bac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 23:25:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jun 2020 20:30:00 GMT
server
sffe
age
93235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1876
x-xss-protection
0
expires
Wed, 29 Jun 2022 23:25:42 GMT
generate_204
www.googleapis.com/ 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
clients1.google.com/ 		0
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
disqus.com/embed/comments/ Frame 62AA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
30b856195cf8b75309a0476b54bafeb636ce8898ca8c7db3fdf7a7105cdd499f
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.ibluecg.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

Connection
keep-alive
Content-Length
2762
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Fri, 11 Jun 2021 16:19:28 GMT
ETag
W/"lounge:view:8570607854.9c08b15d5d14e4d7d30f84c01b101755.2"
Referrer-Policy
no-referrer-when-downgrade
Content-Encoding
gzip
Date
Thu, 01 Jul 2021 01:19:37 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
/
tempest.services.disqus.com/ads-iframe/taboola/ 		28 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=shui-lan-mo-li-gong-lue-wang&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ibluecg.com%2F&typeface=sans-serif&disqus_version=f3697df
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
13ee442ad674963a2fb805cd522dfc5dcc8610e867eb6cec6a0b6fc03bd8491a

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding,
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router
Connection
keep-alive
Content-Length
9333
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4mm2udj33srvkr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=shui-lan-mo-li-gong-lue-wang&zone=thread&version=e34a397b02545d73e126b1219e8f0e66&page_url=https%3A%2F%2Fwww.ibluecg.com%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=6846046
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.ibluecg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.ibluecg.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2411 		15 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
663cefd8371e515724860dd2ab4f913bd3ea21b37125d7004d18a3a0e912ce3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Jul 2021 01:19:37 GMT
server
cafe
content-length
7083
x-xss-protection
0
set-cookie
IDE=AHWqTUn_NKrCvpMYz1o5zOZm7OmYIw8_4qMCoxVYczfoXoP5RN2O3q_RCK5whS31E74; expires=Tue, 26-Jul-2022 01:19:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jul 2021 01:19:37 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BDCC 		18 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5a97258627da1a5b7ad62ead5f6e618ce31b31c1455911cacee7b4c234d5d94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 01 Jul 2021 01:19:37 GMT
server
cafe
content-length
9332
x-xss-protection
0
set-cookie
IDE=AHWqTUl6Z9R7okv-q0ttuSwDMX2TCg9Ch4i9no4u-YW34XueltKTJqZoVkPva9mnhHM; expires=Tue, 26-Jul-2022 01:19:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jul 2021 01:19:37 GMT
cache-control
private
lounge.load.e34a397b02545d73e126b1219e8f0e66.js
c.disquscdn.com/next/embed/ Frame 62AA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.e34a397b02545d73e126b1219e8f0e66.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2a5db92958908a603c87c0cbd7b153ed3e3bab026021791f60ac4b59151b66a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24310
x-cache
Hit from cloudfront
content-length
534
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 30 Jun 2021 17:42:54 GMT
server
nginx
etag
"60dcad1e-216"
content-type
application/javascript; charset=utf-8
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
expires
Thu, 30 Jun 2022 18:34:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
eiPTyXXSaQmgHtAEO-6ccqNiHMV7BW4fswig9Wv3bI4uPxl1TMJrBA==
x-cache-hits
0
common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ Frame 62AA 		282 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.e34a397b02545d73e126b1219e8f0e66.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2011768
x-cache
Hit from cloudfront
content-length
94800
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-17250"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
fV8J9vWVazn_D_ch5ss0Ys17X0YqKDrLeHOcElOZAvwFt6LpU2A_PA==
x-cache-hits
0
loader.js
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/ Frame F155 		253 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7674d4cc8cafc174d98f0f4222a67c40aeaf1aa4561847ac9dbdd9fe9f1ff130

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.HwpqANRYtsgrYpfuSYpkHeVo_CDWjfS
content-encoding
gzip
etag
"25be11225beb41101c24e05670fca3c0"
age
97
x-cache
HIT
content-length
39470
x-amz-id-2
8ZoTMM7SxJpfc5S9XKUSCW1F2HwWDcHPbZ0qWW7C/nciQYDvvWQlO+DIfxQcmh9ite1daUJXWcQ=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 30 Jun 2021 09:15:51 GMT
server
AmazonS3
x-timer
S1625102378.703787,VS0,VE1
date
Thu, 01 Jul 2021 01:19:37 GMT
vary
Accept-Encoding
x-amz-request-id
V85X9YQMQTKMJ2V6
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
48
x-cache-hits
1
lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame 62AA 		158 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 18:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2011768
x-cache
Hit from cloudfront
content-length
25570
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Mon, 07 Jun 2021 17:13:02 GMT
server
nginx
etag
"60be539e-63e2"
content-type
text/css; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Tue, 07 Jun 2022 18:30:09 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
INkM2JkyVX5WuGuCXl1xvpL08ZqWPXs7unwLBGrBnq20MQ67v9QgTQ==
x-cache-hits
0
impl.20210630-7-RELEASE.js
cdn.taboola.com/libtrc/ Frame F155 		526 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4c9deb1a506b375fc325bca9383735f8c0fc279ef28448343eed1d0dc4162839

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GTTnfI5dSMPLPIt1wha0pKVfhdy9zZy0
content-encoding
br
etag
"1449dd2952da4459ad7669752533afe7"
age
1418
x-cache
HIT
content-length
120162
x-amz-id-2
ORftTYrLybeY9jnhRiQgTd5wNVK7vFVY7LNdiZetRW07HFzyJ5BPwK+kMvTD1JLAOzBPZpaLtIg=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 30 Jun 2021 08:55:18 GMT
server
AmazonS3-br
x-timer
S1625102378.740219,VS0,VE0
date
Thu, 01 Jul 2021 01:19:37 GMT
vary
Accept-Encoding
x-amz-request-id
RX1942FEJG4BW0MG
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
39
x-cache-hits
508
beacon.js
sb.scorecardresearch.com/ Frame F155 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:02:07 GMT
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
CLrZma34FcZB5QKFSvTH1fFaCcOx1mHHIW4c2tv-EA5e5Mv68Q33sA==
lounge.bundle.152a1430e3267673ea556dc28bb34a79.js
c.disquscdn.com/next/embed/ Frame 62AA 		467 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.152a1430e3267673ea556dc28bb34a79.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
68c7b10b9e138d7566b7dca1e763b39ac59731e790101a34b74e14f556175d6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:34:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24310
x-cache
Hit from cloudfront
content-length
120424
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 30 Jun 2021 17:42:54 GMT
server
nginx
etag
"60dcad1e-1d668"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Thu, 30 Jun 2022 18:34:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
VWTWeOqaSz_ckrtOYPxB31IHyHVhIVdLLGn3daPuaSWPs6Y0eHFyFQ==
x-cache-hits
0
config.js
disqus.com/next/ Frame 62AA 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:37 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
22
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12153
X-XSS-Protection
1; mode=block
b2
sb.scorecardresearch.com/ Frame F155
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9=
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9=
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
HCzRMRcHZ-aZujUDzmvjjXdwkkS1pWpxrXXq92JR-LtBig_HAzEN8A==

Redirect headers

date
Thu, 01 Jul 2021 01:19:37 GMT
via
1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1625102377747&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fwww.ibluecg.com%2F&c9=
content-length
169
x-amz-cf-id
02C-ZkupZgGwRdMuB6lV0h-tAcgqeCXKJ6g-Ft-8OWRbuvNv5HAoKA==
json
trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/ Frame F155 		17 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/trc/3/json?tim=03%3A19%3A37.782&lti=deflated&data=%7B%22id%22%3A563%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1625044547082%2C%22vi%22%3A1625102377781%2C%22cv%22%3A%2220210630-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.ibluecg.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22e%22%3A%22https%3A%2F%2Fwww.ibluecg.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A850%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A17%2C%22dw%22%3A850%2C%22dh%22%3A27%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A7%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.ibluecg.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22shui-lan-mo-li-gong-lue-wang%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22orig_uip%22%3A%22%7B%5C%22domain%5C%22%3A%20%5C%22https%3A%2F%2Fwww.ibluecg.com%5C%22%2C%20%5C%22experiment%5C%22%3A%20%5C%22network_default%5C%22%2C%20%5C%22position%5C%22%3A%20%5C%22top%5C%22%2C%20%5C%22shortname%5C%22%3A%20%5C%22shui-lan-mo-li-gong-lue-wang%5C%22%2C%20%5C%22variant%5C%22%3A%20%5C%22fallthrough%5C%22%7D%22%2C%22cd%22%3A27%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa882b8afa985236977e55ae9b0afc49926cc2875af20fbdf0cd32b8f59e50f3

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
568
date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
server
nginx
x-timer
S1625102378.803209,VS0,VE568
x-served-by
cache-hhn11563-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ibluecg.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
zh.js
c.disquscdn.com/next/current/embed/lang/ Frame 62AA 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/current/embed/lang/zh.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
009243b5bc24f81ae096d64aab50fc9c22bb5f4572a13fb114661c138b62d302
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248
x-cache
Hit from cloudfront
content-length
10306
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
last-modified
Tue, 09 Mar 2021 18:44:51 GMT
server
nginx
etag
"6047c223-2842"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Thu, 01 Jul 2021 01:20:29 GMT
cache-control
max-age=300, public
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
0RTPvd_yuigRS9QX3C9jKYbWE2BEij2joNYfNMaesa72NKLGsKEG2A==
x-cache-hits
0
adview
googleads.g.doubleclick.net/pagead/ Frame 859D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwM50KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoExgFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHmnXJiTrgr9lQVFlDyaXldrlnSABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcYChYSFHB1Yi03NDUwNTc4NTY1Njk0MzQ5&sigh=Cvo-HbsGm-8
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 01 Jul 2021 01:19:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 859D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hnth17m8ttfw5h6f1c8g0qsnat866sehccyxn66rdqhj6h43ww12qvwc7zbnr7js9a7081qxxgrj037pp69ab2s6vrm74tfb15yftkv8wfzx50hchgetybht0ks4n0zjfsvdhkfp84dstkkhsxky5mdrf49cwzg7k6n184cnd00hhqwvkar9txc1p5trd7crn4r3pwwefvwsjqc6edfc7ncchbkq6q87w544aejaahf88ah8nays8rfk2h1de315xrynpt6m97k2rspd4r56xgh6a581exfe5z4m30278m600g9aw4chsmv7n7vq26yw4d8h1ajja1gmh7sjvjnw7kvay8gr2w0vmgf1nc43nawvme98xd26tq616s382c4w8grkbaz&b=YN0YKQAJWCkIu8iyAAYREEewQcb2asGK2mqcug
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 01 Jul 2021 01:19:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame B4F7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a136de3e32c528c00c2b9765eb26b169f5dca5ccebe379060dfadd56a1d1d00
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0b013f7bb200004e14013ad000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
667bcea5ea204e14-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 859D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 01:05:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D103 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 30 Jun 2021 08:59:18 GMT
expires
Thu, 01 Jul 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
58819
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 859D 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879993577808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38803
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 859D 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 00:40:45 GMT
details
disqus.com/api/3.0/forums/ Frame 62AA 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=shui-lan-mo-li-gong-lue-wang&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eea5b3b2812460e34ee0bebff5b6a56db543f877609647ee51ef07d6b1dea00b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Type
application/json
Vary
Origin, Cookie
Content-Length
3173
X-XSS-Protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame D247 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl6Z9R7okv-q0ttuSwDMX2TCg9Ch4i9no4u-YW34XueltKTJqZoVkPva9mnhHM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 01 Jul 2021 01:19:37 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 01 Jul 2021 01:19:37 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A6F6 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATptqFQ8v0paI-pZgyygdvHyh4F5usIf_8pd5OYjv9LUbpT6yBQt9ER7lCDmECCxjY8un6xt6AoOJbgl7DgGkzI1C8cOo4hYOMh0_161C6k12ePnzLLEM9rb4nK8RO86ZIzcTFKBI746rrhtq_7QIOsnnV9A&dbm_d=AKAmf-CMGW7tX8DdCbJDf_WdfNgcLESdUBHWHdnQV2lYZ_Ul-se0J3QuZXG8xuOvJIapp38YpROBbasf_4T8PdQWXz0q3FXtZNWm4rvaoBtPKJtcC9lDm6zCj1p5VKzixj-c3jhIhrSZUE6SmFBUMkPDe7wmTEdxTV0byqzz8TWw5SN4943vjdzRmwQ_KxCY-WL-EZNj7iUmb5ctbdWgMV3dnVEbGVvxKFQRaCuzo2ptsvSvR1XbpWEG8vm4_EZFA87wxW8IP-_GdP6CREFi-8bQaUIp5rPv8WHAGHHgUyZ9ZXqv56Kk3hVe6bXTF9O9omq4Uuu_qFRqHBlRMTmR9ktETFpcUxOT6Xdc8L5z2SZ_-nMjgf7iQtcTWeiGmLinpczjX6KxRl41Lll4CYncogpKwe3Vulch6QgaQiJr8RLBss5YiVHw5FGciNGs-ltoRcmQA-G40sdS5mTY4WLKHcDvJCTMSzxBLXVmGzkZ8D7PabMYSlQqh-r11WIbduWjzz2NjPXig3mDxsQLqmUbhLXqU7jU_UwXKZ0jEGuiRpftFb1k_udR3W70NwlBp_t9FNziay2M9xFdNfM1unnArASvRET2MluZ932BELxpCIWeaZ0mSEGe_WqDPvRroSi42BJRFNgVcWtE8o29L41IIQ6vE3-m29z0licMvWyNO2esVWtRiGoJatmcy6nYCABuYOKa4jwpcTRZMK4spw5fTCi3gxPMSV5wlFmO23YrV2bH7ta5uYMxrP31UI3-ZWvXINzD3vGIdGx7rbr06hOiATPrvFgw5THXrc8_qVcS6u3FuJtzsE5zELP20fy9UcPXqvO91892INOY7f1B-airAQk2Wyh3NOlwY_nMxsNt9bSVSUbzhKQbuM8DMUGfWlLkPU92b7NwDlN6LkEj2mz6PMDd9_Na0-BhAf-dDFk1dJff2WSp4gb9P6sgGFXDMuvV_E-RXPO7FdUPk4MQqjgVCd_NhuxEsRCYOZb_TSIUa1ywhvsDK6YwXliDpOktSbMHUntULtaceHNZU7JFXR8dL1e108YWjCGJ5vMzBUdRam6_DcG1dNNhlIHfUe2XBGUA4pymPPyBmZ50fqAwlm1J7_x2RqXYMuXrGx-1ruh-BD8HHzLcROfTwRgpNOac9G_SLFqQj5g1byQ4IhOdSjhLMEH2pu_-i_o3m9aH8IBg1ky30Hd8YWqNDIausEbvfTkj5BrQcg22w0NHIfIuCOsQbeg7nF1xMFk2AWAuEDcbhzVTCVtmjZroes4Stgy2s1LqLYAkFhrnlVN7SnXTsq3gaCpedWr_B5v9dhbFGMVTLfGJgk2OxmAsiDMq3YtVqUjWAJovNc59zv51IAYLIXk5mw4VKnMLDBPyrgSkjXT-FHMH5IQlbqEUJf3fRLQivpFh8kyLJ4auIaO6htlwTCHUR7ExTEgaMd0JgecgTM4I-hfcHoKEbuy-_I5PYVyLkIVILrCURRCA_geogkcz69DHio14H5ob-7wmLYPxNpy77oLXXV8TDdYjQ8CT3sltISjKBAfurN4cSPq_l3YMFoFlT5nupN9GL6YCsketAhKksYCpWbFt7LgIXHCRnfoU0G0lR9_xjHIswCW_0BadJ5zScPkp0eX5GLxbZXxKIjaK-ylU-4a7b3gdihclEUHOigzALJyGgJpNICeDOspYC9rCJLAanlApVdUQ_EoLNAdICePORJgi3S5XBshYkZl89opzrYKs7Q6ZojbD7u2XFjOBd7R6V19MEnwvmHqIVZ6J01XxbjnlciucKfOLIP_RUrNt5qbzv_YZlGaShZDxjdadKy69l5HAyug2Q1jYSeZegrTDw7xUZ0wzCrIRCCFreN7CRho97BhpZPHNy6Bt8JtEZG36FmJ_fnXdbJ36n_s3rfDhiNv21BD8PMO-ogMqw97uBdqX4L7yxPiO8-lJy4BKj8WjMsiW31Zi5UG2yYfkHEEUZIghKHuNsFUcXX5JN76nyXQKKUIeqPaH4l3qdkkuKj4ar6XDnJcXLsnuxBtKFKffeEUqxsg-ehfx8I3jwDOKE5hPMEFClkl7HVV6lnvcj51gwBrcKH6AkuLARG-jCt3kU6WZe54glrpfxA0i9hgdWFdU0jT5035QYUSZDDuO8SxdC5cHh76LSKw1F_WArfEfQvG1HAhEX5k354q7E07OXXQQmoNV5M3oVLO_R8wLuW9hmFSmFwGFFe2RugncYMsXiNnqduKTr1alOdJPRjhdclb3XYbmlrjojgjJGhsnTmSs70R_yjupg3nErj9PDPHxv5JK27z6SP7XnEh6IG77fVl4m1aR8TqqnG84S21ZqrRMYTuGA92VTtglTw0eft3p7VPUWQMM9HdD5pkUVwj3byGwuW3wvg7gey4VsR3LIbAO53qTKwhVcpD6KMNmeUIGE4soveBUR03-KkgnAHAFTwYHgp4zOQjJl68qoV1Qj9MWWWRt8Tzbp1NlGCynP11de5C8C6QdOHU_LNyqHzUwliiNhHrt8kp2bCCqSlmbM3JaB_89cpOBHEpJpeguFf3OldJyW9p2HmzJMWgdwtHMau_2KEwGFiFYzJQrA9RgUrQqaFv-E-QGO4YhfnZKykp0iIrcX9S6hdhnqPdUH-Bq8CUzC9pQfePPTVkJobbYLV-dJ5VrkfNsKadkj2VD9x7TKP-bqcVAyu6VEv01c16RfwNQlvXz9y-t2sp0iaJ2GgpxnHbLz-3gomhhFecdcsRJ1FS__MwgEggvBixfuSmu3h31fNvxZJAQNR0DEWZSF-ejCBJ-OwY7HXwPZX9nMxxvW1OcNq_v_4VyL_q1-xFzF8oXcubwclwg1COEGqYZF7NcSe1tv0wubgoEzXj_pKMpKah_DwYf5s8WOCMQT8JvyWMt9Y0MAGN8z4a7UOgibkuoyJ33rkxfOSzbtJfhsA-gWiPLDCbLlUDVU4erNeMxCzmH0iBPIVetgnD_2tPOxLYF2-ElzXkVDVoDL7y5AlV840Imdir88tI&cid=CAASEuRoxsKg7pFLriDzenjc08le9w&rfl=2%2Chttps%253A%252F%252Fwww.ibluecg.com%252F%240
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
181e66f408838a471bf6ef845e37e7f4ba7fc3c7250d47697a89980df21476a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24073
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame A6F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
874
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 01:05:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A6F6 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:37 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1624879993577808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38803
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame A6F6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 00:40:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A6F6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8FRKshD1Mfl-WnzwdqTQf0TQ9YXU3acMQB5aKx_eprPNH26iLCKUEvrymbR3ICou28qyz6H0EoQXZ8w6pI_JJt9Naf-vAr8XwKLtk04TT0xSUQ68
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 859D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb1fd312dbd1c313a76ff0d81d888c6b3e72c1c2cb521ec4334ffddc8c274c4c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
tempest.services.disqus.com/ads-iframe/survey/ Frame F056 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=shui-lan-mo-li-gong-lue-wang&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ibluecg.com%2F&typeface=sans-serif&disqus_version=f3697df
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
7bf349f4506ce97b9244efc3abce2aeadde8b6d0af8cc25cb22f214c44326055

Request headers

Host
tempest.services.disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
disqus_unique=4mk7f9t1hlt8d7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default

Response headers

Connection
keep-alive
Content-Length
5494
Server
openresty
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-Service
router
Content-Encoding
gzip
Date
Thu, 01 Jul 2021 01:19:37 GMT
Age
0
Vary
Accept-Encoding,
noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 62AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1624570071/images/noavatar92.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 18:53:57 GMT
server
nginx
age
192908
etag
"60d4d4c5-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
content-type
image/png
content-length
1644
x-amz-cf-id
CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires
Wed, 28 Jul 2021 19:44:30 GMT
truncated
/ Frame 62AA 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ Frame 62AA 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4mm2udj33srvkr&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=shui-lan-mo-li-gong-lue-wang&zone=thread&page_url=https%3A%2F%2Fwww.ibluecg.com%2F&page_referrer=https%3A%2F%2Fwww.ibluecg.com%2F&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=6846046
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 62AA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 08:39:51 GMT
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5416787
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Apr 2022 08:39:51 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
guQYd9LB0kEXP5mBFd86oq7paeuyCTq5IfO6tVau5ex18dQnTrXVfA==
x-cache-hits
0
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 62AA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 01:01:22 GMT
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5012296
x-cache
Hit from cloudfront
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-b9b"
content-type
image/gif
access-control-allow-origin
*
expires
Wed, 04 May 2022 01:01:22 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Qun_shlytLa2MfrAKHX7mNRFGtkZhic-QKpiRe4-6joNYYqM4B9WhQ==
x-cache-hits
0
sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 62AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:17:18 GMT
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4838540
x-cache
Hit from cloudfront
content-length
1862
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-746"
content-type
image/png
access-control-allow-origin
*
expires
Fri, 06 May 2022 01:17:18 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Mx2xntAHlIuLcfhCmJ-opUhW0GUsTV25sRAnfQwrGSRmtH29zYsJ1g==
x-cache-hits
0
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 62AA 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://disqus.com
Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 05:29:27 GMT
via
1.1 a31e887359e681523a84a0d401a4fe7c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4823411
x-cache
Hit from cloudfront
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
expires
Fri, 06 May 2022 05:29:27 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
djxsOL4e6ovYBpqRGFhRB88KypJEah6RPS9JDE-H9gJW0ye9GFM0SA==
x-cache-hits
0
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: shui-lan-mo-li-gong-lue-wang.disqus.com
URL: https://shui-lan-mo-li-gong-lue-wang.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 May 2021 21:36:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4938204
x-cache
Hit from cloudfront
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-67d2"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Wed, 04 May 2022 21:36:14 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
ikEUsk8jbeU1fyHaajscwioFrBpNh-Vy3CaKQXXkVMihTIUG5Ee3Jg==
x-cache-hits
0
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame A6F6 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 12:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jul 2021 12:05:28 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame A6F6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATptqFQ8v0paI-pZgyygdvHyh4F5usIf_8pd5OYjv9LUbpT6yBQt9ER7lCDmECCxjY8un6xt6AoOJbgl7DgGkzI1C8cOo4hYOMh0_161C6k12ePnzLLEM9rb4nK8RO86ZIzcTFKBI746rrhtq_7QIOsnnV9A&dbm_d=AKAmf-CMGW7tX8DdCbJDf_WdfNgcLESdUBHWHdnQV2lYZ_Ul-se0J3QuZXG8xuOvJIapp38YpROBbasf_4T8PdQWXz0q3FXtZNWm4rvaoBtPKJtcC9lDm6zCj1p5VKzixj-c3jhIhrSZUE6SmFBUMkPDe7wmTEdxTV0byqzz8TWw5SN4943vjdzRmwQ_KxCY-WL-EZNj7iUmb5ctbdWgMV3dnVEbGVvxKFQRaCuzo2ptsvSvR1XbpWEG8vm4_EZFA87wxW8IP-_GdP6CREFi-8bQaUIp5rPv8WHAGHHgUyZ9ZXqv56Kk3hVe6bXTF9O9omq4Uuu_qFRqHBlRMTmR9ktETFpcUxOT6Xdc8L5z2SZ_-nMjgf7iQtcTWeiGmLinpczjX6KxRl41Lll4CYncogpKwe3Vulch6QgaQiJr8RLBss5YiVHw5FGciNGs-ltoRcmQA-G40sdS5mTY4WLKHcDvJCTMSzxBLXVmGzkZ8D7PabMYSlQqh-r11WIbduWjzz2NjPXig3mDxsQLqmUbhLXqU7jU_UwXKZ0jEGuiRpftFb1k_udR3W70NwlBp_t9FNziay2M9xFdNfM1unnArASvRET2MluZ932BELxpCIWeaZ0mSEGe_WqDPvRroSi42BJRFNgVcWtE8o29L41IIQ6vE3-m29z0licMvWyNO2esVWtRiGoJatmcy6nYCABuYOKa4jwpcTRZMK4spw5fTCi3gxPMSV5wlFmO23YrV2bH7ta5uYMxrP31UI3-ZWvXINzD3vGIdGx7rbr06hOiATPrvFgw5THXrc8_qVcS6u3FuJtzsE5zELP20fy9UcPXqvO91892INOY7f1B-airAQk2Wyh3NOlwY_nMxsNt9bSVSUbzhKQbuM8DMUGfWlLkPU92b7NwDlN6LkEj2mz6PMDd9_Na0-BhAf-dDFk1dJff2WSp4gb9P6sgGFXDMuvV_E-RXPO7FdUPk4MQqjgVCd_NhuxEsRCYOZb_TSIUa1ywhvsDK6YwXliDpOktSbMHUntULtaceHNZU7JFXR8dL1e108YWjCGJ5vMzBUdRam6_DcG1dNNhlIHfUe2XBGUA4pymPPyBmZ50fqAwlm1J7_x2RqXYMuXrGx-1ruh-BD8HHzLcROfTwRgpNOac9G_SLFqQj5g1byQ4IhOdSjhLMEH2pu_-i_o3m9aH8IBg1ky30Hd8YWqNDIausEbvfTkj5BrQcg22w0NHIfIuCOsQbeg7nF1xMFk2AWAuEDcbhzVTCVtmjZroes4Stgy2s1LqLYAkFhrnlVN7SnXTsq3gaCpedWr_B5v9dhbFGMVTLfGJgk2OxmAsiDMq3YtVqUjWAJovNc59zv51IAYLIXk5mw4VKnMLDBPyrgSkjXT-FHMH5IQlbqEUJf3fRLQivpFh8kyLJ4auIaO6htlwTCHUR7ExTEgaMd0JgecgTM4I-hfcHoKEbuy-_I5PYVyLkIVILrCURRCA_geogkcz69DHio14H5ob-7wmLYPxNpy77oLXXV8TDdYjQ8CT3sltISjKBAfurN4cSPq_l3YMFoFlT5nupN9GL6YCsketAhKksYCpWbFt7LgIXHCRnfoU0G0lR9_xjHIswCW_0BadJ5zScPkp0eX5GLxbZXxKIjaK-ylU-4a7b3gdihclEUHOigzALJyGgJpNICeDOspYC9rCJLAanlApVdUQ_EoLNAdICePORJgi3S5XBshYkZl89opzrYKs7Q6ZojbD7u2XFjOBd7R6V19MEnwvmHqIVZ6J01XxbjnlciucKfOLIP_RUrNt5qbzv_YZlGaShZDxjdadKy69l5HAyug2Q1jYSeZegrTDw7xUZ0wzCrIRCCFreN7CRho97BhpZPHNy6Bt8JtEZG36FmJ_fnXdbJ36n_s3rfDhiNv21BD8PMO-ogMqw97uBdqX4L7yxPiO8-lJy4BKj8WjMsiW31Zi5UG2yYfkHEEUZIghKHuNsFUcXX5JN76nyXQKKUIeqPaH4l3qdkkuKj4ar6XDnJcXLsnuxBtKFKffeEUqxsg-ehfx8I3jwDOKE5hPMEFClkl7HVV6lnvcj51gwBrcKH6AkuLARG-jCt3kU6WZe54glrpfxA0i9hgdWFdU0jT5035QYUSZDDuO8SxdC5cHh76LSKw1F_WArfEfQvG1HAhEX5k354q7E07OXXQQmoNV5M3oVLO_R8wLuW9hmFSmFwGFFe2RugncYMsXiNnqduKTr1alOdJPRjhdclb3XYbmlrjojgjJGhsnTmSs70R_yjupg3nErj9PDPHxv5JK27z6SP7XnEh6IG77fVl4m1aR8TqqnG84S21ZqrRMYTuGA92VTtglTw0eft3p7VPUWQMM9HdD5pkUVwj3byGwuW3wvg7gey4VsR3LIbAO53qTKwhVcpD6KMNmeUIGE4soveBUR03-KkgnAHAFTwYHgp4zOQjJl68qoV1Qj9MWWWRt8Tzbp1NlGCynP11de5C8C6QdOHU_LNyqHzUwliiNhHrt8kp2bCCqSlmbM3JaB_89cpOBHEpJpeguFf3OldJyW9p2HmzJMWgdwtHMau_2KEwGFiFYzJQrA9RgUrQqaFv-E-QGO4YhfnZKykp0iIrcX9S6hdhnqPdUH-Bq8CUzC9pQfePPTVkJobbYLV-dJ5VrkfNsKadkj2VD9x7TKP-bqcVAyu6VEv01c16RfwNQlvXz9y-t2sp0iaJ2GgpxnHbLz-3gomhhFecdcsRJ1FS__MwgEggvBixfuSmu3h31fNvxZJAQNR0DEWZSF-ejCBJ-OwY7HXwPZX9nMxxvW1OcNq_v_4VyL_q1-xFzF8oXcubwclwg1COEGqYZF7NcSe1tv0wubgoEzXj_pKMpKah_DwYf5s8WOCMQT8JvyWMt9Y0MAGN8z4a7UOgibkuoyJ33rkxfOSzbtJfhsA-gWiPLDCbLlUDVU4erNeMxCzmH0iBPIVetgnD_2tPOxLYF2-ElzXkVDVoDL7y5AlV840Imdir88tI&cid=CAASEuRoxsKg7pFLriDzenjc08le9w&rfl=2%2Chttps%253A%252F%252Fwww.ibluecg.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 23:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4969
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Jul 2021 23:56:49 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame A6F6 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ATptqFQ8v0paI-pZgyygdvHyh4F5usIf_8pd5OYjv9LUbpT6yBQt9ER7lCDmECCxjY8un6xt6AoOJbgl7DgGkzI1C8cOo4hYOMh0_161C6k12ePnzLLEM9rb4nK8RO86ZIzcTFKBI746rrhtq_7QIOsnnV9A&dbm_d=AKAmf-CMGW7tX8DdCbJDf_WdfNgcLESdUBHWHdnQV2lYZ_Ul-se0J3QuZXG8xuOvJIapp38YpROBbasf_4T8PdQWXz0q3FXtZNWm4rvaoBtPKJtcC9lDm6zCj1p5VKzixj-c3jhIhrSZUE6SmFBUMkPDe7wmTEdxTV0byqzz8TWw5SN4943vjdzRmwQ_KxCY-WL-EZNj7iUmb5ctbdWgMV3dnVEbGVvxKFQRaCuzo2ptsvSvR1XbpWEG8vm4_EZFA87wxW8IP-_GdP6CREFi-8bQaUIp5rPv8WHAGHHgUyZ9ZXqv56Kk3hVe6bXTF9O9omq4Uuu_qFRqHBlRMTmR9ktETFpcUxOT6Xdc8L5z2SZ_-nMjgf7iQtcTWeiGmLinpczjX6KxRl41Lll4CYncogpKwe3Vulch6QgaQiJr8RLBss5YiVHw5FGciNGs-ltoRcmQA-G40sdS5mTY4WLKHcDvJCTMSzxBLXVmGzkZ8D7PabMYSlQqh-r11WIbduWjzz2NjPXig3mDxsQLqmUbhLXqU7jU_UwXKZ0jEGuiRpftFb1k_udR3W70NwlBp_t9FNziay2M9xFdNfM1unnArASvRET2MluZ932BELxpCIWeaZ0mSEGe_WqDPvRroSi42BJRFNgVcWtE8o29L41IIQ6vE3-m29z0licMvWyNO2esVWtRiGoJatmcy6nYCABuYOKa4jwpcTRZMK4spw5fTCi3gxPMSV5wlFmO23YrV2bH7ta5uYMxrP31UI3-ZWvXINzD3vGIdGx7rbr06hOiATPrvFgw5THXrc8_qVcS6u3FuJtzsE5zELP20fy9UcPXqvO91892INOY7f1B-airAQk2Wyh3NOlwY_nMxsNt9bSVSUbzhKQbuM8DMUGfWlLkPU92b7NwDlN6LkEj2mz6PMDd9_Na0-BhAf-dDFk1dJff2WSp4gb9P6sgGFXDMuvV_E-RXPO7FdUPk4MQqjgVCd_NhuxEsRCYOZb_TSIUa1ywhvsDK6YwXliDpOktSbMHUntULtaceHNZU7JFXR8dL1e108YWjCGJ5vMzBUdRam6_DcG1dNNhlIHfUe2XBGUA4pymPPyBmZ50fqAwlm1J7_x2RqXYMuXrGx-1ruh-BD8HHzLcROfTwRgpNOac9G_SLFqQj5g1byQ4IhOdSjhLMEH2pu_-i_o3m9aH8IBg1ky30Hd8YWqNDIausEbvfTkj5BrQcg22w0NHIfIuCOsQbeg7nF1xMFk2AWAuEDcbhzVTCVtmjZroes4Stgy2s1LqLYAkFhrnlVN7SnXTsq3gaCpedWr_B5v9dhbFGMVTLfGJgk2OxmAsiDMq3YtVqUjWAJovNc59zv51IAYLIXk5mw4VKnMLDBPyrgSkjXT-FHMH5IQlbqEUJf3fRLQivpFh8kyLJ4auIaO6htlwTCHUR7ExTEgaMd0JgecgTM4I-hfcHoKEbuy-_I5PYVyLkIVILrCURRCA_geogkcz69DHio14H5ob-7wmLYPxNpy77oLXXV8TDdYjQ8CT3sltISjKBAfurN4cSPq_l3YMFoFlT5nupN9GL6YCsketAhKksYCpWbFt7LgIXHCRnfoU0G0lR9_xjHIswCW_0BadJ5zScPkp0eX5GLxbZXxKIjaK-ylU-4a7b3gdihclEUHOigzALJyGgJpNICeDOspYC9rCJLAanlApVdUQ_EoLNAdICePORJgi3S5XBshYkZl89opzrYKs7Q6ZojbD7u2XFjOBd7R6V19MEnwvmHqIVZ6J01XxbjnlciucKfOLIP_RUrNt5qbzv_YZlGaShZDxjdadKy69l5HAyug2Q1jYSeZegrTDw7xUZ0wzCrIRCCFreN7CRho97BhpZPHNy6Bt8JtEZG36FmJ_fnXdbJ36n_s3rfDhiNv21BD8PMO-ogMqw97uBdqX4L7yxPiO8-lJy4BKj8WjMsiW31Zi5UG2yYfkHEEUZIghKHuNsFUcXX5JN76nyXQKKUIeqPaH4l3qdkkuKj4ar6XDnJcXLsnuxBtKFKffeEUqxsg-ehfx8I3jwDOKE5hPMEFClkl7HVV6lnvcj51gwBrcKH6AkuLARG-jCt3kU6WZe54glrpfxA0i9hgdWFdU0jT5035QYUSZDDuO8SxdC5cHh76LSKw1F_WArfEfQvG1HAhEX5k354q7E07OXXQQmoNV5M3oVLO_R8wLuW9hmFSmFwGFFe2RugncYMsXiNnqduKTr1alOdJPRjhdclb3XYbmlrjojgjJGhsnTmSs70R_yjupg3nErj9PDPHxv5JK27z6SP7XnEh6IG77fVl4m1aR8TqqnG84S21ZqrRMYTuGA92VTtglTw0eft3p7VPUWQMM9HdD5pkUVwj3byGwuW3wvg7gey4VsR3LIbAO53qTKwhVcpD6KMNmeUIGE4soveBUR03-KkgnAHAFTwYHgp4zOQjJl68qoV1Qj9MWWWRt8Tzbp1NlGCynP11de5C8C6QdOHU_LNyqHzUwliiNhHrt8kp2bCCqSlmbM3JaB_89cpOBHEpJpeguFf3OldJyW9p2HmzJMWgdwtHMau_2KEwGFiFYzJQrA9RgUrQqaFv-E-QGO4YhfnZKykp0iIrcX9S6hdhnqPdUH-Bq8CUzC9pQfePPTVkJobbYLV-dJ5VrkfNsKadkj2VD9x7TKP-bqcVAyu6VEv01c16RfwNQlvXz9y-t2sp0iaJ2GgpxnHbLz-3gomhhFecdcsRJ1FS__MwgEggvBixfuSmu3h31fNvxZJAQNR0DEWZSF-ejCBJ-OwY7HXwPZX9nMxxvW1OcNq_v_4VyL_q1-xFzF8oXcubwclwg1COEGqYZF7NcSe1tv0wubgoEzXj_pKMpKah_DwYf5s8WOCMQT8JvyWMt9Y0MAGN8z4a7UOgibkuoyJ33rkxfOSzbtJfhsA-gWiPLDCbLlUDVU4erNeMxCzmH0iBPIVetgnD_2tPOxLYF2-ElzXkVDVoDL7y5AlV840Imdir88tI&cid=CAASEuRoxsKg7pFLriDzenjc08le9w&rfl=2%2Chttps%253A%252F%252Fwww.ibluecg.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 00:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8676
x-xss-protection
0
server
cafe
etag
11618055936852703379
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 15 Jul 2021 00:37:09 GMT
default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame B4F7 		58 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
226040
x-guploader-uploadid
ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6688
cf-request-id
0b013f7cf90000c28b26a54000000001
last-modified
Mon, 28 Jun 2021 10:31:59 GMT
server
cloudflare
etag
"89accb82b2c3f55efa96d3f2495f234d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yFiPhqpz0f92LzteoKZTZukyqhXzgoVXbJ2e6JGWpiO%2FAxu0i2lVqr04KIND5Bv8Dek6Cq5DCSUZufWzR2rEYnM6mpKe0ZnYoSQt%2FjfIgsYY2htRCBbFMKxP4qCA0WV3"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624876319573767
content-type
text/css
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
667bcea7fce1c28b-FRA
expires
Tue, 28 Jun 2022 10:32:18 GMT
fxpcopuw.js
ad4m.at/ Frame B4F7 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ndtGUA==, md5=/5LvoHnoxEbm4C/6/XyRVA==
date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
47433
x-guploader-uploadid
ABg5-Uxp6BLlfFJIDLoI1jFxsoTki2I7AGTqXUpj-woLYZslYRPfPoFvXRWwgy8xINJ55FtpEUTtqu23PiPp_PC-4UA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0b013f7cf80000c28bea285000000001
last-modified
Mon, 14 Jun 2021 12:08:33 GMT
server
cloudflare
etag
W/"ff92efa079e8c446e6e02ffafd7c9154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bxAlZLQL9HBEw4Nb8Uav%2FD4%2B9C5tav%2B7m99DTKXaY6Ar950I3Sbwcs5U2DTCPT%2Bi5Q3e29PxU%2BDEj%2BNyjPLwVrcSSOD9K0iuwik1nYyDvgH2Dbz2U8zn22Kw8dhwXUxl"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672513020985
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11953
cf-ray
667bcea7fcddc28b-FRA
expires
Wed, 30 Jun 2021 12:09:05 GMT
sdk.js
connect.facebook.net/en_US/ Frame 62AA 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a43eb655f1d31bc42daba776bb651f9074fae7c5e9e4116bdd4ca922316dbab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5XkgxLnqxK6tp7hQ+vyqxQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1686
x-fb-rlafr
0
x-fb-debug
joj0nGfBdqqWaV/6JQz8+NNlttVPn8Sb4Cfh8RZrhMGnipsBdGGUp/mghc4d8tN6Yarp5ZD/cdEr9nuKo4ETBg==
x-fb-trip-id
686109401
x-fb-content-md5
4a4c78c5f6daad19c11deb2ab34adb00
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"dec63ee40f71d968aab0dd2544a46a6c"
timing-allow-origin
*
expires
Thu, 01 Jul 2021 01:24:30 GMT
api.js
apis.google.com/js/ Frame 62AA 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55e3416121cfe8a678fb2d941da8140d9aa0a655d5edfc4e799748019d68b23e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iRJBCBh7NbeKlGrpJ9nPfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"dcbc56415e566dfb774f37b563145067"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-iRJBCBh7NbeKlGrpJ9nPfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 01 Jul 2021 01:19:38 GMT
dpixel
cms.quantserve.com/ Frame D103 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA-HcvLHPNKKTjafatmJBU0&google_cver=1&google_push=AYg5qPLZGWu8QY48QSEZ68L0IQgMVASe1rU9eu-k4qZj9rD96bURZQ-c8jpx_qx5MQzYaO1AMtvd0_GKW3yeQ2bb2-ZcCXA-KeOV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D103
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESELs4sb_IhxJrevbpPNC0ezc&google_cver=1&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ
  • https://rtb.openx.net/sync/dds?google_gid=CAESELs4sb_IhxJrevbpPNC0ezc&google_cver=1&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&google_hm=rthgkfagwfobN9WiQ2LVuQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&google_hm=rthgkfagwfobN9WiQ2LVuQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLircbDf0I-de0fnpYhcp5CJ80BZa6EiFTrGokofjWu0c4hJlo2s-BnRlrCd5V6uO5Vj20c0cmqSw12sf-zEEoM6wdcGvBQ&google_hm=rthgkfagwfobN9WiQ2LVuQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
6j3t0qmruibcdatibaj4rip96t9b0213
pixel
cm.g.doubleclick.net/ Frame D103
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt2r3Dxcj2C0R1A41s0IgK3hsrMMJenKn9Gmy1uN3QJgxUO8G4QdQIp34cSiFj2WSO6FUuul9XtPsLqMLxywSrUc3Ub6YY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJt2r3Dxcj2C0R1A41s0IgK3hsrMMJenKn9Gmy1uN3QJgxUO8G4QdQIp34cSiFj2WSO6FUuul9XtPsLqMLxywSrUc3Ub6YY
date
Thu, 01 Jul 2021 01:19:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D103
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI7aFM74eec7764Rh_7g-iA&google_cver=1&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqly...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXOVUtMS1EWTFZ&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqlyCnHFCseJay44sM__s1UTCc5q8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXOVUtMS1EWTFZ&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqlyCnHFCseJay44sM__s1UTCc5q8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXOVUtMS1EWTFZ&google_push=AYg5qPIkJzSiaygvrOyxYX9tNnWhd1rpF4t8GEn0KZYQWC1PGQDxLuZcL3iCqd7_UPTmEtOSqlyCnHFCseJay44sM__s1UTCc5q8
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame D103
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6F...
0
0
trk
ag.innovid.com/ Frame D103 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESECdsDCIqPiOGANKCrSo4-Cg&google_cver=1&google_push=AYg5qPLnF91KhB3JoXNE43rT_jEXtJCBEqFTorcjl4aMdkseW-qwkjj8m7g9MphlJAbzbCIJNexdxpOaJQ1Gbxj0CirxcnSn3Bv9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:e336:1261:a63c:d3a0 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D103
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEEQWJhNY80Zmz0R6R0IPtAI&google_cver=1&google_push=AYg5qPJXbvzugOhsR77w_ywd...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJXbvzugOhsR77w_ywdD0nrDFvJpx0J9IpNQV_AL0wc2tMk5vzOlifPMzFcAPghSNLRLvG2DGRf1ie2lC5wrtWIlN8VlHFAEA&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJXbvzugOhsR77w_ywdD0nrDFvJpx0J9IpNQV_AL0wc2tMk5vzOlifPMzFcAPghSNLRLvG2DGRf1ie2lC5wrtWIlN8VlHFAEA&google_hm=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJXbvzugOhsR77w_ywdD0nrDFvJpx0J9IpNQV_AL0wc2tMk5vzOlifPMzFcAPghSNLRLvG2DGRf1ie2lC5wrtWIlN8VlHFAEA&google_hm=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 30 Jun 2021 01:19:38 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D103 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2uS3gmJuHhf4Lbz96aj2fXiwAtWixwWgc1i5BqhMO11WcOV2XvOZDPCmMlycrp7G0IBuAJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=2245567806&pi=t.aa~a.1219731105~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1696&idt=-M&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0&nras=2&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=1456&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=4Ppz0hcFWU&p=https%3A//www.ibluecg.com&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame D247
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jul 2021 01:19:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D247
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YN0YKjE5AIKakMMjaoOr1gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jul 2021 01:19:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFCYkpIhc6Qyp5teYbSLGwk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D247
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMa_w8i85eEU21mU48dIcwo&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMa_w8i85eEU21mU48dIcwo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
26d38bc1-25ec-471a-95e4-2277ebc2ef67
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMa_w8i85eEU21mU48dIcwo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D247
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE1NDA1ODY0ODU3OTUzMDc5NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE1NDA1ODY0ODU3OTUzMDc5NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICfxAEQ7KXQkAIYzsCHkgEwAQ&v=APEucNVieErXp7DYNIXclmNyN2SzWPWkEyl5JWvM_2Fq8xkTJeFNsll4xe267JpSuiVz_2IBqKyVFF-hTPzGwWFX5IzDHeFgHTcw9LFw42mwBDt2xzCWsTp5srAdT8MMFi_L2l7jijeOP197807_ZzoEpoNsbq4ygKgAKgBqvXYhvgmEHgR6Idw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fb0fddb5-b0d3-446a-b0dd-10bcbf7b59ec
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzE1NDA1ODY0ODU3OTUzMDc5NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 62AA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 08:39:51 GMT
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5416787
x-cache
Hit from cloudfront
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Apr 2022 08:39:51 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8OvHZVtG5wjRDIIqyfodUBPQrgkbuNVo1BTb_kWrRgloSHyrQoHCng==
x-cache-hits
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A6F6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 18:12:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6F8D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 30 Jun 2021 08:59:18 GMT
expires
Thu, 01 Jul 2021 08:59:18 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
58820
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A6F6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
180598e1846620eca391c22b08366f9698783e361e50e2d41e0aefe783f57940

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
cdn.viglink.com/images/ 		43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=9.635838709704926
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
age
11
cf-ray
667bcea89e7d4e97-FRA
content-length
43
x-amz-id-2
pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
9XASVBPZZ8WMPQ1Y
cache-control
max-age=15, must-revalidate
cf-request-id
0b013f7d5d00004e977a2f5000000001
accept-ranges
bytes
content-type
image/gif
pixel.gif
cdn.viglink.com/images/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=9.635838709704926
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a00d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
age
11
cf-ray
667bcea89e7e4e97-FRA
content-length
43
x-amz-id-2
pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
cloudflare
etag
"221d8352905f2c38b3cb2bd191d630b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
9XASVBPZZ8WMPQ1Y
cache-control
max-age=15, must-revalidate
cf-request-id
0b013f7d5d00004e9755078000000001
accept-ranges
bytes
content-type
image/gif
prebid.5.2.0.js
c.disquscdn.com/js/dist/ Frame F056 		330 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/js/dist/prebid.5.2.0.js
Requested by
Host: tempest.services.disqus.com
URL: https://tempest.services.disqus.com/ads-iframe/survey/?position=lightbox&shortname=shui-lan-mo-li-gong-lue-wang&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%230088cc&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ibluecg.com%2F&typeface=sans-serif&disqus_version=f3697df
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
921245a927687df28839dc3cbc1aa9226cd8352f5a44e85a5dbbc64fd7fb2bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Jun 2021 21:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187435
x-cache
Hit from cloudfront
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
content-length
101211
x-xss-protection
1; mode=block
x-served-by
static-web-2
last-modified
Fri, 25 Jun 2021 00:23:01 GMT
server
nginx
etag
"60d521e5-18b5b"
content-type
application/javascript; charset=utf-8
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
expires
Wed, 28 Jul 2021 21:15:43 GMT
cache-control
max-age=2592000
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
L4HN7YeBOnyY__ysiOQZnTjMC6R-8hER5EP0eEoUUYSzxUSGiBKe7g==
x-cache-hits
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B4F7 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1859996
x-guploader-uploadid
ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3262
cf-request-id
0b013f7d6300004e6ed1092000000001
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GD8T2qGligOrOClo5BM%2BRgW1JrOlY0O2BlKxeWbxLjUI4E3DvIsAr7md0pTfB3UvNEWzBQ5JS6nf7wAXzr6e60ofjNgUHQOTGkvJZF8gf2tDdiAP%2FdZRhVURCo2okhB1sB7HjxCvtjHL0PvPATQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
667bcea89f034e6e-FRA
expires
Thu, 09 Jun 2022 12:39:42 GMT
sdk.js
connect.facebook.net/en_US/ Frame 62AA 		233 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d504a7cfa7b9ba2db2a708381923f38a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc06b5b249c51ca87524cfa37c55d0a90d8afbf9585b50d87b609ee2071a7c59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://disqus.com
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
KI2AcmKnW5oWvlQV8/ltgQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69291
x-fb-rlafr
0
x-fb-debug
i++w57tsQHDmuWhs8AZR6XD9tar5/REJPuBT+1aqC59sRZ8334ZZ/pcuAkx9s3qEYCge8y24E7nVvU905pLMCw==
x-fb-content-md5
c6290e391022f123d2418bb8feef44a2
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"b131a2ef689089a892b1fcdf7ebf8dd6"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Jul 2022 00:39:03 GMT
frame.html
ad4m.at/ Frame 5E3E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 01 Jul 2021 02:19:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
620621
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0b013f7d600000c28b26a5a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KZpCo0plodwIKYTH7o39hN5bJWtPuWG7Yl5nWb6bpggNWzCityVEl5wahwceXp1917%2BoyB3gxQ5h5PGFOc%2BOlMNBYMWev7JWOPF8rJui84pREZHnX7dQ03Ym8l%2B0Hovv"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
667bcea89d8fc28b-FRA
content-encoding
br
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 05E3 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 30 Jun 2021 18:12:10 GMT
expires
Thu, 30 Jun 2022 18:12:10 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
25648
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/10176009/1601280494923/ Frame 133B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10176009/1601280494923/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f33befe0670afab53059aa8121e30cad52f32b6ccee6dd5af9f9ce2da173568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/10176009/1601280494923/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2324
date
Wed, 30 Jun 2021 23:00:29 GMT
expires
Thu, 01 Jul 2021 23:00:29 GMT
last-modified
Mon, 28 Sep 2020 08:08:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
8349
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A6F6 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLwPZtctppU1ZCzLwjnDysUqVXWPFHn443HpjZC7QOBZj6EtVt3KlPkf7-pyBV9YqkESOkop4gxpNswzAhclEqE-BchX_l4wtY6yPtNxLlnhoIb8ww2rzlAYx6EoJdkMrkNB1MsaejwL8yH5ZfHeseLzuPp7cyUJ2ar4P41ZWeplMaea8skqQF2JBSGpaqAnNQx60yz7OLyl0KXYn-3EUZB85nas0Z_TUe-tjHhCbFN4mZSjMhg7kNfFI8iyUwxGsKQrkTmtPHVwsROFm5KofR2CrrgFYYlBbKn2KQDVKJh8JEtJcUoNr07HtkVITpoP12WPlLL5UcUaAxDgMc6CJPMBMsC9E4TfW04SAcirh4mfdkRjhDkkDajmlH_OebozgF1Ueh3ooRMfXcDjqyhfaj4KhxexBWDDaK818GdpcGJMrk-6ziD3rSSYPay05fmW2LT2a-cMWLiO5KUimNDc-J6TAiH6EDFLMJuX4kROfRB3vL2a6-9ePN_o29ngn707RxX7CfQxn18CwaQNknBwMsmDC4H5uUW0BL0OhTwjN3UtrrBR7ZUDWekvEun0AdGDsAoR8BswtSeQkTHs5kdfWHecXGiLrZueMqsRPFjN7yTsKawjNA0AG07sfm7nM9NY8JRNq2EtidgfwEnvNeL1JVvkzT3-fAMSDB8N6pX-vwjuqQSFvF3eLTbkpJenlFtEtd-mRFJscuIY_GWpUt-Ns55YOm0f2LdCuZsRMy36Ku25GkI7frmPE90HsEUXM-WWjQux231SdULVooQms7PXvI6rO1rSEuiLC1czEgP1znRNnyhnxXS3_-64jy8RHlttzr4oOLrEH0nKaW4RSsXTzmyyUyn0VXDCbood40CEP36Pj-Prx8BXWeipjRemWb24rNcsv9qvFE83_7oXPrdFMx-KsfbhykZ9g02FWZDSDv0WhMQ6YBeq9vTiXOhJoGQeS8Zw5GoGqk3ShHuVPR7AAKxeYxL9LjMbOIf6G7T7__5IeO__TVcysvPa7SxN1lZwzpLb7nWF2Vfc5ANC9AA7T9JKKI6qBpvoTeae7TXRcwv3sYestCxgMR02vojhLh_Ja5jBnvmHNAAK85nLagWEjIA_hDXxpi3W0eifItzV-LQOTRNcs2U6s2urCDBASOceFq__aYgTFrmD3MWJWQTGF3S0lgLiP6c93WVZB7Z2_zaalSmiJZmTjsshqsF0N60nw&sai=AMfl-YTpKZ-URPqib0_I1RqZFrte0uaydBwWKuv0Pt2DbiedcfjHfF5Ly3Ao0Bzstzs-Sfjy_6fMsHyakXEDe6rsuWzAs7UXPfPajTN3dUtKh2b0MazAqGBC9sauUd8exYJP_DPpeysl9QO5a6f2PkzScg9BJZ4QWA&sig=Cg0ArKJSzMqMtIBnE-6sEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=134&cbvp=1&cstd=131&cisv=r20210624.08356&adurl=
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 01 Jul 2021 01:19:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/ Frame 62AA 		102 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ili
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 21:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34654
x-xss-protection
0
last-modified
Tue, 15 Jun 2021 19:21:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 21:32:55 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame F155 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
y2EUw.irPGYHWZQvvHFS16CCD7wJF5Fq
content-encoding
gzip
etag
"7f7f981d4ecb61feeff48e66441716da"
age
21979
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5628
x-amz-id-2
TklKzcscKDRV/KiZHZSW4Hmm6Wuc/xAae1ssr1JymSf8MvlqblKYbJKXGTrDqOG6ZMNoaHOT5iw=
x-served-by
cache-fra19153-FRA
last-modified
Sun, 30 May 2021 11:12:52 GMT
server
AmazonS3
x-timer
S1625102378.396836,VS0,VE0
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
x-amz-request-id
NWCSWNG0MX0N8EZJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
39
x-cache-hits
55644
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame F155 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
3876
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19153-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1625102378.396991,VS0,VE0
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
39
x-cache-hits
1682
tfa-eid.20210630-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F155 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210630-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b50b0ae0727d56d47c5961afb021d430ed8f70ce97c338f4419d95f45c94bfd

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VQpZ28fLlYEjQTDqgREenR02cWwpBXln
content-encoding
gzip
etag
"70fbbf0f15cb9960adb1746771166b96"
age
23
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4861
x-amz-id-2
lP/i6Pe4o0cLq1JGq0LIJAj1ggo5DJB43Eotj8fFccXuuLB6Rfj3KJUmMvnWdbit81jwOCr8x/M=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 30 Jun 2021 09:06:29 GMT
server
AmazonS3
x-timer
S1625102378.401006,VS0,VE0
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
x-amz-request-id
VV9HEMW5X8JD0X95
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
39
x-cache-hits
7
sha256.20210630-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F155 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210630-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6316093e7ec4e2b82febd6be54a25ccbb982b3f085972bda9f6a5dfb16ae67d

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
K0Z9m3Ifr9OKG.gpFW9fUmv5c_sFmca2
content-encoding
gzip
etag
"e0220f18a6ae168d0e1fd1e4b83ab808"
age
9
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2590
x-amz-id-2
TEaaX3mvgW/APQRN5icHqWcFarbCX7rcDzBKWoZ5HhB5KWU1JlaXgQuoWv1HjQXdMvgdBh0KveE=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 30 Jun 2021 09:06:41 GMT
server
AmazonS3
x-timer
S1625102378.401123,VS0,VE0
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
x-amz-request-id
7VP13ZNV0KDTN2SW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
39
x-cache-hits
4
tb
15.taboola.com/ Frame F155 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=disqus-widget-safetylevel20longtail09&unitType=226&tbloc=&pageType=text&pstn=%7B%22domain%22%3A%20%22https%3A%2F%2Fwww.ibluecg.com%22%2C%20%22experiment%22%3A%20%22network_default%22%2C%20%22position%22%3A%20%22top%22%2C%20%22shortname%22%3A%20%22shui-lan-mo-li-gong-lue-wang%22%2C%20%22variant%22%3A%20%22fallthrough%22%7D&uuip=&cisrf=https%3A%2F%2Fwww.ibluecg.com%2F&cirf=https%3A%2F%2Fwww.ibluecg.com%2F&encoded=1&uid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&variant=-100|478542&callback=TRC.videoTagCallbacks.videoCallback1&cb=1625102378402&tagid=&cntry=DE&platform=1&sesid=6258ce81df7adc5d018b2c9941bb1a80&itemid=/&viewid=1625102377781&geolat=&geoing=&deviceifa=&appid=&sd=v2_6258ce81df7adc5d018b2c9941bb1a80_9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9_1625102377_1625102377_CIi3jgYQktQ_GLXGmf2lLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B&ri=f92ccbb6df30afc744e12e29f9589bfd&appname=&cdb=&gdprApplies=true&rid=&sii=6053920184654703710&oee=true&tpubid=1042962&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BY&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1003147&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61f2df76aff38421bad56be75885e917b5c1f0a375a6e5c6ff9def0934efa16f

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
access-control-allow-origin
https://www.ibluecg.com
machineid
1430
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11533-HHN
pragma
no-cache
server
nginx
x-timer
S1625102378.423707,VS0,VE11
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20210630-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame F155 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210630-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9f5f51fdfd4f87656c7d97a7a1a7ee52029ad16454a0f3aed87766d5d024bb7

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YwBcjoAIe6LdpkrhX9Cw5awGj7NKZhc9
content-encoding
gzip
etag
"af32e7e3999f9d39b8333463a40ec9a4"
age
6
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7954
x-amz-id-2
n9DZfvvZVqU2Gv2ORXiORLzHvxTzak+6BGh3ZXbxL0iez9yAaIRj5NzFgvdSSF7J8Cq8jMlban8=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 30 Jun 2021 09:06:24 GMT
server
AmazonS3
x-timer
S1625102378.416148,VS0,VE1
date
Thu, 01 Jul 2021 01:19:38 GMT
vary
Accept-Encoding
x-amz-request-id
63ARFE261MQC7DBA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
39
x-cache-hits
1
debug
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/ Frame F155 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=03%3A19%3A38.385&type=warn&msg=Dynamic%20Translation%20load%20is%20enabled%20but%20response%20is%20missing%20the%20map.%20Using%20embedded%20solution&id=5911&cv=20210630-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7720
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAA7421ly0WwECIfG72Rt_4&google_cver=1&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsie...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsieboUqQm-Iohj3C2bQdOvyUKc01qjXEXaqKBW6EKklHh&google_hm=EoqK1v...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsieboUqQm-Iohj3C2bQdOvyUKc01qjXEXaqKBW6EKklHh&google_hm=EoqK1vdgnGGUxlCSLIWqfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLJvqWzs8iDoXEBMd0YZPlDqdWuH-rMq-HDmtmhzwqGCv0q-wgsieboUqQm-Iohj3C2bQdOvyUKc01qjXEXaqKBW6EKklHh&google_hm=EoqK1vdgnGGUxlCSLIWqfA
pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKJNGNyPDqAM2nqMmiHRyC3AGz0s3xbKKfxbmXHN1PXHqnvfninVh8OqufIpnRzgumTBUvVTaZ7jIzFbgDanhmIku1xuN-N&google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKqw9IYGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLSk5HTnlQRHFBTTJucU1taUhSeUMzQUd6MHMzeGJLS2Z4Ym1YSE4xUFhIcW52Zm5pblZoOE9xdWZJcG5Semd1bVRCVXZWVGFaN2pJekZiZ0...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb3AxQXkwY0d1a3JKMVNPZy1rX3lmOWZreEliZFdvMTlDMkpTcFZsbUItYw==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb3AxQXkwY0d1a3JKMVNPZy1rX3lmOWZreEliZFdvMTlDMkpTcFZsbUItYw==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb3AxQXkwY0d1a3JKMVNPZy1rX3lmOWZreEliZFdvMTlDMkpTcFZsbUItYw==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESELjJxjB4LVQV8_HU_ZouJhE&google_cver=1&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE&google_hm=rthgkfagwfobN9WiQ2LVuQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE&google_hm=rthgkfagwfobN9WiQ2LVuQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ5KoxH3a_Zpxya48Yfp_1DkbnxTU5Me49av7cNZksYbYSrOIs3LMzqNJZwZ_cuNLGnPHGnalB7QhmxhWL0n_1BQBckumE&google_hm=rthgkfagwfobN9WiQ2LVuQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
d6m048v3u8b67l70bsv2t00s59qj43vg
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI6QIQNqkj05HvbmD4brrRiIzqpsX0k1cX9W8ruxNnfTzYZ3nKoLSYKpa8UBvbGwrVMMd3syImFgMGi4DkgQoD1z7oaxBV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=184bq9ExS9iU3zn-yex2-A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJI6QIQNqkj05HvbmD4brrRiIzqpsX0k1cX9W8ruxNnfTzYZ3nKoLSYKpa8UBvbGwrVMMd3syImFgMGi4DkgQoD1z7oaxBV
date
Thu, 01 Jul 2021 01:19:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIu38ylV1UgJn_SpgyaBId0&google_cver=1&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXRFItOC0yR0ZO&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_qYygasEujcSZw0IXepg8SpJen
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXRFItOC0yR0ZO&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_qYygasEujcSZw0IXepg8SpJen
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1FLN1pXRFItOC0yR0ZO&google_push=AYg5qPIxQPjfuT5_aPwLMJ7p-JdkoOkkO91VhC-2r867z9_gFIEssruwqKEBPh1greCEEZFhUc_qYygasEujcSZw0IXepg8SpJen
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zoj...
0
0
pixel
cm.g.doubleclick.net/ Frame 6F8D
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEL4JECth1SUnIg7cIPVYaW8&google_cver=1&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixV...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixVzfMe-&google_hm=9T_A4qQTRxG7kq_t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixVzfMe-&google_hm=9T_A4qQTRxG7kq_tQOVI0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKF8EgMsQVJ_N5Xe-nbZQCmCT-7Ix4leDWrGcfL3cb2Qu0BrXIWiSj7uVb7KUx-XeF_k3Z-7J5LgYZV2_o18VwsixVzfMe-&google_hm=9T_A4qQTRxG7kq_tQOVI0g
pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 6F8D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtumAvrBJKNyoh4A7LZyWEUFbY00vB8mC2GVlhqWIWfWl30ks10WVkRLg_IDgNLuLJJVTn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
prebid
ib.adnxs.com/ut/v3/ Frame F056 		138 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/js/dist/prebid.5.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c3c68dc29db97dee7511ba7dae3b0e856fb873d67672fa8a4eb65b9831e44a9f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tempest.services.disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cecc1790-c4f1-423b-a17a-68b93c775e15
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tempest.services.disqus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1218312820__vl1UiqE0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ Frame F155 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1218312820__vl1UiqE0.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff143a53cee0e9f99e358ddbd0db968d78d52fec3911a122f50b9537b2e093da

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1255926
edge-cache-tag
619199537534121179352665999959204953342,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
946
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1218312820__vl1UiqE0.jpg
content-length
8256
x-request-id
7d5009a6396149efa25982a574215b4d
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 15 Jun 2021 08:20:34 GMT
server
nginx
x-timer
S1625102378.469137,VS0,VE1
etag
"0304e277d9039f0b72ca7f2631cbe689"
x-served-by
cache-wdc5553-WDC, cache-dca17730-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
efadee459eba5c296af65161ffe621e5.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efadee459eba5c296af65161ffe621e5.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c13d98764c162734281364388456c1fc1723be702b0641377a2ad6f760430708

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1881070
edge-cache-tag
349588031182708586587434131028371936232,370567720785842819168455839805625998768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
74
expiration
expiry-date="Sat, 26 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efadee459eba5c296af65161ffe621e5.jpg
content-length
10062
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Wed, 26 May 2021 10:58:07 GMT
server
nginx
x-timer
S1625102378.469360,VS0,VE1
etag
"8605dd82c213cad52a186e69baa0d573"
x-served-by
cache-wdc5541-WDC, cache-dca17724-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
0f08117e230a85430ea52293779ac00a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16d2c8f30d65c537a5259a8a96346daceb60f28a64f8b4092caac03e0255d98a

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1364397
edge-cache-tag
334104128982105477513627244562321066306,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
22
expiration
expiry-date="Fri, 25 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
content-length
3106
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 25 May 2021 15:17:08 GMT
server
nginx
x-timer
S1625102378.469187,VS0,VE0
etag
"a683632ba98258d499de1158ff163e57"
x-served-by
cache-wdc5541-WDC, cache-dca17767-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 5
508ef464ea5526d4a8155a1ec90db098.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/508ef464ea5526d4a8155a1ec90db098.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f84ad853a7a709dd9a391879ab72dd8eb3e8bdccaa669646e3fcae27ef7dc61

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1247903
edge-cache-tag
505751345675450044113199543503831380654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
438
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/508ef464ea5526d4a8155a1ec90db098.jpg
content-length
7540
x-request-id
f288ca7d84bfe6dad7dc56eb01d9b0a5
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Fri, 11 Jun 2021 14:31:20 GMT
server
nginx
x-timer
S1625102378.469886,VS0,VE0
etag
"2764b2c2878d80d635aae87a7a33a31d"
x-served-by
cache-wdc5545-WDC, cache-dca17723-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 9
00296fae472be544317d713708aa4053.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1885756
edge-cache-tag
341414001868996152015918467112407887788,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
21
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
content-length
5628
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Wed, 12 May 2021 07:53:37 GMT
server
nginx
x-timer
S1625102378.470240,VS0,VE0
etag
"fb519243048a6647dda505a16b98f5da"
x-served-by
cache-wdc5553-WDC, cache-dca17776-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 3
c04d2ae32993d78ad5e584106772a179.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c04d2ae32993d78ad5e584106772a179.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85c1d2b000181781ca5919155b1fccab622487e7e54f1d3ef56ec52680b7e5da

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1797296
edge-cache-tag
601758567072460164928123027502085725082,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
117
expiration
expiry-date="Sat, 10 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c04d2ae32993d78ad5e584106772a179.png
content-length
6044
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 09 Jun 2021 23:50:54 GMT
server
nginx
x-timer
S1625102378.470589,VS0,VE0
etag
"c2d13f52867743c2b882aada9bc611e9"
x-served-by
cache-wdc5544-WDC, cache-dca17759-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
KLN_Girl_sector_B66081_1000x600_English%26IMG%3D1EZL.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2019/02/ Frame F155 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2019/02/KLN_Girl_sector_B66081_1000x600_English%26IMG%3D1EZL.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
afcc6df500927a35a33ea784b4579de91fd379df0ca5a1e0b22b7fcb02210b94

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
2904052
edge-cache-tag
383894882387179644629626381819374554866,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
59
expiration
expiry-date="Sun, 27 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2019/02/KLN_Girl_sector_B66081_1000x600_English%26IMG%3D1EZL.jpg
content-length
19594
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Thu, 27 May 2021 12:48:14 GMT
server
nginx
x-timer
S1625102378.479761,VS0,VE0
etag
"9338d7ab547d25f9b371aaeb2ddfcd19"
x-served-by
cache-wdc5579-WDC, cache-dca17729-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
event.gif
referrer.disqus.com/juggler/ Frame 62AA 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4mm2udj33srvkr&experiment=network_default&variant=fallthrough&service=dynamic&area=lightbox&product=embed&forum=shui-lan-mo-li-gong-lue-wang&zone=thread&page_url=https%3A%2F%2Fwww.ibluecg.com%2F&page_referrer=https%3A%2F%2Fwww.ibluecg.com%2F&object_type=advertisement&provider=survey&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=&section=default&verb=load&extra_data=%7B%22time_to_load%22%3A116%7D&forum_id=6846046
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/ Frame F155 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront), 1.1 varnish
age
1550458
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
23743
x-served-by
cache-fra19153-FRA
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1625102378.480863,VS0,VE0
etag
"b683c290896a82c974838a04b4ea4aff"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
mMnmJ7s0t6-TZZw6udJyfub3BGJk9a38NWcLCQJzbry4BP8PMGrxow==
x-cache-hits
15769
status
www.facebook.com/x/oauth/ Frame 62AA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.ibluecg.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dshui-lan-mo-li-gong-lue-wang%26t_u%3Dhttps%253A%252F%252Fwww.ibluecg.com%252F%26t_d%3D%25E6%25B0%25B4%25E8%2597%258D%25E9%25AD%2594%25E5%258A%259B%25E6%2594%25BB%25E7%2595%25A5%25E7%25B6%25B2%25EF%25BC%258E%25E4%25BD%25A0%25E7%259A%2584%25E9%25AD%2594%25E5%258A%259B%25E5%25A5%25BD%25E5%25B9%25AB%25E6%2589%258B%2520-%2520ibluecg.com%26t_t%3D%25E6%25B0%25B4%25E8%2597%258D%25E9%25AD%2594%25E5%258A%259B%25E6%2594%25BB%25E7%2595%25A5%25E7%25B6%25B2%25EF%25BC%258E%25E4%25BD%25A0%25E7%259A%2584%25E9%25AD%2594%25E5%258A%259B%25E5%25A5%25BD%25E5%25B9%25AB%25E6%2589%258B%2520-%2520ibluecg.com%26s_o%3Ddefault%23version%3De34a397b02545d73e126b1219e8f0e66&sdk=joey&wants_cookie_data=false
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://disqus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
aBOYUZO/zWIkDe+ZjC+7gcOC4rUTu3Cy4qxmCp+PY8R+0c/eHbfWlQQvwZQ34v/J6qiCB9WW1UVPamVq/M28IQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 01 Jul 2021 01:19:38 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://disqus.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame 133B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176009/1601280494923/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 01 Jul 2021 01:34:38 GMT
index.js
s0.2mdn.net/10176009/1601280494923/ Frame 133B 		61 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10176009/1601280494923/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176009/1601280494923/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f49b31aa2c2ca1f66c14821a97ad2faed5eaba6a539349ff928602683c05c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 23:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18475
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 08:08:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 01 Jul 2021 23:00:29 GMT
iframe
accounts.google.com/o/oauth2/ Frame B4AF 		513 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.bnEFfFZ9cyI.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCNaq8ri2P66tzK7chsKcRiE1CsLyQ/cb=gapi.loaded_0?le=ili
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
71c51f0cb6cb8b3c92b9dc43c280857b96bd17efdda92a92a3cab8c97225e244
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pPpM/RgKch1xlGsx1RbPZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=218=F1apHGZa5hjGaHN7b04lCyqz5MLFR4O-abmr15LkRcXrjlO7HW7YwY7XY5bw_Q6NeJZHf3VEzT81d_iKX4mDHPDB_Qcb54AgjVZred9NBd5KD7RU3MtD6jOBAUbd52ZithOoq6bjWqZRFtkqvFclaR5qecn4fR4AM1jBOMptE8w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 01 Jul 2021 01:19:38 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-pPpM/RgKch1xlGsx1RbPZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1218312820__vl1UiqE0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/ Frame F155 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1218312820__vl1UiqE0.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff143a53cee0e9f99e358ddbd0db968d78d52fec3911a122f50b9537b2e093da

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1255926
edge-cache-tag
619199537534121179352665999959204953342,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
946
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/FKF/1218312820__vl1UiqE0.jpg
content-length
8256
x-request-id
7d5009a6396149efa25982a574215b4d
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 15 Jun 2021 08:20:34 GMT
server
nginx
x-timer
S1625102379.537889,VS0,VE0
etag
"0304e277d9039f0b72ca7f2631cbe689"
x-served-by
cache-wdc5553-WDC, cache-dca17730-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
efadee459eba5c296af65161ffe621e5.jpg
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efadee459eba5c296af65161ffe621e5.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c13d98764c162734281364388456c1fc1723be702b0641377a2ad6f760430708

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1881070
edge-cache-tag
349588031182708586587434131028371936232,370567720785842819168455839805625998768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
74
expiration
expiry-date="Sat, 26 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_888,y_503/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efadee459eba5c296af65161ffe621e5.jpg
content-length
10062
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Wed, 26 May 2021 10:58:07 GMT
server
nginx
x-timer
S1625102379.539971,VS0,VE0
etag
"8605dd82c213cad52a186e69baa0d573"
x-served-by
cache-wdc5541-WDC, cache-dca17724-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
0f08117e230a85430ea52293779ac00a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16d2c8f30d65c537a5259a8a96346daceb60f28a64f8b4092caac03e0255d98a

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1364397
edge-cache-tag
334104128982105477513627244562321066306,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
22
expiration
expiry-date="Fri, 25 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f08117e230a85430ea52293779ac00a.jpg
content-length
3106
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 25 May 2021 15:17:08 GMT
server
nginx
x-timer
S1625102379.540450,VS0,VE0
etag
"a683632ba98258d499de1158ff163e57"
x-served-by
cache-wdc5541-WDC, cache-dca17767-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 6
508ef464ea5526d4a8155a1ec90db098.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/508ef464ea5526d4a8155a1ec90db098.jpg
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f84ad853a7a709dd9a391879ab72dd8eb3e8bdccaa669646e3fcae27ef7dc61

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1247904
edge-cache-tag
505751345675450044113199543503831380654,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
438
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/508ef464ea5526d4a8155a1ec90db098.jpg
content-length
7540
x-request-id
f288ca7d84bfe6dad7dc56eb01d9b0a5
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Fri, 11 Jun 2021 14:31:20 GMT
server
nginx
x-timer
S1625102379.540533,VS0,VE0
etag
"2764b2c2878d80d635aae87a7a33a31d"
x-served-by
cache-wdc5545-WDC, cache-dca17723-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 10
00296fae472be544317d713708aa4053.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1885756
edge-cache-tag
341414001868996152015918467112407887788,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
21
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00296fae472be544317d713708aa4053.png
content-length
5628
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Wed, 12 May 2021 07:53:37 GMT
server
nginx
x-timer
S1625102379.540526,VS0,VE0
etag
"fb519243048a6647dda505a16b98f5da"
x-served-by
cache-wdc5553-WDC, cache-dca17776-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 4
c04d2ae32993d78ad5e584106772a179.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c04d2ae32993d78ad5e584106772a179.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85c1d2b000181781ca5919155b1fccab622487e7e54f1d3ef56ec52680b7e5da

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 varnish, 1.1 varnish
age
1797296
edge-cache-tag
601758567072460164928123027502085725082,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
117
expiration
expiry-date="Sat, 10 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c04d2ae32993d78ad5e584106772a179.png
content-length
6044
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 09 Jun 2021 23:50:54 GMT
server
nginx
x-timer
S1625102379.540597,VS0,VE0
etag
"c2d13f52867743c2b882aada9bc611e9"
x-served-by
cache-wdc5544-WDC, cache-dca17759-DCA, cache-fra19153-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame 05E3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 13:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
130704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:01:14 GMT
art_300x600_adventurerally_back.jpg
s0.2mdn.net/10176009/1601280494923/images/ Frame 133B 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/1601280494923/images/art_300x600_adventurerally_back.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7450578565694349&output=html&h=600&adk=1957196227&adf=1382071322&pi=t.aa~a.1219818442~rp.4&w=283&fwrn=4&fwrnh=100&lmt=1625102377&rafmt=1&to=qs&pwprc=5243471897&psa=0&format=283x600&url=https%3A%2F%2Fwww.ibluecg.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625102377575&bpp=1&bdt=1695&idt=1&shv=r20210628&ptt=9&saldr=aa&abxe=1&cookie=ID%3De907edc6f6809337-22ba419f6fc80093%3AT%3D1625102377%3ART%3D1625102377%3AS%3DALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og&prev_fmts=1200x280%2C0x0%2C283x600&nras=3&correlator=6851062296660&frm=20&pv=1&ga_vid=1171587868.1625102377&ga_sid=1625102377&ga_hid=1297111893&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=947&ady=3032&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31061420&oid=3&pvsid=4470442814270274&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=PavWmktV4J&p=https%3A//www.ibluecg.com&dtd=18
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e765e1abcaa36ba5e4f5312783954d2016304957f5f6b0f752f15741e63427da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 23:00:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 08:08:15 GMT
server
sffe
age
8349
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105575
x-xss-protection
0
expires
Thu, 01 Jul 2021 23:00:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A6F6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssLwPZtctppU1ZCzLwjnDysUqVXWPFHn443HpjZC7QOBZj6EtVt3KlPkf7-pyBV9YqkESOkop4gxpNswzAhclEqE-BchX_l4wtY6yPtNxLlnhoIb8ww2rzlAYx6EoJdkMrkNB1MsaejwL8yH5ZfHeseLzuPp7cyUJ2ar4P41ZWeplMaea8skqQF2JBSGpaqAnNQx60yz7OLyl0KXYn-3EUZB85nas0Z_TUe-tjHhCbFN4mZSjMhg7kNfFI8iyUwxGsKQrkTmtPHVwsROFm5KofR2CrrgFYYlBbKn2KQDVKJh8JEtJcUoNr07HtkVITpoP12WPlLL5UcUaAxDgMc6CJPMBMsC9E4TfW04SAcirh4mfdkRjhDkkDajmlH_OebozgF1Ueh3ooRMfXcDjqyhfaj4KhxexBWDDaK818GdpcGJMrk-6ziD3rSSYPay05fmW2LT2a-cMWLiO5KUimNDc-J6TAiH6EDFLMJuX4kROfRB3vL2a6-9ePN_o29ngn707RxX7CfQxn18CwaQNknBwMsmDC4H5uUW0BL0OhTwjN3UtrrBR7ZUDWekvEun0AdGDsAoR8BswtSeQkTHs5kdfWHecXGiLrZueMqsRPFjN7yTsKawjNA0AG07sfm7nM9NY8JRNq2EtidgfwEnvNeL1JVvkzT3-fAMSDB8N6pX-vwjuqQSFvF3eLTbkpJenlFtEtd-mRFJscuIY_GWpUt-Ns55YOm0f2LdCuZsRMy36Ku25GkI7frmPE90HsEUXM-WWjQux231SdULVooQms7PXvI6rO1rSEuiLC1czEgP1znRNnyhnxXS3_-64jy8RHlttzr4oOLrEH0nKaW4RSsXTzmyyUyn0VXDCbood40CEP36Pj-Prx8BXWeipjRemWb24rNcsv9qvFE83_7oXPrdFMx-KsfbhykZ9g02FWZDSDv0WhMQ6YBeq9vTiXOhJoGQeS8Zw5GoGqk3ShHuVPR7AAKxeYxL9LjMbOIf6G7T7__5IeO__TVcysvPa7SxN1lZwzpLb7nWF2Vfc5ANC9AA7T9JKKI6qBpvoTeae7TXRcwv3sYestCxgMR02vojhLh_Ja5jBnvmHNAAK85nLagWEjIA_hDXxpi3W0eifItzV-LQOTRNcs2U6s2urCDBASOceFq__aYgTFrmD3MWJWQTGF3S0lgLiP6c93WVZB7Z2_zaalSmiJZmTjsshqsF0N60nw&sai=AMfl-YTpKZ-URPqib0_I1RqZFrte0uaydBwWKuv0Pt2DbiedcfjHfF5Ly3Ao0Bzstzs-Sfjy_6fMsHyakXEDe6rsuWzAs7UXPfPajTN3dUtKh2b0MazAqGBC9sauUd8exYJP_DPpeysl9QO5a6f2PkzScg9BJZ4QWA&sig=Cg0ArKJSzMqMtIBnE-6sEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=342&vt=11&dtpt=208&dett=3&cstd=131&cisv=r20210624.08356&adurl=
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rs
ad4m.at/ Frame B4F7 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebc3ca959eca48d70457a7185cd0c555778519cfc330c321d61200c227567cf

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jj3bh696hwcjgkf1vyyttxtfyhkhc6bp3d5xk3y4dgxb5ccgmkgf0p87mbdm8h7eyhx3j6ns8w5xdfgjzt6y8stafwnwdpw8tac0gb4eedchs1ec1n1y55wcj3nprr23e3xxyb8qwadkbh69hsnn5dvs6xc6a9xh8krzppnvs9vzf9d6zqjatwnm4m8kvznzh58b07gd15yqvrncyxhw7b2gysdmct4vc3jd63rwpjpgcrwx21kj68vamppjg61hwmatq5gmr1nef6m7j41crmaj4w049ernzqnzhd8h01r3wmzfgm83qqk8ty6hm1qwj52p99x9xs0hx8bs21w6rd4v6de5dm52bydm5mfqmgtjbq9pkwm9m4kd2eh8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%26client%3Dca-pub-7450578565694349%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
0b013f7e650000c28b0daf0000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f8SoZ%2BvnGvkYcyzYT0MD1tSSUL0w6ZaoO2KZwpJYeY8g4r26ccs2wy8prxSULS2LpP2yC88FJlO0lsj6JP6S3AITKfIsmwjFuEAV6PTAA5yNmLbuaKxcqV3CUO2%2FMMU3"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
667bceaa3ef5c28b-FRA
art_300x600_adventurerally_dust.png
s0.2mdn.net/10176009/1601280494923/images/ Frame 133B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/1601280494923/images/art_300x600_adventurerally_dust.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28975e9da13dc469b328f24362d50d8b73edc61b94b2e5e48bd272509a485242
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:01:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 08:08:15 GMT
server
sffe
age
55076
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3185
x-xss-protection
0
expires
Thu, 01 Jul 2021 10:01:42 GMT
1716170664-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame B4AF 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/1716170664-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc7ba03dc94c1c92328a99cf06b8830081e8c9753076d5d16865cd507021944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 13:59:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40360
x-xss-protection
0
last-modified
Wed, 16 Jun 2021 00:30:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:59:11 GMT
art_300x600_adventurerally_line.png
s0.2mdn.net/10176009/1601280494923/images/ Frame 133B 		592 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/1601280494923/images/art_300x600_adventurerally_line.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a5bf846c0b4b17e92dfac8d164f0569d25ee15a720a07e408bb483299425fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:01:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 08:08:15 GMT
server
sffe
age
55076
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
592
x-xss-protection
0
expires
Thu, 01 Jul 2021 10:01:42 GMT
CTA.png
s0.2mdn.net/10176009/1601280494923/images/ Frame 133B 		564 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/1601280494923/images/CTA.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b70fd03e42db21a2d576949c3a76e5da656fcc51d0d3692862511e49317baaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:59:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 08:08:15 GMT
server
sffe
age
80407
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
564
x-xss-protection
0
expires
Thu, 01 Jul 2021 02:59:31 GMT
rar
as.ad4m.at/ad/ Frame 0657 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9296b95b079e2400e2175b154d0c0a61974d2e05ffe63d26e323747b9b9b03
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0b013f7ea00000c2b39692b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
667bceaa9f49c2b3-FRA
content-encoding
br
TXT.png
s0.2mdn.net/10176009/1601280494923/images/ Frame 133B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176009/1601280494923/images/TXT.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e9430adfa5df6165665667575297ee87c17f543950ce4c48e639d81d82d42fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/10176009/1601280494923/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 04:50:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 2020 08:08:15 GMT
server
sffe
age
73776
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9956
x-xss-protection
0
expires
Thu, 01 Jul 2021 04:50:02 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame B4AF 		14 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1716170664-idpiframe.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XmlHttpRequest

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 01 Jul 2021 02:19:38 GMT
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4mm2udj33srvkr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=shui-lan-mo-li-gong-lue-wang&zone=thread&version=e34a397b02545d73e126b1219e8f0e66&page_url=https%3A%2F%2Fwww.ibluecg.com%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D&section=default&verb=load&advertisement_id=184193&forum_id=6846046
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 0657 		64 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
231317
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0b013f7efa00004e7f982e0000000001
cf-ray
667bceab2e984e7f-FRA
expires
Thu, 01 Jul 2021 02:19:38 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 0657 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1127174
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ABg5-UwIkNOUZkyQMq3Kp6tFJ2kUiKOcE_5mAfmbAGX3tfBIHRd_MrOW6vKr5H6_TmE6_b-JyODKsiwvn_37zoc_Y_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18872
cf-request-id
0b013f7ef40000c2b39e218000000001
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l%2BlF7eM5CouJGcMz8ITX5GkzT0sLs8kI4pdAPKnxvi%2FvA52hR9S%2FPpIcco16MFuXxDz%2Bt6eVph49xyFD6pCIPYgJSUF65ck0H%2BBdxffVYk5bdP1Up55Q2WAcZSl4Rf3IgAu4sZOEmg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
667bceab1fa9c2b3-FRA
cf-bgj
imgq:85,h2pri
00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
assets.ad4m.at/product_image/ Frame 0657 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/00F619D8F00669FB6B148FCA1F359A7CA5A72E81F1698F0435018F83EA02825BEBAFD49E18F13D128B52CB0ABFB8FA7B803272A64A7914A87DB8504414D95994
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EZXtXA==, md5=mgoAJVijZFI0Dr9oP+Il1A==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
582181
cf-polished
origFmt=png, origSize=594083
x-guploader-uploadid
ABg5-UyTf6FeWBmyeJExuOi7GlY0O5gUODBvMLpe0qCESaQPFqhEaq-71hfFz0E5oJiJooQZU6IhwrvrSpqoVWzBhIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
307160
cf-request-id
0b013f7ef30000c2b3b0948000000001
last-modified
Tue, 22 Jun 2021 13:51:23 GMT
server
cloudflare
etag
"9a0a002558a36452340ebf683fe225d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BOcHMUMqI%2FOafD1yEG70SuPTR0FH%2FM%2F0J7QZIwFxpLffGLSksyjH0rIeWkyR44MD8ZChAU0K75rgR3M6fWV4XwnR1ii%2BLjrtj79I%2FHnDIsX8RSfJELbY6Oo4Oxai%2B6I%2BbjiEv3k84g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1624369883413081
content-type
image/webp
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
594083
accept-ranges
bytes
cf-ray
667bceab1fa7c2b3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 0657 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519575&v=14098&q=379092&r=412871&pv=1&pref3=oneidVx7fwfmfEdghVHbHAtRt8bGU5tzTzQkoneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 0657 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1128330
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-Uxq7P2nwVSkuZTkSEg7ynfoehxN_jsktc6syvnGz_8ihKUK5uH6rRVPcv4Opl6Z2KhsA8K5hpihRZEBhNQcVvk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
cf-request-id
0b013f7ef40000c2b3e105e000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1y03YdkGcObXfhFc2gikSZSj%2Bt50MWuDddXZsbZZKX0UNl76vA%2B7oQPbKE5%2F8kZ9XDbAuNUw7PN%2BMhI3E1LjrXR3%2BEs4x9grO%2BlTE3RxYZD8N4%2BW4HXE9MENyNr5jp5V4usYZDlumA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
667bceab1faac2b3-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 0657 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1126194
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwbIUGsRq83JM36JprxOgsBD6lKh1nY2l3BnWQZ8mWh2LUudq9jHuyeyP7z2Qlk1ZiWDEKQgVNmtV1LQrTTbho
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
cf-request-id
0b013f7ef50000c2b3b3a5b000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LdMtHJCg0OP8ru4PBoilKOSePhkzcmwrsy6pkHdr08Ou28rF3t7eTBlP5m%2Fl%2BxnR%2Bm63VAFjmT69%2FAK%2BObRGmdfdgXVBtOcQd%2FTcaJ1BhEG2gkaGkZsUbSqs5yGL%2BnfEKuwG94SuBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
667bceab1facc2b3-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 0657 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidDjeT3fwfe9T3HmH9t1tEjxT4tmTk8roneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0657 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
935924
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-Uwy0W-DdVJjWcpC6FduPnZhHbPyw2RCik7-I8cH6jjKNtZFzPAJEwzK3FGMfzhoKOFIvXS5i1t9lCWtD0x-j3E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
38696
cf-request-id
0b013f7ef50000c2b3681e7000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RoSNr%2B2jhWp0OkyUCN57gUE4Cp5mVmX6FhdrS%2FprmZkZ7RSBLZhHSplXV%2B7fJrTXpuui2g2X1Wz4NM7VtJEE8braqdBffAm6MmPv6l6DLlg%2B0yJPSeR4A5ubPU6jOTUu3TY2c8M9pw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
667bceab1fadc2b3-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0657 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Thu, 01 Jul 2021 01:19:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
620530
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
85604
cf-request-id
0b013f7ef60000c2b3dd941000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mdJ7DdP3nozAbx25k7BfHigIOvGRHR9F08AGx2q%2BLTwrHacdQ35I7WXQlgk4FrCNDCWst59PQ8tZ6kosFMKc7p7nNgivDM%2BmGCQlVIlNkW%2FijHn0yTonmnWCTm7AWIhQsm4xjCW9hA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Fri, 02 Jul 2021 01:19:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
667bceab1faec2b3-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 0657 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
bb0515fac1e9345bf4bd2881cda028400764be0f74a9da03af09951514edf7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Last-Modified
Thu, 01 Jul 2021 01:19:38 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
glitter.services.disqus.com/urls/ Frame 62AA 		636 B
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=shui-lan-mo-li-gong-lue-wang&thread_id=8570607854&referer=
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
9fba5738d954eb6c3e57f60710c45b92eca50c1dae4e9cbaa16e30392d20f98b
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
openresty
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
no-cache
transfer-encoding
chunked
X-Service
glitter
Content-Disposition
attachment; filename=f.txt
Strict-Transport-Security
max-age=300; includeSubdomains
Vary
Accept-Encoding, Cookie
noavatar92.png
a.disquscdn.com/1624570071/images/ Frame 62AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.disquscdn.com/1624570071/images/noavatar92.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.152a1430e3267673ea556dc28bb34a79.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Jun 2021 18:53:57 GMT
server
nginx
age
192909
etag
"60d4d4c5-66c"
strict-transport-security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection
1; mode=block
cache-control
max-age=2592000
x-amz-cf-pop
FRA2-C1
content-type
image/png
content-length
1644
x-amz-cf-id
CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires
Wed, 28 Jul 2021 19:44:30 GMT
ping
links.services.disqus.com/api/ 		316 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
25fee4112706779505d81726640467acc4631fa771b74af11b5b246b1f496321

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.ibluecg.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6GFtKRjdYOSzOoSZrATXiIbYDQAAAAA4AeAEAg&bg=!8_Cl8LTNAAYo4NJEKOA7ACkAdvg8Wif7iXJOoEGWYMyeWMi6CSusyMbL2N9mAdfdJrsIYtEV7d3TdAIAAADTUgAAACpoAQeZAsYRqzUYo_dh9cqwDnXNFFBR06pxNlf6HBJkRimAhN4d8pePY3I_7v76-t_D7_qSKBHDP3szXG-REz0MohOEsWuV4fH7QwNr8V1SX7ucevcSe8O29p9yAFzGXgmJ_ZoXRXIJh7pHf9Riv_96B0mte0WUSDonjiHOIKj-lNalAzGVLn5rCqAfpAO8W4QieDmViddOu26l4Lwm7Uf3q8laGuNESOIAogaS-tI63OEvb6AIiBs4gNEfDLzDINu-mTOTmeOXDevmSUnw_JLRRgBOY9dZS6lXJZCD2gPTWYlxGAPCvOcTPXV8gRYYPgkmPqb88NxG4P44KhX9c3ztGYSX4S-fAa3IgFw7v5XR9e-pmGIewnH6ECsj0ktdOcCMq_DU4xAssWSjszuM-LxnOUWiZeBVcv5bBPndBSzq3HggOaRunoU1xQi1rvt2yl6rgKyDp2LPzwJ0yB1O_uXJ_wqHTNMQt7Xun89VrvNMkA25ihv0YRyw4G4R9CeEuL4MimhjqmQuGkNpkcSvLyZ3rAVMGzb7-UedOEn9u5bjG2lXgzakKPSefc8fpxNNlocqqHOdHexa0d60zSjFKKKysAADfJLlpqUiGXPbeaUsfNFLw_530eleXBYo1fmIKImANuP6LsOyJLJY52_5CqxcDhCrbaf5d2EY9VXR788fq2qVle-S9QAU4LOrsPmZJpqD6ZeLeQ-Kfuzs2ic7thjW5Buta5Av5UZM0HBTKFaj-e6hE-55nyAtP6PTRn7DmNLSL25wVEhA5TbN5mPeZf4acFS_04Gs9_g12mVeEmOQFk0vfhixF8vZf7urFO6brWtt60aUQKb5eXIfcFtdpXYCIP-TUOxrGC_ZhYOFVLU-REYHpquBAaXXE9naa6WS0gjnWPnZvP6TWu6Vlw8jpW7OOj7TtzI7U5UrFlpB8Oe1Bhh9capwCfLuiA3BAw
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.gif
links.services.disqus.com/api/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:39 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api/ 		41 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
09f1975a73f359323ee45df33ed5c2e68f687449edbbfe85e2638b0bde71b25b

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.ibluecg.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
event.gif
referrer.disqus.com/juggler/ Frame 62AA 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=1046&event=init_embed&thread=8570607854&forum=shui-lan-mo-li-gong-lue-wang&forum_id=6846046&imp=4mm2udj33srvkr&prev_imp&thread_slug=_ibluecgcom_86&user_type=anon&referrer=https%3A%2F%2Fwww.ibluecg.com%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:39 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
362358.gif
idsync.rlcdn.com/ Frame EEAB
Redirect Chain
  • https://ejp.rlcdn.com/501709.html
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
42 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:method
GET
:authority
idsync.rlcdn.com
:scheme
https
:path
/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
rlas3=BUUfmLF7pnif9g9joVlXWkyTGdVv/uzQmKyEtEIeoZc=; pxrc=CKqw9IYGEgUI6AcQABIGCLrqARAAEgYI6d0qEAA=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default

Response headers

cache-control
no-cache, no-store
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
rlas3=hnDlDaCkdhGf9g9joVlXWkyTGdVv/uzQmKyEtEIeoZc=; Path=/; Domain=rlcdn.com; Expires=Fri, 01 Jul 2022 01:19:39 GMT; Secure; SameSite=None pxrc=CKqw9IYGEgUI6AcQABIGCLrqARAAEgYI6d0qEAA=; Path=/; Domain=rlcdn.com; Expires=Mon, 30 Aug 2021 01:19:39 GMT; Secure; SameSite=None
timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:39 GMT
content-length
42
via
1.1 google
alt-svc
clear

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA1e0_9NvWlbm3E9tGDcpBk&google_cver=1
date
Thu, 01 Jul 2021 01:19:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
289
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.html
live.rezync.com/ Frame 67D8 		507 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c4mk7f9t1hlt8d7&pctry=DE&referrer=https%3A%2F%2Fwww.ibluecg.com%2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
lighttpd/1.4.33 /
Resource Hash
3288bdd2118d966ee43087fefb7cc8700a4d0350e678d4fbe47d54648919a369

Request headers

:method
GET
:authority
live.rezync.com
:scheme
https
:path
/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c4mk7f9t1hlt8d7&pctry=DE&referrer=https%3A%2F%2Fwww.ibluecg.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default

Response headers

content-type
text/html; charset=utf-8
content-length
507
date
Thu, 01 Jul 2021 01:19:39 GMT
server
lighttpd/1.4.33
set-cookie
zync-uuid=4ef55096-9fba-4cf3-9f95-9df2a7d8e38f:1625102379.07; Domain=rezync.com; Expires=Mon, 27-Dec-2021 18:19:39 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVikELgjAYQP9KfGcPZoEldFMiaA5qFvMiNRdO91m5STHxv7du7z3eBNVLDnjrZW8hscMoAxBaeTOQTFAr8x49gVhjFz-2dtlou6ljmAMw0hj17CtV_8_F3V_5_oI5Kz6UcUuvpeLnMOQRd0emkbLCtxMSzFZl2mjiGqRtFpG2-JL04HLXjSQVO5jnH_d0Mt4.E76pqw.1Anj50OkBwef3yZ7hub9ChSJIyc; Expires=Tue, 28-Dec-2021 01:19:39 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache
Miss from cloudfront
via
1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
274Af-yn1wL4LCD4NO7nw8fFV5I_IaKkuBaN90EfT71lle0zMict6Q==
/
io.narrative.io/ Frame 62AA
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac4mk7f9t1hlt8d7
  • https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7
  • https://io.narrative.io/?io.narrative.guid.v2=67ccdf60-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=67ccdf60-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:39 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=67ccdf60-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c4mk7f9t1hlt8d7
Date
Thu, 01 Jul 2021 01:19:39 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
/
io.narrative.io/ Frame 62AA
Redirect Chain
  • https://io.narrative.io/?companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F
  • https://io.narrative.io/?io.narrative.guid.v2=67c82470-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F
35 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=67c82470-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=shui-lan-mo-li-gong-lue-wang&t_u=https%3A%2F%2Fwww.ibluecg.com%2F&t_d=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&t_t=%E6%B0%B4%E8%97%8D%E9%AD%94%E5%8A%9B%E6%94%BB%E7%95%A5%E7%B6%B2%EF%BC%8E%E4%BD%A0%E7%9A%84%E9%AD%94%E5%8A%9B%E5%A5%BD%E5%B9%AB%E6%89%8B%20-%20ibluecg.com&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 01:19:39 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=67c82470-da0a-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac4mk7f9t1hlt8d7&ret=img&ref=https%3A%2F%2Fwww.ibluecg.com%2F
Date
Thu, 01 Jul 2021 01:19:39 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
pvClk.min.js
analytics.webgains.io/ Frame 0657 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 18:39:37 GMT
via
1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Jun 2021 16:00:47 GMT
server
AmazonS3
age
24003
etag
"edfa65aada7c65cbe3a78f39f8444ab3"
x-cache
Hit from cloudfront
x-amz-version-id
9gxRQLkEbSwlqYx89yHTPWBPBM9yYdWx
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
content-length
60765
x-amz-cf-id
jfG2KaiheoHAxlxcPk5jsqgDhniEQUBs0y5Q7-b8ZQo1r0P29u33OA==
hit
diapi.webgains.com/2.0/ Frame 0657 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Y4WJaMfquxQ_i.uJtHoqvynx9MsFyxYM914Ve_clr9Py.25.ea8IXb9WJMSuMtTnxEMsZPuVr914VecL57GY5BNv_2TjV.CGo&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221625102378%22%2C%22%22%2C%22%22%2C%22%22%2C%221780622378%22%2C%22oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz%22%5D%7D&wgchecksum=dc6b25b3a443e669b882f5ac6a5abfab&userIP=141.98.102.252&doAffectv=1&wgtime=1625102378
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneidbM4CQfZfp5QFYHbHzt8Cwr5uetJT5Weoneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidxRkSmXEn0ag2IsR36lu7xHqU6I4jnxKSasuid__dc_reach_suite02wkz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Brixton, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 01 Jul 2021 01:19:39 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 0657 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7oneid__asuidaEQcQi9hdrqwMDUvBne3l-xx-DZ119S2asuid__dc_reach_suite02wkz&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23567%2C823%2C24673&b=Vx7fwfmfEdghVHbHAtRt8bGU5tzTzQk%2CDjeT3fwfe9T3HmH9t1tEjxT4tmTk8r%2CPxefBfbfRbzh9HjHbtMtPzEHbt9TPM7&f=m3AsefGfJpzSmHZHZtQCEjYsjtwTX8A%2CdEQfEfkfDGtEHjHwtqCkYZsKt4TGW4%2CbM4CQfZfp5QFYHbHzt8Cwr5uetJT5We&c=160&d=600&e=xRkSmXEn0ag2IsR36lu7xHqU6I4jnxKS&g=c4f6792bc4c410e5d2a024b8c5db45e0%2F6454072220431819697&i=25007%2C9719%2C20430&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D225p4c0g9fnjxkfxta0r6b8q16rs4xd4z61fvz37b61p0vfmmcjmpkygbv9v269mhap3dghbn60ddk0jvk02xxeztq6nkrhp7f97vaqwzp1m0x7xjgy9bj4nf6s7p33m938j2yh01rf6w3fqzzwcz3hcxpz7bn3gjhnc5sy0xt4qbzbkvgnt0n7567aqvtatdkmc278v4ket67vwhbgzjqc4pt3zwg12mxjxdykb6r04054ja69qj1egtpb5p%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCWT19KRjdYKmwJbKR7_UPkKKY0AiQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTc0NTA1Nzg1NjU2OTQzNDmgAcKu6N0DyAEJqQIZv4H2vuSzPqgDAaoEyQFP0KSkWVPIqHlnAxru4Ac0OmhcdQWDBDHtNqbibk2rhmAZMGCBS-OBl6RShv6ibIXXIHHeG6KXbTePQ2yk6BFbbjg35QTzhw3oA8UHQWhwKCtEtP2kcRDb8-r5-iqFqm-bibcfJ5o2UvRt-fGapfKjlN6fe-8zU-blKoQa0HOzjrrX8mgX0NfGcF5rBiL0DnpZp2n_s9Ikw7AdjXV9r-tDNadr_mxnWp14D5in5g80kGA0VHnlXpUBed961c3C3KpAF8WZr2C9wgiABsDvicrzvoaAjgGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeKnLEC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2p3PpFOk56HN6TIKYM7J6u5jMDZA%2526client%253Dca-pub-7450578565694349%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:39 GMT
Last-Modified
Thu, 01 Jul 2021 01:19:39 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame 0657 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1Y4WJaMh1OVhk6Hb9LarUqUdHz16rgPtFFg4Jh5DtQs.BN1eN_D9Re4GSrdU_vEoxjXGfe2Rc7L1eWNNW5BNlYiJCuy.5XW
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 01 Jul 2021 01:19:39 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
52154.gif
idsync.rlcdn.com/ Frame 67D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=3154058648579530794
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4ef55096-9fba-4cf3-9f95-9df2a7d8e38f%3A1625102379.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc4mk7f9t1hlt8d7
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c4mk7f9t1hlt8d7
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3154058648579530794
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3154058648579530794
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c4mk7f9t1hlt8d7&pctry=DE&referrer=https%3A%2F%2Fwww.ibluecg.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:39 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ae1e3fb1-ddeb-4af2-9789-961bde239d74
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3154058648579530794
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
397676.gif
idsync.rlcdn.com/ Frame 67D8
Redirect Chain
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=4ef55096-9fba-4cf3-9f95-9df2a7d8e38f%3A1625102379.07&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
  • https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871316021246751551
  • https://idsync.rlcdn.com/501709.gif?partner_uid=c4mk7f9t1hlt8d7
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397676.gif%3Fserved_by%3Devergreen%26partner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=yd3bM_gPx_Wp4cZxezYW75Oa2TfAsE5N
42 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=yd3bM_gPx_Wp4cZxezYW75Oa2TfAsE5N
Requested by
Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c4mk7f9t1hlt8d7&pctry=DE&referrer=https%3A%2F%2Fwww.ibluecg.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://live.rezync.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397676.gif?served_by=evergreen&partner_uid=yd3bM_gPx_Wp4cZxezYW75Oa2TfAsE5N
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
4247
date
Thu, 01 Jul 2021 01:19:38 GMT
content-length
221
content-type
text/html; charset=utf-8
bulk
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/ Frame F155 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 01 Jul 2021 01:19:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1625102379.463433,VS0,VE9
x-served-by
cache-hhn11563-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.ibluecg.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
like.php
www.facebook.com/v10.0/plugins/ Frame CE76 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=46428424cb62aa4030725f1b60130361
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
106745f14dfc064dce32d02e5c66e8cf9b99be65b2e5fd31f025a1d784e4b2d2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v10.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
yQ2nfGHuffF6zG2rW9KFUi0M2ZQCj/YPKqtgAALoJZumALakGFjdiNFzShOmG6zyO/+agL8CuQdJwhZd4ueW9Q==
date
Thu, 01 Jul 2021 01:19:39 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php
www.facebook.com/v10.0/plugins/ Frame 1C88 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=46428424cb62aa4030725f1b60130361
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae51a012a758ad86c2f16b23532a32a49329d609b33e7f23accf414658526681
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

vary
Accept-Encoding
content-encoding
br
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report","include_subdomains":true}
x-fb-rlafr
0
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coep_report"
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v10.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
t+XPnzL6NfUC9D4Mrun9cx+aSEGFUUiEblwGowa3ngZGADpN/4ntI6JZtIR1Hwphz1T/FbY+shiaZqoju3+DUw==
date
Thu, 01 Jul 2021 01:19:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
feedback.php
www.facebook.com/plugins/ Frame 7E11
Redirect Chain
  • https://www.facebook.com/v10.0/plugins/comments.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%...
  • https://www.facebook.com/plugins/comments.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww....
  • https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww....
113 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=46428424cb62aa4030725f1b60130361
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab4ab97c84986383a17985726f3cfc2bb005c84b69d963887d7c443bd72ccae5
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net;font-src *.gstatic.com *.facebook.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co https://facebook.com;frame-src *.doubleclick.net *.google.com;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
xaonaAA3GgPjroHc7z/Qi/DJWQTBMpLGhgF11YNRbD00PwUfBf0xZTQkIkhJllMv4lFIeD6BfSNBHn5vrCyTDw==
date
Thu, 01 Jul 2021 01:19:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
mffS6UxBZZQGUk1yA5pI3ueovosNEZ3h44h55zmiwVuU0De+rIW0K7szWvNnCoeOv1y9ZQWpBWhAd1gVrCbkuQ==
content-length
0
date
Thu, 01 Jul 2021 01:19:39 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210628&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff060b9ccf920cdb34f531bb754a06d85ba503778af693ba7845fdc15e268d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7903
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210628/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7450578565694349&plah=www.ibluecg.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 01 Jul 2021 01:19:39 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame F155 		254 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.ibluecg.com
URL: https://www.ibluecg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
6149
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1625102380.540653,VS0,VE0
date
Thu, 01 Jul 2021 01:19:39 GMT
x-amz-request-id
6P8Y14FA9N2SAAH6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
39
x-cache-hits
473
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C95F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 30 Jun 2021 22:13:12 GMT
expires
Thu, 30 Jun 2022 22:13:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
11187
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E616 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
287a66267efd124ddbeafd54bdd692476cfbe10df10ee2855795e3bea19eb0ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eRBrTv1Hp5QhTW489qRklw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.ibluecg.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=218=F1apHGZa5hjGaHN7b04lCyqz5MLFR4O-abmr15LkRcXrjlO7HW7YwY7XY5bw_Q6NeJZHf3VEzT81d_iKX4mDHPDB_Qcb54AgjVZred9NBd5KD7RU3MtD6jOBAUbd52ZithOoq6bjWqZRFtkqvFclaR5qecn4fR4AM1jBOMptE8w
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.ibluecg.com/

Response headers

expires
Thu, 01 Jul 2021 01:19:39 GMT
date
Thu, 01 Jul 2021 01:19:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eRBrTv1Hp5QhTW489qRklw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
pagead2.googlesyndication.com/bg/ Frame C95F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 13:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
130705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5744
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:01:14 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame CE76 		400 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
1e2SukOgHd344UbyljCrKTbPFHTkTq1oE+kcCoGDVujhMZCHXwno6DEwDbmFFl/pjJZlArYdg4kgcq0wcOPkbw==
x-fb-trip-id
686109401
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Thu, 01 Jul 2021 01:19:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
expires
Wed, 29 Jun 2022 06:48:16 GMT
g_g6woA6qqU.js
static.xx.fbcdn.net/rsrc.php/v3iUNC4/y_/l/zh_TW/ Frame CE76 		511 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/y_/l/zh_TW/g_g6woA6qqU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df031ba318582d06b8dbb4c1e8c5fa74c92361637a33d8a966844e8b06f05d0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vIu/jYBlQ2xk0yNq75mLVA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
136979
x-fb-rlafr
0
x-fb-debug
SV9itOdQtU9VETGnMyViw+iWAe+BNs/L9UGrDd+CdMNmS/fksv8f93Bh+fbjfp94NXt2H9UTJbcpCsIOHZ6dIg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 20:41:43 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 1C88 		400 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
1e2SukOgHd344UbyljCrKTbPFHTkTq1oE+kcCoGDVujhMZCHXwno6DEwDbmFFl/pjJZlArYdg4kgcq0wcOPkbw==
x-fb-trip-id
686109401
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Thu, 01 Jul 2021 01:19:39 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
400
x-fb-rlafr
0
expires
Wed, 29 Jun 2022 06:48:16 GMT
g_g6woA6qqU.js
static.xx.fbcdn.net/rsrc.php/v3iUNC4/y_/l/zh_TW/ Frame 1C88 		511 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/y_/l/zh_TW/g_g6woA6qqU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df031ba318582d06b8dbb4c1e8c5fa74c92361637a33d8a966844e8b06f05d0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vIu/jYBlQ2xk0yNq75mLVA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
136979
x-fb-rlafr
0
x-fb-debug
SV9itOdQtU9VETGnMyViw+iWAe+BNs/L9UGrDd+CdMNmS/fksv8f93Bh+fbjfp94NXt2H9UTJbcpCsIOHZ6dIg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 20:41:43 GMT
Jv8lWVO41O5.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/1,cross/ Frame 7E11 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/1,cross/Jv8lWVO41O5.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bdbbde4b33700d67556d270b880d384322de3860a250d8ffd92415b8c066c0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b8CIo3/m2hy3KHBgW6lH3w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5357
x-fb-rlafr
0
x-fb-debug
AoxfBK3wnysSLsNQ90jmpCeur5JR3FQ1s1LgphC2h1g5gtsUEZJQNWF24h8xRf70feQJvI2e0AgNDwi3TlNMOQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 21:11:06 GMT
5tfKlAr2zsp.css
static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/ Frame 7E11 		128 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12102adcc3bb5afc57516d22d129f09b2a040a9274a76ba4cfb3e561b434d1ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jtg5rcLv8DAzdfWFC3YraA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20914
x-fb-rlafr
0
x-fb-debug
iK/CAnxCmo7H56OvIWiu5JrXb02UtkPNh1O9jnkXV1R0C+EIZZEOw4FXp68H/S9ZA8ayDvrr2XrcsbbBfQgVZw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 05:31:49 GMT
RQ201l34gdj.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 7E11 		298 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RQ201l34gdj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd80a570e588044ccd6c01fcc16438ca70d81ac082b462bd3c2f45227099cf32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EIVlep+hkfaRHoXHX9lMOQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
82842
x-fb-rlafr
0
x-fb-debug
6bB5rnZn/fDuna9mS48Oj1WRzf0HD4M7bcs7+A0xzk96xjHE5m2UNUHbOjgs9qdwxetL39Ezcd/G0v0jgnOi7Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 07:32:36 GMT
x7GJVvJCy1Q.js
static.xx.fbcdn.net/rsrc.php/v3i63m4/y7/l/zh_TW/ Frame 7E11 		156 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i63m4/y7/l/zh_TW/x7GJVvJCy1Q.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
15ec9dcb1edbcbbe152e5ca5d6018ca4cc46eeda6d506c8382d537c3045db17d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QdU2Su9oIbIgkkF3yYAP2A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44503
x-fb-rlafr
0
x-fb-debug
zy7u/5xJQLAXuK30RnvPWxzgG1OSZPHLIGcQvOTm2yZ+QFCjvRJlmS9Hh2txSI2fpYucWOgIPNentAFH1FEHZw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 20:42:10 GMT
tl2mTgCPej3.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 7E11 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/tl2mTgCPej3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cf66dfe6d3fe08050c95a346b87c6336b3e9804508bd2c45b208f425f719d19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WTGtwSPHp0Qoe+pXP7yynQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
11725
x-fb-rlafr
0
x-fb-debug
3DGfQZgpT9YafJlS2eYkZYYhNBKrI603NV8CSESEVNusiemgXzSR5my0b6Nx0xSs9SKN/sZ+uuYcaFzLjimVrg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 08:19:27 GMT
sdBBJf-ji9g.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 7E11 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/sdBBJf-ji9g.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d5dbcb0cc208bfd3854dfa519673206840805c0d98d576567cec5b2345aa922
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wQOg+DE8YXI1ByoMG+WkuQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1766
x-fb-rlafr
0
x-fb-debug
J/PDGaFSdKhwakbWKsQtjXTX9vLlFXV+bFI1mFQagHX1dK4bQ4Zt8uHD6l3PucYk1p/20YmjcImDRSQu70+SEQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 20:09:27 GMT
2dVNpDhE05H.js
static.xx.fbcdn.net/rsrc.php/v3i_0R4/yG/l/zh_TW/ Frame 7E11 		1 MB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i_0R4/yG/l/zh_TW/2dVNpDhE05H.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e3168be695ceb2a6858d011a3b9d6f1d3cd5d793f06045a5a2c1668f54915e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YJ2jZkFWh6VizqtNmTKDYA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
332643
x-fb-rlafr
0
x-fb-debug
QNfdXo7ynF5ACFpOpAKDFGV6Dnc1mYEosvVewoNXebg3y2aYuCiG4dfAHI0V5OgGAwDjZuBGM9Xbn4/UlHadMw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 23:59:37 GMT
okhvk7_ek8z.js
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yj/l/zh_TW/ Frame 7E11 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yj/l/zh_TW/okhvk7_ek8z.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed8750eb1f47e4c8e3fd3a36d7af92a96848a6cd58bfd9dfafd14030b37e7828
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
j5ph9OSyGUmFWcqWAS7znA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
11477
x-fb-rlafr
0
x-fb-debug
oEiOqDCV+yD/biyTGSGeSPcfbO4YWORuSpjm01yJ8pqm+Jm+BikssKBd7gvbY7KKk80kj5SS1qaYcj4vSzkJeQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 30 Jun 2022 02:26:02 GMT
tracking-event
api.webgains.io/ Frame 0657 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.16.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
34.249.16.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cavalry_endpoint.php
www.facebook.com/common/ Frame CE76 		67 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1625102379898&t_start=1625102379898&t_domcontent=1625102379923&t_layout=1625102380005&t_onload=1625102380005&t_paint=1625102380005&t_creport=1625102380005&t_tti=1625102379923&lid=6979761572184420515-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ab5f2ce069378%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=40&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
HeJRyvBdBubui0esNCDIesddRmsJ1/Ei6M0FwJu9I+ofBBRpdRmKhH7iwaaifrnuTK98Fp/6RUWREXcjEIrQLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 1C88 		67 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1625102379902&t_start=1625102379902&t_domcontent=1625102379931&t_layout=1625102380006&t_onload=1625102380006&t_paint=1625102380006&t_creport=1625102380006&t_tti=1625102379931&lid=6979761570674175337-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v10.0/plugins/like.php?action=like&app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df23d826dcc2761c%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&href=https%3A%2F%2Fwww.ibluecg.com%2F&layout=button_count&locale=zh_TW&sdk=joey&share=false&size=large&width=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob:;report-uri https://www.facebook.com/csp/reporting/?m=c;
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
+M4cY+c78A0dSs0vEUIiIGWzvYjIMsnLb3FsxFEolnxqNwNnHYlTMbLflHIY9+DHd+r1kg6lW1di50eAol8WoQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
Q9C/bIH2YvZQfjmlh0aYSjr4oV+yDSnltSPRiRDACApBIoBAFjqdo8Y7fhWG64/D7ERXB3Xm/i/DwFIPOY1iBQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
PpTO/k/YJes1TGTC7Uj+KC93P/rb9UxKrKA/Vy1JivTjAST3EPFbFxrQhixQntAW2DhS3fgrLLnm6ACeXdgXnA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
I/ioI62zlbWYwcDp63pe8wa5JBHzTEqtCj3VjTpgBqS5two1O4zEMHzLMw6mShD0I4UKaJfUv4c4xnIQ6PslMA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
giihYHDbmTzhS3LwOfqKQjMSNLJ4Wqm216WcooDPoMuhuZGU/XsEbmqO2IUUIbtw8l+20u1PqUSShIdnjrt86A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
LwoOCzToj//ChdGHthfVaADwMh6jtxCYWIaRtdJiiMwJ8GlIiIL/fUA6w2ykEBtR0CGmrptW+cTMvWFt93+GBQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
dXUIcXrS+bxPafF8PnGyZk1cWbP+SvD7WdGX21F5KfSq5DW4G0LwlFe0TW3ceqzZwoaF0KVGmiow28/+mimMig==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
WQqSErOk3VhD50b+KyPrSDvcA67TCtR2k7TkYe/EiTQt4/P1ohGkLGBqiU7i//0VxvC/jTeVxf8lSU1nY1/0qA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
/
www.facebook.com/csp/reporting/ Frame 7E11 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/feedback.php?app_id=4242578805821029&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e364afcb9c0ec%26domain%3Dwww.ibluecg.com%26origin%3Dhttps%253A%252F%252Fwww.ibluecg.com%252Ff1bb7eb168cee6c%26relation%3Dparent.parent&container_width=850&height=100&href=https%3A%2F%2Fwww.ibluecg.com%2F&locale=zh_TW&numposts=50&sdk=joey&version=v10.0&width=700
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
x-content-type-options
nosniff
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
jYufBSbpLQydZc8IrVD/b/q/OTgQbaOEqQTdpfREISQFbBmEle756tulR8LM7To1nt/eTPNcx7+lpyaWBxfzEg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 01 Jul 2021 01:19:40 GMT
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.facebook.com
vary
Origin
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-fb-rlafr
0
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 7E11 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yD/l/1,cross/5tfKlAr2zsp.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
SPazRB2OmKyt02EWuoLjaA5XeqD9a8FzQbeTzzMOq6nkjLdmcIXsVHZjYZTcY7Yxp7NxrZ4PvWY6BkVLK60KrQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
umwqwUgDRbunxPVSLaal0g==
date
Thu, 01 Jul 2021 01:19:40 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
52671
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
x-fb-rlafr
0
expires
Thu, 30 Jun 2022 03:53:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210628&jk=4470442814270274&bg=!GhmlGV3NAAYo4NJEKOA7ACkAdvg8WvAFNzGTp2uIc47kHt3oxKu4Wb_KqJ7wQggPc8zRJrTqIBoi9wIAAAFUUgAAAAxoAQcKABwrOiMnPYGlyXKcs4QgbdEtvBYSpQPYpYpbfLYVmQJntIJXSKRtdzcUHGoZnBv-qfGZvB_GY5TwBN1kKQgOCo2ICy3KQK_xF9LJDdsDp0xmF_1yN367jhKdUnjy6nIlVRrYwYRA79P6UHg0k2ayfw8biuQNZpApHCHFpKavRangsbk40-f7ZvsYtlW5_1cHSbxF2EulDr_1wq8DIZTlcmBqsUhoFgwI3lhWnPMs2_-m9PgqS9wSUR-oE9_GxucKju40ghxy-OgZbHGAKxtVvC3nZ3liPsIwUl6BTPe-uRT-_qSW7q_pU3hVE0QGN5HDRQkmETtVS8NlD9mltHKd4QcyzLrhsg7CqmHm7Vn5Mt6oS6nq7gly7fFFneHqUtNCGbg2WXMVTGblt-uBMErYQxy0hiMkyZJjJLT2SgfMbaQugBgqdl4LtezRULol4n4gdZhrAbcOx-U3kI7XFOWNzHF_2FqF2MH6os3Z8syJDTDaOR2DarNIZSiUxzZ00gmgKn0OsrlbCdNryRFhDc49kS5DhXlK2bTpZurronUz6hj5ZckAQvYW9g3gePz6B26D0ODRDYCUK3neLfQYh3f4bPWmhk_rtI629fPep4niuZ57UedsXQrjLNX94fzOklp-7IJ_tUOj4lGjV3kNodQaEXS2QlkT9yUjpUZio5QU-56m1Vw6l1Wcnhsj5F4ZrdwmmgLdd0dmBB_8wNWBhZiGv6oY-rOICOsNC6bNTyxQzPg1I0VpwfoQ19fxUCTRbVyuH3NE6nZS_wB2LG1-VrehFiqXqTx2nZ4GP7Xkwc6i3DKWx1nWzIuAz1Z5S311fGNtZXtAMc4PiBov2nTLlo79JjQSvZpTJl2O
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 603B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 603B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TQvnkBfws8Nm&ev=1&orig=trc&pid=562107
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TQvnkBfws8Nm&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11098

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=TQvnkBfws8Nm&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8474b759f8-ns875
expires
-1
getuidnb
ib.adnxs.com/ Frame 603B 		43 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:40 GMT
X-Proxy-Origin
141.98.102.252; 141.98.102.252; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
761caa7d-e135-44ad-a3b3-02ba79308be0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 603B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjPX3g-iGrjJ8loVwTjhWk&google_cver=1
0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjPX3g-iGrjJ8loVwTjhWk&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
163
date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1625102380.428732,VS0,VE163
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11563-HHN

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOjPX3g-iGrjJ8loVwTjhWk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 603B 		42 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:288
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 603B
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac
tbl-x-upstream
10.41.14.57:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7732
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 603B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e82ea55f-db8e-4a2e-ba93-0b238d8609d4
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e82ea55f-db8e-4a2e-ba93-0b238d8609d4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:62::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1625102380.467193,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11563-HHN

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e82ea55f-db8e-4a2e-ba93-0b238d8609d4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 603B
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 01 Jul 2021 01:19:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 603B 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-8474b759f8-bvk2l
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 603B 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 603B 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 603B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3167addb-b19a-4099-8ddf-77f7959f9092
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3167addb-b19a-4099-8ddf-77f7959f9092
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7729

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3167addb-b19a-4099-8ddf-77f7959f9092
cache-control
no-cache
date
Thu, 01 Jul 2021 01:19:39 GMT
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1721
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 01 Jul 2021 00:00:00 GMT
6.gif
id5-sync.com/c/464/101/2/ Frame 603B
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQtN7zuK6jUBkG_nXxcpHnuDsMxkHCcUx9ZYH9g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOQtN7zuK6jUBkG_nXxcpHnuDsMxkHCcUx9ZYH9g&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=14e58419-1276-40b4-b315-0eea64c8367f&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F5%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/5/3.gif?puid=e_660ae0c2-f69e-476e-bcbd-8de078694482&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEEjJn780IkMpeNHlu_y2ojY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0Rv...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESEEjJn780IkMpeNHlu_y2o...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8039684527946255092&opid=apx&ops=&utidl=tech:goo:CAESEEjJn780IkMpeNHlu_y2ojY&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A18354791621&sd=Y2FzY2FkZXNSZW1haW5pbmc9NCZjYXNjYWRlc0RvbmU9NCZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/3/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/3/5.gif?puid=e4217a211c2629921960146ef2216075&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F2%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/2/6.gif?puid=38ff1056-8f1e-4fa2-974d-8cbf4ed10532&gdpr=1&gdpr_consent=
0
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 603B
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ky06AGDkBry3Fi2VLRjdYA
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ky06AGDkBry3Fi2VLRjdYA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 01 Jul 2021 01:19:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16081

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=ky06AGDkBry3Fi2VLRjdYA
date
Thu, 01 Jul 2021 01:19:41 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 603B 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Thu, 01 Jul 2021 01:18:45 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 603B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5&gdpr=0&gdpr_consent=
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=taboola&bidswitch_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5&gdpr=0&av_tc=True
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=17f60418-d01f-4fee-aa57-8c09841aae37&expires=2&ssp=taboola&bsw_param=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11583

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=e9bbce6d-0770-4913-9ea1-a3339d1bbbd5
date
Thu, 01 Jul 2021 01:19:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 603B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084&tbid=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac&query=taboola_hm%3Dba063716-7d74-...
0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084&tbid=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac&query=taboola_hm%3Dba063716-7d74-4506-8c14-5fbf2dbd8084&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1625102381.549716,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19153-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=ba063716-7d74-4506-8c14-5fbf2dbd8084&tbid=bfb5aa61-5a44-4512-8cbc-745e58023b0a-tuct7d69dac&query=taboola_hm%3Dba063716-7d74-4506-8c14-5fbf2dbd8084&isDirect=0
tbl-x-upstream
10.41.22.84:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12775
sd
u.openx.net/w/1.0/ Frame 603B
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.210.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 google
server
OXGW/16.210.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&gdpr=0&gdpr_consent=
date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 google
server
OXGW/16.210.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 603B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=53d644e5-4232-51b6-b15d-b173d180a95f
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=53d644e5-4232-51b6-b15d-b173d180a95f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
10755

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=53d644e5-4232-51b6-b15d-b173d180a95f
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 603B 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.211.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 603B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=pGVQ2wY4RAiwjW5-_5XJXw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&ui=pGVQ2wY4RAiwjW5-_5XJXw
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&ui=pGVQ2wY4RAiwjW5-_5XJXw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Thu, 01 Jul 2021 01:19:40 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12145

Redirect headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&ui=pGVQ2wY4RAiwjW5-_5XJXw
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 603B
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.194.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 01 Jul 2021 01:19:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame F155 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cZudbZahPOBsYvDOdnPtkk7eaBsnPiYA
content-encoding
gzip
etag
"be95692a7dfb1dc3e8629518230a5ec3"
age
6465
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
899
x-amz-id-2
OG8ePuiocJutgam2H5hObi7DKciJh/x2ywyv4MORhgU4yG32TiOqKgQBNe50BZFIFEjb8DQXDAA=
x-served-by
cache-fra19153-FRA
last-modified
Wed, 09 Jun 2021 22:03:44 GMT
server
AmazonS3
x-timer
S1625102381.595189,VS0,VE0
date
Thu, 01 Jul 2021 01:19:40 GMT
vary
Accept-Encoding
x-amz-request-id
RGJG3VVQ49GFMTX8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
43
x-cache-hits
7167
/
pips.taboola.com/ Frame F155 		64 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 01:19:40 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19158-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.ibluecg.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame F155 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.ibluecg.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 01 Jul 2021 01:19:40 GMT
Cache-Control
no-store
Server
nginx
Connection
close
dc_oe=ChMIpOzYj9rA8QIVhAyLCh1XhAHbEAAYACDyyvlBQhMI8__Dj9rA8QIVm-67CB3q_g0P;met=1;&timestamp=1625102388560;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A6F6 		42 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIpOzYj9rA8QIVhAyLCh1XhAHbEAAYACDyyvlBQhMI8__Dj9rA8QIVm-67CB3q_g0P;met=1;&timestamp=1625102388560;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jul 2021 01:19:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_gid=CAESEElcYXn5BeaGv7OUiZdoYes&google_cver=1&google_push=AYg5qPIJM2fs3Kn7sbrStVFZj0WQJc2cqUE6FjdmLdbbwyMc-U76z2QxGllOcDrnIrDpqHQdfz7Hz0E_wOvYabdbKTIWW4nTXY4
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YN0YKjE5AIKakMMjaoOr1gAABGsAAAIB&google_cver=1&google_gid=CAESEEJsgssBGOClgsqQRJdaG6Q&google_push=AYg5qPJm1p6Xa8R0ACF5rUiTlps2CBuao-zojY3WJhoMkzDqIbdBUkVAhHFn1worAGJIhS1NJK4D0HbNDPVyQ47Zq7ah3SV4TGZ5
Domain
id5-sync.com
URL
https://id5-sync.com/c/464/101/2/6.gif?puid=38ff1056-8f1e-4fa2-974d-8cbf4ed10532&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| EBMMMenu function| EBMMEval undefined| EditMode function| $ function| jQuery string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| FB object| DISQUSWIDGETS undefined| disqus_domain undefined| disqus_shortname object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| google_user_agent_client_hint object| jQuery1111002119722437014593 object| google_persistent_state_async object| __gcse function| disqus_config object| DISQUS function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| closure_lm_435042 function| _googCsa number| nextSearchboxId function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpaForCanoeV2 number| _googEnableQup number| _googErrorTurnOffPersonalization number| _googTimeoutTurnOffPersonalization string| _googLazyLoadingDenyList string| _googLazyLoadingEnableList number| _googLazyLoadingRootMargin number| _googUspApiTimeout number| googleAltLoader object| TRC number| taboola_view_id boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16251023783116 object| vglnk undefined| vglnk_16251023788387 undefined| vglnk_16251023789239 object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
.rezync.com/ Name: zync-uuid
Value: 4ef55096-9fba-4cf3-9f95-9df2a7d8e38f:1625102379.07
.rlcdn.com/ Name: pxrc
Value: CKqw9IYGEgUI6AcQABIGCLbqARABEgYIuuoBEAASBgjq6gEQARIGCOndKhAA
.google.com/ Name: NID
Value: 218=F1apHGZa5hjGaHN7b04lCyqz5MLFR4O-abmr15LkRcXrjlO7HW7YwY7XY5bw_Q6NeJZHf3VEzT81d_iKX4mDHPDB_Qcb54AgjVZred9NBd5KD7RU3MtD6jOBAUbd52ZithOoq6bjWqZRFtkqvFclaR5qecn4fR4AM1jBOMptE8w
.disqus.com/ Name: disqus_unique
Value: 4mk7f9t1hlt8d7
live.rezync.com/ Name: sd-session-id
Value: .eJwVikELgjAYQP9KfGcPZoEldFMiaA5qFvMiNRdO91m5STHxv7du7z3eBNVLDnjrZW8hscMoAxBaeTOQTFAr8x49gVhjFz-2dtlou6ljmAMw0hj17CtV_8_F3V_5_oI5Kz6UcUuvpeLnMOQRd0emkbLCtxMSzFZl2mjiGqRtFpG2-JL04HLXjSQVO5jnH_d0Mt4.E76pqw.1Anj50OkBwef3yZ7hub9ChSJIyc
.rlcdn.com/ Name: rlas3
Value: hnDlDaCkdhGf9g9joVlXWkyTGdVv/uzQmKyEtEIeoZc=
.doubleclick.net/ Name: IDE
Value: AHWqTUl6Z9R7okv-q0ttuSwDMX2TCg9Ch4i9no4u-YW34XueltKTJqZoVkPva9mnhHM
disqus.com/ Name: __jid
Value: 4mm2udj33srvkr
www.ibluecg.com/ Name: trc_cookie_storage
Value: disqus-widget-safetylevel20longtail09%253Asession-data%3Dv2_6258ce81df7adc5d018b2c9941bb1a80_9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9_1625102377_1625102377_CIi3jgYQktQ_GLXGmf2lLyABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGixr-m1yv33zq0B%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522disqus-widget-safetylevel20longtail09%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D9e46e159-adb5-4082-bebc-e60a26e357ef-tuct7d69da9
.ibluecg.com/ Name: __gads
Value: ID=e907edc6f6809337-22ba419f6fc80093:T=1625102377:RT=1625102377:S=ALNI_MY0UdWTsB639fpD8qOCNWUp16Q3Og

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210630-7-RELEASE.js(Line 3)
Message:
Dynamic Translation load is enabled but response is missing the map. Using embedded solution
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
a.disquscdn.com
accounts.google.com
ad4m.at
ade.googlesyndication.com
ads.avads.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
apis.google.com
as.ad4m.at
assets.ad4m.at
bh.contextweb.com
bttrack.com
c.disquscdn.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
ce.lijit.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
connect.facebook.net
cse.google.com
diapi.webgains.com
dis.criteo.com
disqus.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
ejp.rlcdn.com
fonts.googleapis.com
fonts.gstatic.com
glitter.services.disqus.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
images.taboola.com
io.narrative.io
jadserve.postrelease.com
links.services.disqus.com
live.rezync.com
match.adsrvr.org
match.taboola.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
referrer.disqus.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
shui-lan-mo-li-gong-lue-wang.disqus.com
simage2.pubmatic.com
ssl.gstatic.com
static-de.ad4mat.net
static.xx.fbcdn.net
sync-t1.taboola.com
sync.taboola.com
tempest.services.disqus.com
tpc.googlesyndication.com
track.webgains.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
vidstat.taboola.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagservices.com
www.ibluecg.com
x.bidswitch.net
cm.g.doubleclick.net
id5-sync.com
104.111.239.217
139.162.84.221
141.226.224.32
141.226.228.48
142.250.185.162
142.250.186.66
151.101.112.134
151.101.12.64
151.101.13.44
151.101.14.49
151.101.64.134
172.104.102.244
178.250.2.151
18.185.197.81
18.195.155.181
18.235.211.215
185.33.221.13
185.64.190.78
185.64.190.80
185.86.138.144
192.132.33.46
193.0.160.129
198.148.27.140
199.232.137.44
2.18.234.21
2001:4de0:ac18::1:a:3b
216.58.212.130
23.111.200.117
2600:1901:0:76b9::
2600:9000:2104:5800:6:8656:f5c0:93a1
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:aa7a
2606:4700:3039::6815:c039
2606:4700::6810:a00d
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:801::2003
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200d
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a02:2638:1::13
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
2a04:4e42:62::300
2a05:d01c:1d8:8101:e336:1261:a63c:d3a0
34.249.16.73
35.157.168.25
35.205.207.25
35.227.252.103
35.244.159.8
35.244.174.68
46.236.13.147
52.212.225.58
52.58.194.104
63.33.81.89
65.9.77.14
65.9.77.26
65.9.77.69
69.173.144.139
72.251.249.14
76.223.111.131
79.137.68.187
81.29.72.47
009243b5bc24f81ae096d64aab50fc9c22bb5f4572a13fb114661c138b62d302
04b1f8cb2f5e15aeddb7c25f1ecd30ec677874fbbc28a43cbae37a32ab5d01e1
095ba66d80bd93cf592c11fd72a723dfe5ab5f8da183e54063f50e9ba215094b
09f1975a73f359323ee45df33ed5c2e68f687449edbbfe85e2638b0bde71b25b
0a136de3e32c528c00c2b9765eb26b169f5dca5ccebe379060dfadd56a1d1d00
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ded4ad0ac8ce6cf2b2f9ae707b0ad6f76a6c4bcf6e908acc2f9d668e35632f2
0e9430adfa5df6165665667575297ee87c17f543950ce4c48e639d81d82d42fe
106745f14dfc064dce32d02e5c66e8cf9b99be65b2e5fd31f025a1d784e4b2d2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118e7d049469ee4245167a8318e662d783d26ede907638d785a8adc947dc6665
11eb8da6bede1edea74066c511e2c739186154b7b9a8059a631151c012dcbd08
12102adcc3bb5afc57516d22d129f09b2a040a9274a76ba4cfb3e561b434d1ca
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ee442ad674963a2fb805cd522dfc5dcc8610e867eb6cec6a0b6fc03bd8491a
15ec9dcb1edbcbbe152e5ca5d6018ca4cc46eeda6d506c8382d537c3045db17d
16d2c8f30d65c537a5259a8a96346daceb60f28a64f8b4092caac03e0255d98a
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
180598e1846620eca391c22b08366f9698783e361e50e2d41e0aefe783f57940
1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4
181e66f408838a471bf6ef845e37e7f4ba7fc3c7250d47697a89980df21476a7
18adfe8cb7b956553c8d520cdc60e1370aac4f42dc01c9198f398bd3b39332cc
19e84e29fc980777914408b80b93d74ffb1266b65a1745aacac3ba5dd3f8bac1
1ba383b4c301973f5b8c0e0dcfc327f6716dc54fd510c9b07aa2ce80bdbf48c8
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
209003dd975bf086030ddd66117656c153409d032279adde6db73f6c88ef64d4
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22730069324340d5edd7ae54ca11d14830c9232e0d9e79ef9a9b027ee0293104
246e38c978d0fb5aa218a60ad4dedffd883dd176241e9a96d6a917307c486ce9
25fee4112706779505d81726640467acc4631fa771b74af11b5b246b1f496321
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
287a66267efd124ddbeafd54bdd692476cfbe10df10ee2855795e3bea19eb0ea
28975e9da13dc469b328f24362d50d8b73edc61b94b2e5e48bd272509a485242
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2a5db92958908a603c87c0cbd7b153ed3e3bab026021791f60ac4b59151b66a8
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79
2dc7ba03dc94c1c92328a99cf06b8830081e8c9753076d5d16865cd507021944
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecf9ddab2148aaec478a2819abd263aca10d160d9b32638f8445de816fc2729
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30b856195cf8b75309a0476b54bafeb636ce8898ca8c7db3fdf7a7105cdd499f
30d18f17a42e1aea9a713bad3bac0f0c42240aedc63a1059f96f025a17acb93e
314c6b7c95012c5646ac120abbf788b1b2fca067dcb877a69596bbbeb380a8fe
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
3288bdd2118d966ee43087fefb7cc8700a4d0350e678d4fbe47d54648919a369
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3794163e0d9ebdcc1ffbc4ff173522fbc3a37617111e9bb845272c476c3c87ec
3b70fd03e42db21a2d576949c3a76e5da656fcc51d0d3692862511e49317baaf
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
3d5dbcb0cc208bfd3854dfa519673206840805c0d98d576567cec5b2345aa922
3e5d328cd9e893b1c6edc8a31cd86d82d66fa1894597c541abc81cb8559f19ea
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4c9deb1a506b375fc325bca9383735f8c0fc279ef28448343eed1d0dc4162839
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3168be695ceb2a6858d011a3b9d6f1d3cd5d793f06045a5a2c1668f54915e6
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
504f9a18c90c8800d96b4b06cdcccef2fd7f2bbef74fc2d0d6e90357adaef399
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5071d5d3c6fd02eabca30cfc97e8d1b11b9dc2c901cc0d79f74d1ced8738cd7a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
54dd16271add2decd1baaaa2f05620ff731f46324687566fe6001777886be364
55293f84549026e3864ef056db5ce23f8726f2d390436e40df3b520a1117dae4
5595a592e5e93a111e8b48e225a826b874b635dc219787efedf806d3aa13f223
55e3416121cfe8a678fb2d941da8140d9aa0a655d5edfc4e799748019d68b23e
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5bdbbde4b33700d67556d270b880d384322de3860a250d8ffd92415b8c066c0c
5d5c1ed77b99d3f67ef7d419e1d6d78a663d8cac3668749252aa85c88cdef8fe
5da5b945cab56c1f4ee24e430ded7250d1fab6495d2b76d73943ffd3f9e1e330
5f84ad853a7a709dd9a391879ab72dd8eb3e8bdccaa669646e3fcae27ef7dc61
607622d89626f3a7ee728372163078e2dbdc98f70b03732b48866f28a7e23bfb
61f2df76aff38421bad56be75885e917b5c1f0a375a6e5c6ff9def0934efa16f
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
62a0c0799f05836a3d65b5510b7fd3f183d9518c502a44beb1777144f202e9cb
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
663cefd8371e515724860dd2ab4f913bd3ea21b37125d7004d18a3a0e912ce3e
66dc84eff4279521a92d581a7d875df3382a15620944aee348c0fac4b87646f1
68c7b10b9e138d7566b7dca1e763b39ac59731e790101a34b74e14f556175d6e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b50b0ae0727d56d47c5961afb021d430ed8f70ce97c338f4419d95f45c94bfd
6cf66dfe6d3fe08050c95a346b87c6336b3e9804508bd2c45b208f425f719d19
6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea
6ebc3ca959eca48d70457a7185cd0c555778519cfc330c321d61200c227567cf
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70b77838abb2862fd53756d69d6369a781d2e97d854b15a99463f5365b566e98
70ecd495747837d62f25816e24beeb812b5f7a448e7e3432d4f05edbc6902d7d
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
71c51f0cb6cb8b3c92b9dc43c280857b96bd17efdda92a92a3cab8c97225e244
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7656d51b948402c8e5980f1eeb8c1a50544b1ecf40c698f50df2f91331410d8e
7674d4cc8cafc174d98f0f4222a67c40aeaf1aa4561847ac9dbdd9fe9f1ff130
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
78c65dc206374352832ce34fdbe4e1c52db9dbfe9321977f11089868bd4e5fbf
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7bc24bf3e1b5202928e07175d7a86820afbe2b1ea33fd02a4492022372aa4108
7bf349f4506ce97b9244efc3abce2aeadde8b6d0af8cc25cb22f214c44326055
7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3
7c1e3cbfe28d4c575abf82446b366f6cb109b3edf5f317eceec3081c70bed720
7f33befe0670afab53059aa8121e30cad52f32b6ccee6dd5af9f9ce2da173568
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85c1d2b000181781ca5919155b1fccab622487e7e54f1d3ef56ec52680b7e5da
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
893b233d73517f25e5c43cb774222580404e916d52c5db5a35f7e3729e2eb2af
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
91ccb2e6b3cd73d1f3da34aa1925bdeded87114309ec4538bee4382cd6f339a2
921245a927687df28839dc3cbc1aa9226cd8352f5a44e85a5dbbc64fd7fb2bbb
9349517ae5b218dbbd8f88d761badabd64bd36e6f0eaae0ad685995360765cda
94aa69848ff4a838257fe0106ab4bd5677b01fac80866c82ef8e208d9b295685
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96a8198d0b92c175322a1cf167c65f8f410a46758ad62c0ed614baa635a55022
980a0ed841d025e07f7ffc83943d26b590abfd96c857a19ac76394099a35c67e
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e
9a5bf846c0b4b17e92dfac8d164f0569d25ee15a720a07e408bb483299425fa9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fba5738d954eb6c3e57f60710c45b92eca50c1dae4e9cbaa16e30392d20f98b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f49b31aa2c2ca1f66c14821a97ad2faed5eaba6a539349ff928602683c05c
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a43eb655f1d31bc42daba776bb651f9074fae7c5e9e4116bdd4ca922316dbab2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a91a21b8a5843a8d8fac4d3916d5eb926ea4917b7d27dbee00ae068f4dd9d07e
a9f5f51fdfd4f87656c7d97a7a1a7ee52029ad16454a0f3aed87766d5d024bb7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa882b8afa985236977e55ae9b0afc49926cc2875af20fbdf0cd32b8f59e50f3
ab4ab97c84986383a17985726f3cfc2bb005c84b69d963887d7c443bd72ccae5
ab8340e6711533857e9d93c36010e35add901418352623109c3e6df93a3d4c52
ae51a012a758ad86c2f16b23532a32a49329d609b33e7f23accf414658526681
afcc6df500927a35a33ea784b4579de91fd379df0ca5a1e0b22b7fcb02210b94
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22ab2faa4dbde5e2b8e62a9405b75f0c81020bf6623bc253fd3401e24c6d812
b2398c3642fb5001cce79445c3065037403ea15d70bd6a71be65ea599fac5fa3
b2e6b9c9ebd628247c54beb7ddb75b8259dc8fa47f1bd4e14483e2a3c200e97d
b6316093e7ec4e2b82febd6be54a25ccbb982b3f085972bda9f6a5dfb16ae67d
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
bb0515fac1e9345bf4bd2881cda028400764be0f74a9da03af09951514edf7fa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37
bc4dac9a386ca2bb0f51b8f89fbe4582e767a2c917129a698197d41d367cc705
bd80a570e588044ccd6c01fcc16438ca70d81ac082b462bd3c2f45227099cf32
c13d98764c162734281364388456c1fc1723be702b0641377a2ad6f760430708
c14811543c43177335c8ba22be194d26067fa76bcf0c1b12bb4c0bdab9f6397e
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c3c68dc29db97dee7511ba7dae3b0e856fb873d67672fa8a4eb65b9831e44a9f
c4e5b3741572d9d1e9f9bed9d8b3e99e9a9749626261e1e6984d5c726e0b6263
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
ca66e264d4906c08646740254c325851bf0d83e203369d776d82202ec3c04c65
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
d909c8db078f3316b78acc5917f9abf7b7ca8bbc49472b17f11c608914caad1b
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
d9dbb676c4a844ee34b38c48b41a16f2ee145a6135d72d42d9fc9ec9abb2355c
dc06b5b249c51ca87524cfa37c55d0a90d8afbf9585b50d87b609ee2071a7c59
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df031ba318582d06b8dbb4c1e8c5fa74c92361637a33d8a966844e8b06f05d0f
e233a147eb1f2dc7932e22c7199051febacd3246e31ee3cb3675db87dec8c042
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43851245ad701afc71c5014c93c58ebb57812c20718556a77aef3dd18b33b7f
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5a97258627da1a5b7ad62ead5f6e618ce31b31c1455911cacee7b4c234d5d94
e7653bc8d0b70e8d10e40a7f99669b31170b5e1b89947983380083b01b9d8fe0
e765e1abcaa36ba5e4f5312783954d2016304957f5f6b0f752f15741e63427da
e8865b7f438adb9639235b5b40bc3519bf7b1dbd27118b4f3b97f4ab80eb1329
e92552bc193c8bae835c7b6db6eea8a39593fa14fb75a227f738c415330cc84e
eb1fd312dbd1c313a76ff0d81d888c6b3e72c1c2cb521ec4334ffddc8c274c4c
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
ed8750eb1f47e4c8e3fd3a36d7af92a96848a6cd58bfd9dfafd14030b37e7828
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee9296b95b079e2400e2175b154d0c0a61974d2e05ffe63d26e323747b9b9b03
eea5b3b2812460e34ee0bebff5b6a56db543f877609647ee51ef07d6b1dea00b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fbba257dc39b6005dfbd9a19b047beb96a5af5dd737690f896222cbd89893caf
fcedc32f2cd81ee5add22f279101e34901b164b533e8ce541b573b2bf39678e3
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
ff060b9ccf920cdb34f531bb754a06d85ba503778af693ba7845fdc15e268d44
ff143a53cee0e9f99e358ddbd0db968d78d52fec3911a122f50b9537b2e093da
ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf
ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf