www.noramama.tw Open in urlscan Pro
75.2.82.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.noramama.tw/
Submission: On January 03 via api (January 3rd 2024, 9:32:15 am UTC) from US — Scanned from US

Summary HTTP 87 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 87 HTTP transactions. The main IP is 75.2.82.70, located in United States and belongs to AMAZON-02, US. The main domain is www.noramama.tw.
TLS certificate: Issued by R3 on January 3rd 2024. Valid for: 3 months.

This is the only time www.noramama.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	75.2.82.70 75.2.82.70	16509 (AMAZON-02) (AMAZON-02)
20	2600:9000:24f... 2600:9000:24f2:5e00:9:ed18:3180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02c:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:200... 2600:9000:2009:9600:1c:1162:edc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	146.75.32.193 146.75.32.193	54113 (FASTLY) (FASTLY)
6	35.73.75.13 35.73.75.13	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:303... 2606:4700:3037::6815:20c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:20:... 2606:4700:20::ac43:4af7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:402... 2607:f8b0:4020:805::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12c:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a03:2880:f20... 2a03:2880:f20f:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:402... 2607:f8b0:4020:807::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
87	17

5 75.2.82.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: a533ecbda6b789685.awsglobalaccelerator.com

www.noramama.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:24f2:5e00:9:ed18:3180:93a1 (United States)

ASN16509 (AMAZON-02, US)

resource.sfec.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02c:13:face:b00c:0:3 (Boca Raton, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2009:9600:1c:1162:edc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

v2cdn.sfec.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.32.193 (Ashburn, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.73.75.13 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

gag.sfec.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::6815:20c7 (United States)

ASN13335 (CLOUDFLARENET, US)

gag.sysfeather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4af7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12c:83:face:b00c:0:25de (Boca Raton, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f20f:c4:face:b00c:0:43fe (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

scontent-nrt1-1.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	sfec.cloud resource.sfec.cloud v2cdn.sfec.cloud	596 KB
10	sysfeather.com gag.sysfeather.com	41 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	103 KB
8	cdninstagram.com scontent-nrt1-1.cdninstagram.com — Cisco Umbrella Rank: 103806	5 MB
6	sfec.cc gag.sfec.cc	44 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	264 KB
5	noramama.tw www.noramama.tw	33 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	21 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	279 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1761	47 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	236 KB
2	getbutton.io 1 redirects static.getbutton.io — Cisco Umbrella Rank: 37947	119 KB
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 6429	396 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708	30 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
87	15

	Domain	Requested by
20	resource.sfec.cloud	www.noramama.tw resource.sfec.cloud
10	gag.sysfeather.com	www.noramama.tw gag.sysfeather.com
9	cdnjs.cloudflare.com	gag.sysfeather.com
8	scontent-nrt1-1.cdninstagram.com	gag.sysfeather.com
6	gag.sfec.cc	www.noramama.tw gag.sfec.cc
6	connect.facebook.net	www.noramama.tw connect.facebook.net gag.sysfeather.com
5	www.noramama.tw	www.noramama.tw resource.sfec.cloud
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdn.jsdelivr.net	gag.sfec.cc
3	maxcdn.bootstrapcdn.com	gag.sysfeather.com
3	v2cdn.sfec.cloud	www.noramama.tw
3	www.googletagmanager.com	www.noramama.tw www.googletagmanager.com
2	static.getbutton.io	1 redirects www.noramama.tw
2	i.imgur.com	www.noramama.tw
1	ajax.googleapis.com	gag.sysfeather.com
1	www.facebook.com	www.noramama.tw
87	16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
line.me
www.sysfeather.com
getbutton.io

Subject Issuer	Validity	Valid
www.noramama.tw R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.sfec.cloud Amazon RSA 2048 M02	`2023-04-07` - `2024-05-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-12` - `2024-01-10`	3 months	crt.sh
v2cdn.sfec.cloud Amazon RSA 2048 M02	`2023-04-09` - `2024-05-06`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
gag.sfec.cc R3	`2023-11-24` - `2024-02-22`	3 months	crt.sh
sysfeather.com E1	`2023-12-25` - `2024-03-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-10-12` - `2024-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.noramama.tw/
Frame ID: A42F73CBBC1695A401D6BB5D88C455FC
Requests: 48 HTTP requests in this frame

Frame: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Frame ID: E11621E0AA5A5F0F1F404DFE0C0C65D7
Requests: 1 HTTP requests in this frame

Frame: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Frame ID: A6A6E5925D308DFCC873CCF659BF9EDD
Requests: 1 HTTP requests in this frame

Frame: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Frame ID: 67C574F3081AADD55EA78158E29BC319
Requests: 34 HTTP requests in this frame

Frame: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E8%B3%BC%E8%B2%B7%F0%9F%9B%92&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E4%B9%9D%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E8%B3%A3%E2%9A%A1%EF%B8%8F&time=2023-09-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
Frame ID: 72ED93BB134005C7D29E7067D81793BE
Requests: 2 HTTP requests in this frame

Frame: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E5%9C%98%E4%B8%AD%E2%9A%A1%EF%B8%8F&time=2023-08-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
Frame ID: 25F45F0B8EAE060B82305B9F95E39B40
Requests: 2 HTTP requests in this frame

Frame: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E5%8D%81%E4%BA%8C%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%99%90%E6%99%82%E6%94%B6%E5%96%AE%EF%BD%9E12%2F10&time=2023-12-10T12:59&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
Frame ID: E566531F4AE8C3C463CE643006DB720A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

noramama童裝選品店

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

87
Requests

97 %
HTTPS

81 %
IPv6

15
Domains

16
Subdomains

17
IPs

3
Countries

7183 kB
Transfer

10749 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/profile.php?id=100078027965317

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kikikids2020/

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40415dhsjz

Search URL Search Domain Scan URL

URL: https://www.sysfeather.com/?ref_w=https%3A%2F%2Fwww.noramama.tw
Title: 矽羽智慧電商

Search URL Search Domain Scan URL

URL: https://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=www.noramama.tw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.noramama.tw/ 39 KB
9 KB 679ms
315ms Document
text/html 75.2.82.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.82.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a533ecbda6b789685.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b22f3f6659508c75d6480005fbe785a089136d686e2e2eb3dd378e875208bad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Jan 2024 09:32:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 jBox.min.css
resource.sfec.cloud/vendor/jBox/0.3.2/ 9 KB
3 KB 107ms
15ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jBox/0.3.2/jBox.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06df7c2fe538d8e34bf418bfc5af554ed25cec90aadfdf4af6a1fbab95c85301

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:42:49 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:27 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 3383361
etag: W/"eb0476ce2e2df8bbd3c6e5c73d462414"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: CbMS2tpwF4Xxbv8Uk-uMI4vc7UtpusZtTGH3I7K8j1A_VBM2Q4J69g==

GET
H2 200 jAlert-v3.min.css
resource.sfec.cloud/vendor/jAlert/v3/ 63 KB
6 KB 108ms
17ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jAlert/v3/jAlert-v3.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9675b2d3535a122014fe4b9d55dd6997b381d353da2005bc3589a10957f5f0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 08:26:19 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 522351
etag: W/"e8e107f5adff38c3bf9c774cd4c52f2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: 4f9M75q2ltid6EPPDptfL6UUZE-MaiF8tMXLcclWUNbi86KXP8gc7w==

GET
H2 200 jquery.loading.min.css
resource.sfec.cloud/vendor/jquery-loading/1.3.0/ 343 B
715 B 104ms
13ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jquery-loading/1.3.0/jquery.loading.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a50dcac7558e2bb46ca938cdd3dc1367663b7d30d11b769357218fa67828b3bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 06:55:03 GMT
x-amz-version-id: null
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
last-modified: Fri, 03 Jul 2020 04:48:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 13401427
etag: "caa542dadf549271ebf07c15331d9676"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 343
x-amz-cf-id: t9DyIjdc7ppRap6pHrgsdP1Yo9pVvxsR0dgfWninWBs3GftxsF7MRA==

GET
H2 200 fontawesome.min.css
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/ 88 KB
18 KB 104ms
13ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/fontawesome.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1735adb046b94ab6dce62b7f80bd20ddbbb5cdfef6c2d2fb98fbcaff1eaf0ee2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 05:04:09 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 20 Aug 2020 03:50:18 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 14272081
etag: W/"8e071b735ab3b1f8d8b8a18639e44d1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: uovDqfAfK_7SwD-IOXhuBg-y5CyIqniynuOofgkEIu_ibiFksV_q6w==

GET
H2 200 light.min.css
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/ 620 B
987 B 105ms
14ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/light.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c621157e7f0c6270720d6906226927ed1c1ffe384f8fd66a4dcc7ca03cc8ea4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:44:33 GMT
x-amz-version-id: null
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 03:50:18 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 13661257
etag: "45424653109975b509e5a4fcb6970c82"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 620
x-amz-cf-id: WLuVXBjyxKU3q15iZSqOt07aKuce3I3DZoXBSLI9jlkkDTXYtXFpfA==

GET
H2 200 brands.min.css
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/ 632 B
1007 B 125ms
34ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/brands.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f411e378e5dc6f54e396de0d171a69b1d208e570370b0b3663f6ea0b836573ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 02:20:48 GMT
x-amz-version-id: null
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 03:50:17 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 12381082
etag: "ca382fdd63183debe74fde0b7215cfc1"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 632
x-amz-cf-id: GkWMGnNcq1KutMMxCMCdWw_631XEw7BGrasYGXgArVpuR8yk7_QlUQ==

GET
H2 200 v4-shims.min.css
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/ 26 KB
5 KB 102ms
11ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/v4-shims.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d508af8f7999d51f2a058bdb6f7de1d2e480509c76e0b376d780f3036bc70d88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 14:18:30 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Thu, 20 Aug 2020 03:50:19 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 11128420
etag: W/"3ac70f89cbc1dfea995903f41ba52d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: cNxhzLAqXyvBTcGQOij50_UdI7s_3FcHQNhTREye7koak8q8YNcTeQ==

GET
H2 200 bootstrap.min.css
resource.sfec.cloud/vendor/bootstrap/4.6.0/css/ 158 KB
24 KB 107ms
16ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/bootstrap/4.6.0/css/bootstrap.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 02:21:12 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 16 Apr 2021 08:42:12 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 12381058
etag: W/"d432e4222814b62dd30c9513dcc29440"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
x-amz-cf-id: 87PaeM1palyqO6PfCdp_C0dNhrbrh8OuSTjL08CJqF3Z4_q7V3IBdQ==

GET
H2 200 swiper-bundle.min.css
resource.sfec.cloud/vendor/swiper/8.0.7/ 15 KB
5 KB 112ms
21ms Stylesheet
text/css 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/swiper/8.0.7/swiper-bundle.min.css
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d63d6003d087ebb286ee2c3f0ca2d6a44c03d797d419022cd9b1b90eb93b6804

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 12:35:26 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: 3_wLfvByKAI.D1ZynGRhBIIboP_UwGQw
last-modified: Tue, 08 Mar 2022 02:20:50 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 3099404
etag: W/"e677de638e4a21637dce55135062ffad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=315360000
x-amz-cf-id: lB66-2K7rHc2apbYQqOK3AU7Blslkpne8RcG5VfOBnwhA1dVuifVBQ==

GET
H2 200 app-neutral.bundle.css
www.noramama.tw/view/default/assets/bundles/app/ 83 KB
16 KB 164ms
160ms Stylesheet
text/css 75.2.82.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noramama.tw/view/default/assets/bundles/app/app-neutral.bundle.css?v=e41e8055

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.82.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a533ecbda6b789685.awsglobalaccelerator.com

Software

nginx /

Resource Hash

e336e6d463780f44dbe165be9602081d3a692b5b8c1cbe73a1b121156dd77883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 02:28:58 GMT
server: nginx
content-encoding: gzip
etag: W/"6594c66a-14a51"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2025 09:32:09 GMT

GET
H2 200 jquery.min.js Show response
resource.sfec.cloud/vendor/jquery/3.5.1/ 87 KB
31 KB 119ms
30ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jquery/3.5.1/jquery.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:42:10 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Tue, 21 Jul 2020 03:27:38 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 13661400
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: _MVEIgAwIbnwBi7xQKxmTxBxPC8J85QXhVkdPncIL5VtGgIFVdUPdg==

GET
H2 200 jquery.lazyload.min.js Show response
resource.sfec.cloud/vendor/jquery.lazyload/1.9.7/ 3 KB
2 KB 126ms
37ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jquery.lazyload/1.9.7/jquery.lazyload.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 10:42:58 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 12955752
etag: W/"5c01d7aff077b4ed0804b71c2e3ab4a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: 49QYbV9AL3j0DNkKXXVx8guzcVLm-0CLScJkJV3k0nV9yxPGXkHYZQ==

GET
H2 200 jquery.imgpreload.min.js Show response
resource.sfec.cloud/vendor/jquery.imgpreload/1.6.2/ 915 B
1 KB 114ms
24ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jquery.imgpreload/1.6.2/jquery.imgpreload.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed918abdaa662a8b49b9803e24b6d8b623222a497f9bd16308c5bbbd60554799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:42:49 GMT
x-amz-version-id: null
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
last-modified: Fri, 03 Jul 2020 04:48:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 3383361
etag: "9eace63c91ae3c69b79e2e8452bdb5d9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 915
x-amz-cf-id: YQb-Yjzd_1LGc-RrE70PBi9Q8puTrFWx8lhM5dhoZr1zx5dyVbs2Og==

GET
H2 200 jBox.min.js Show response
resource.sfec.cloud/vendor/jBox/0.3.2/ 41 KB
10 KB 116ms
27ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jBox/0.3.2/jBox.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fce3e936b9e72a7b299fcdd72c52b300c675d0c9c74fb3b905618b279c2b2db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 05:42:49 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:27 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 3383361
etag: W/"1c3106bb2a70ebe82c42581319ee74ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: ZOlgbXb9SDz2-qMY4VPmDdPmcpXYJ76rSOQc2rH5rLhXDaJLL-IQ2w==

GET
H2 200 jAlert-v3.min.js Show response
resource.sfec.cloud/vendor/jAlert/v3/ 13 KB
4 KB 115ms
25ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jAlert/v3/jAlert-v3.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab0d8d1b494966592ee70e3d8061428fb41380981e6ca69defdf78138ba8d6c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 07:04:38 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:26 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 12364052
etag: W/"f7babc838f78e2feb71c73243dbcc32e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: LUN-aRfGksAs-2IUx8iE7eWze6I-2EZHwNQ4K2hBl7BattoQu-qlaw==

GET
H2 200 jquery.loading.min.js Show response
resource.sfec.cloud/vendor/jquery-loading/1.3.0/ 3 KB
2 KB 122ms
33ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/jquery-loading/1.3.0/jquery.loading.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 06:18:06 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 03 Jul 2020 04:48:29 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 11157244
etag: W/"f22774eee16019a29cf4e9627ed79024"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: b9iCz4uM_Sfv86G3nbdvQk8GoF8PgVSkJ0pYNg8hV19EskbVkGcxrQ==

GET
H2 200 popper.min.js Show response
resource.sfec.cloud/vendor/popper/1.16.0/ 21 KB
8 KB 118ms
29ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/popper/1.16.0/popper.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 00:21:17 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Wed, 21 Apr 2021 10:23:54 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 11092253
etag: W/"84415b7368fd6fc764cbe86039ce0626"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: v1ZO2xnpf_mx4mxtGiuC8Hi5X9KNZaSs6MRGCFp0P7XhFjIiSsjhWQ==

GET
H2 200 bootstrap.min.js Show response
resource.sfec.cloud/vendor/bootstrap/4.6.0/js/ 62 KB
15 KB 121ms
33ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/bootstrap/4.6.0/js/bootstrap.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:19:04 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Fri, 16 Apr 2021 08:42:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 7690386
etag: W/"f0c2bcf5ef0c4476508d79ec9cdcce07"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: IlNMfw5A86gIdXG4ipVLn41EW5LMuo5jgO8N2R44BPMu-J8pwtxNJQ==

GET
H2 200 swiper-bundle.min.js Show response
resource.sfec.cloud/vendor/swiper/8.0.7/ 136 KB
38 KB 114ms
26ms Script
application/javascript 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/swiper/8.0.7/swiper-bundle.min.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16a7a513b94c5f986745e655a1b3ba938daf438f23b74e26e9902d38d35cbfca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 10:59:00 GMT
content-encoding: gzip
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
x-amz-version-id: 50BEzSaprQRgD_uyMewHIgu595_m9DVN
last-modified: Tue, 08 Mar 2022 02:20:51 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P1
age: 11226790
etag: W/"d98affc59a6cbc9c28e3a05376d97ffe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=315360000
x-amz-cf-id: W-k-vYMGKq7FNMPDrjiTLAlC0yzmceVb7XT7uX6wk46vyfUwI1_V5Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
89 KB 246ms
42ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PNVKYLZWSC

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e20690772bbef6ac023ff9dbfc792f79c6562a2d26aaf6a92e0aacb358a1992c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 09:32:09 GMT

GET
H2 200 app.bundle.js Show response
www.noramama.tw/view/default/assets/bundles/app/ 22 KB
7 KB 163ms
161ms Script
application/javascript 75.2.82.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noramama.tw/view/default/assets/bundles/app/app.bundle.js?v=e41e8055

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.82.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a533ecbda6b789685.awsglobalaccelerator.com

Software

nginx /

Resource Hash

99e6804783103df108275cde34335e6c3563b5dd2e2b4e0d3d05d86a152170d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 02:28:58 GMT
server: nginx
content-encoding: gzip
etag: W/"6594c66a-57cb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
expires: Thu, 02 Jan 2025 09:32:09 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
3 KB 244ms
40ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fce4fb2c635793b64fe056502bc394c9b3c6ba7dde5537565cf87f8d159d3e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.noramama.tw/
Origin: https://www.noramama.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 09:32:09 GMT
content-md5: fBaT44YlO0sDj/0bnhdT5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: 4qDK8Tu/Hyjl5BNmayesbxSaqVh3oeMM4w1qCAs+D3UG6KypweKv94UWrM2jGFdkISYW8QoQ25W2qCLlKfqjtA==
x-fb-content-md5: 00489d226801dcd19438b317ce3f9d92
cross-origin-opener-policy: same-origin-allow-popups
etag: "45122f1a9da8ec3b2313ae265d542b5c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:37:44 GMT

GET
H2 200 eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL3NldHRpbmcvOGJiZWNjMmY1NDdjYWIxMDk1NjExYjY5YTljOTJlNDcucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyMDQ4LCJmaXQiOiJpbnNpZ...
v2cdn.sfec.cloud/ 46 KB
46 KB 138ms
10ms Image
image/webp 2600:9000:2009:9600:1c:1162:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2cdn.sfec.cloud/eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL3NldHRpbmcvOGJiZWNjMmY1NDdjYWIxMDk1NjExYjY5YTljOTJlNDcucG5nIiwiZWRpdHMiOnsicmVzaXplIjp7IndpZHRoIjoyMDQ4LCJmaXQiOiJpbnNpZGUiLCJ3aXRob3V0RW5sYXJnZW1lbnQiOnRydWV9fX0=
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:9600:1c:1162:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e1203b2b006440713a74893a80e2affba524e80d6d17fa550fd678b59c4ba636

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:32:37 GMT
via: 1.1 657550dfe2740440cd2d2c5a84cf231e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 25172
x-amzn-requestid: 91c2f689-e4a9-4020-82a3-5ad6536f4f8b
x-cache: Hit from cloudfront
x-amz-apigw-id: Q8QS4FAjNjMEoRA=
content-length: 46948
last-modified: Sun, 31 Dec 2023 11:42:30 GMT
x-amzn-trace-id: Root=1-6594c745-5a9f7f4d4cae69ea2e059e22;Sampled=0;lineage=ed9555c6:0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: aw9SZjwDS5a_rMvO9ZFbLbK19oYaiMWkTARwicTDUT_HKA4qeIg1-w==

GET
H2 200 eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL2FkLzBhOGFhZWI2YzQ4ZDc3NjI5ZDM2NGIzODEyMjM2ZjFkLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjA0OCwiZml0IjoiaW5zaWRlIiwid...
v2cdn.sfec.cloud/ 56 KB
57 KB 147ms
20ms Image
image/webp 2600:9000:2009:9600:1c:1162:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2cdn.sfec.cloud/eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL2FkLzBhOGFhZWI2YzQ4ZDc3NjI5ZDM2NGIzODEyMjM2ZjFkLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjA0OCwiZml0IjoiaW5zaWRlIiwid2l0aG91dEVubGFyZ2VtZW50Ijp0cnVlfX19
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:9600:1c:1162:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca270fd06ed104ddf3997c23c772f0cc9addc31a83fdbfab66d981d51bc60fe2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:32:37 GMT
via: 1.1 657550dfe2740440cd2d2c5a84cf231e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 25172
x-amzn-requestid: 929fd4b2-3d06-4686-b082-080e30e3cd4b
x-cache: Hit from cloudfront
x-amz-apigw-id: Q8QS2HqnNjMEQ8w=
content-length: 57814
last-modified: Sun, 31 Dec 2023 11:44:57 GMT
x-amzn-trace-id: Root=1-6594c745-206cd0001e51cf51560ab862;Sampled=0;lineage=ed9555c6:0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: ffw3F2bhq5OC7wYsQZWh2SoFUZGpkJxXdHnHYiME-1WyRNCmJfXfsQ==

GET
H2 200 PTJRQhW.jpg
i.imgur.com/ 259 KB
259 KB 54ms
12ms Image
image/jpeg 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/PTJRQhW.jpg

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ce00bc93d0b8b19519a7c5213c47fdb452d66f205f709b18fa59ec70a49b63ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 250954
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 264892
x-served-by: cache-iad-kjyo7100074-IAD
last-modified: Sun, 31 Dec 2023 11:49:33 GMT
server: cat factory 1.0
x-timer: S1704274329.204435,VS0,VE2
etag: "5296caa31e9dc7892e1d1d0b303ec77a"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BIoVHD7omJG41xyzCa_AVJx2tZUQ7MG5Rr2v7CgYidHYBxvA0_oIcQ==
x-cache-hits: 1

GET
H/1.1 200
OK timer.js Show response
gag.sfec.cc/js/plugin/ 16 KB
7 KB 628ms
194ms Script
application/javascript 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/js/plugin/timer.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1661df00815a4c77e1a6a612dec3d967bbd476c7b998a3e133bda32e2c8e5777

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:32:09 GMT
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Last-Modified: Sat, 04 Dec 2021 10:00:56 GMT
Server: nginx
ETag: W/"61ab3c58-4037"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Expires: Wed, 17 Jan 2024 09:32:09 GMT

GET
H2 200 instagram-widget.js Show response
gag.sysfeather.com/js/ 3 KB
2 KB 215ms
11ms Script
application/javascript 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/js/instagram-widget.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baafb1c39ed6514614c7781d5ca605bab219f7484a53240da5d5a6666f2fc7c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 335136
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Oct 2020 03:13:27 GMT
server: cloudflare
etag: W/"5f890fd7-df1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BkWTQsylGZ6uVjSiygD%2FXco6CqfwZa3jPVdqUx7SqNON2s%2FzNmC%2BLtQo0tRxzlZs6xHk0g8mHrzjBmqHKydfVcec0%2BBsfrlZr4AgH%2B4B8gUWjEnl8D1SUvRBzTKRGPQ%2BgfnYbnr8VaSSkG9kfd1fEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1209600
cf-ray: 83fa3b9efefe4213-EWR
expires: Sat, 13 Jan 2024 12:26:33 GMT

GET
H/1.1 200
OK popup.js Show response
gag.sfec.cc/js/plugin/ 5 KB
3 KB 585ms
194ms Script
application/javascript 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/js/plugin/popup.js?t=1649857252301

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1043db4676e61aac00815a825370b3f453b5c2a32e6a202d8b60a7603d1d75e8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:32:09 GMT
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Last-Modified: Mon, 09 Jan 2023 07:05:31 GMT
Server: nginx
ETag: W/"63bbbcbb-1376"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Expires: Wed, 17 Jan 2024 09:32:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 242ms
39ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jan 2024 09:32:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: VA8n1qWtABD2E5g50AnAMS8C9q3OaZy9uaAVQM+zux6xv2icB5066v8d++auSKXmUhfcoLZcY5F6P4esEYdh6A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

405 KB
118 KB

21ms
20ms

Script
application/javascript

2606:4700:20::ac43:4af7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Server: 2606:4700:20::ac43:4af7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50111bbd2295251d3edf5953c76acef2156db1aca20e8f3787df42211be48a32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 11:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5061
etag: W/"658d56d3-65503"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jnp6G%2BNSo0%2F2j%2F2JHszowpksMxWdfUQrCSvlIn4jQAzVxiblZ6BvrbXlXw94FDFRhfpHulT%2Fs4dT7kY95rT1ItFMUU3d7vZlK%2BiYxtI%2FQszEbt5tqMkj0cmZSg1gfy8mjV5QTyXq3z86Yfn%2BUBQcQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 83fa3b9fb8e543b0-EWR
expires: Wed, 03 Jan 2024 11:07:48 GMT

Redirect headers

date: Wed, 03 Jan 2024 09:32:09 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxiuLLedNHxKrTMIQvh2eOzpG1MxPUQCWiCOKGihj0qn6AJUvZ19LQcfeMbEnOsVaqccq%2Fk9c%2BR4%2BoGD4snXsLD46RqmsjK7i2tEz4srHWvqvAoDU1NSaImRDdaGmXKNm8iYcLZ%2BQo9hDtj9mOAYhAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.getbutton.io/widget/bundle.js
cf-ray: 83fa3b9ef86643b0-EWR

GET
H2 200 fa-light-300.woff2
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/webfonts/ 186 KB
187 KB 34ms
10ms Font
binary/octet-stream 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/webfonts/fa-light-300.woff2
Requested by: Host: resource.sfec.cloud
URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/light.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586

Request headers

Referer: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/light.min.css
Origin: https://www.noramama.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:32:38 GMT
x-amz-version-id: null
via: 1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 25172
x-cache: Hit from cloudfront
content-length: 190440
last-modified: Thu, 20 Aug 2020 03:50:22 GMT
server: AmazonS3
etag: "68c2f74f76d4236722607d6eeb8b105d"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Xx1mTzt4FSXD1X56DZFO1M2DoH-zW2P8ZmV8es59ikd2HKmrM8s3qQ==

GET
H2 200 fa-brands-400.woff2
resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/webfonts/ 75 KB
75 KB 45ms
23ms Font
binary/octet-stream 2600:9000:24f2:5e00:9:ed18:3180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/webfonts/fa-brands-400.woff2
Requested by: Host: resource.sfec.cloud
URL: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/brands.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f2:5e00:9:ed18:3180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c

Request headers

Referer: https://resource.sfec.cloud/vendor/font-awesome/5.13.0/pro/css/brands.min.css
Origin: https://www.noramama.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:32:38 GMT
x-amz-version-id: null
via: 1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
age: 25172
x-cache: Hit from cloudfront
content-length: 76636
last-modified: Thu, 20 Aug 2020 03:50:20 GMT
server: AmazonS3
etag: "a0f6b35c2b55babc93cb9b15791a1d4c"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: k0rSQ1ylGL2M2QoHMyCelkS8wSw0qKEakUoHWnWp80P1xzFqqOlmtQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 297 KB
85 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=dbbdfdb3d540ef38dda30d744ecad9df

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4304fad65c8baf0bdf9983ff74b0c40552b11163793460d4ebdc6ff61edaea79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.noramama.tw/
Origin: https://www.noramama.tw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 09:32:09 GMT
content-md5: iRgQiDEhCaqXBy8y8CykmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87036
reporting-endpoints
x-fb-debug: wZ+I/qJ2eBdBpnnEpApS6tiGviDaac6gMo4BQIHCwHThWBL+4LWF4bgUECs1z5UVzixrzvHszyJlmDtIAzahcg==
x-fb-content-md5: 5371578758b6dc7e955ff19cb7a41ade
cross-origin-opener-policy: same-origin-allow-popups
etag: "1b53a4714b8db7f8d0e8c65fa58bbefb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 02 Jan 2025 09:07:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 39ms
37ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-214933034-21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNVKYLZWSC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aed793318acfce80b49cfaa58011449c8218bd6b0a6ec19d649ad8836a2dcd38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68997
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 09:32:09 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 73ms
34ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-PNVKYLZWSC&gtm=45je3bt0v885634783&_p=1704274329225&gcd=11l1l1l1l1&dma=0&cid=600261436.1704274330&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704274329&sct=1&seg=0&dl=https%3A%2F%2Fwww.noramama.tw%2F&dt=noramama%E7%AB%A5%E8%A3%9D%E9%81%B8%E5%93%81%E5%BA%97&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1230
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PNVKYLZWSC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:32:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.noramama.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 271528928395019 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 100ms
94ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271528928395019?v=2.9.138&r=stable&domain=www.noramama.tw

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73f61f1158bd377c9c6bca94e3f6c87c9f3a1c730cd8b4300a4f1d8b907b21d8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 03 Jan 2024 09:32:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ibZOKJy6Qe0Y5PzHTQSRy4cxEPt46sUpCDconI6pBE4IzuWyind3DEwiw7RMYiTaYNjRTi1KC1MZRALEMyIljA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 38ms
37ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-78Z53PJFJS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214933034-21&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56cdfa29a02c92681533baf7953ec79db31e8d5dcfc6d1483c1525114f4328a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 09:32:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 13ms
12ms Script
text/javascript 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-214933034-21&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 08:52:28 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2381
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Jan 2024 10:52:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 33ms
33ms XHR
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1883741298&t=pageview&_s=1&dl=https%3A%2F%2Fwww.noramama.tw%2F&ul=en-us&de=UTF-8&dt=noramama%E7%AB%A5%E8%A3%9D%E9%81%B8%E5%93%81%E5%BA%97&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=670513040&gjid=1426709509&cid=600261436.1704274330&tid=UA-214933034-21&_gid=334544808.1704274330&_r=1&gtm=457e3bt0z8885634783&gcd=11l1l1l1l1&dma=0&jsscut=1&z=233551034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.noramama.tw/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:32:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.noramama.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2607:f8b0:4020:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-78Z53PJFJS&gtm=45je3bt0v9133889298&_p=1704274329225&gcd=11l1l1l1l1&dma=0&cid=600261436.1704274330&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1704274329&sct=1&seg=0&dl=https%3A%2F%2Fwww.noramama.tw%2F&dt=noramama%E7%AB%A5%E8%A3%9D%E9%81%B8%E5%93%81%E5%BA%97&en=page_view&_fv=1&_ss=1&tfd=1413
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-78Z53PJFJS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:32:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.noramama.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 110ms
36ms Image
text/plain 2a03:2880:f12c:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271528928395019&ev=PageView&dl=https%3A%2F%2Fwww.noramama.tw%2F&rl=&if=false&ts=1704274329744&sw=1600&sh=1200&ud[external_id]=04e20b91c2aab71e186d28f763e9b5ae3ab3ea8dc55281eabad697a3ba3fe412&v=2.9.138&r=stable&a=plSysfeather&ec=0&o=4126&fbp=fb.1.1704274329743.1133984028&ler=empty&it=1704274329569&coo=false&rqm=GET

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12c:83:face:b00c:0:25de Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 03 Jan 2024 09:32:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET basic-display
gag.sysfeather.com/instagram/ Frame E116 0
0

GET
H3 200 instagram-widget.js Show response
gag.sysfeather.com/js/ 3 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/js/instagram-widget.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baafb1c39ed6514614c7781d5ca605bab219f7484a53240da5d5a6666f2fc7c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:09 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 47795
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 16 Oct 2020 03:13:27 GMT
server: cloudflare
etag: W/"5f890fd7-df1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KamchfpS7UjyeViWrKvDOXyhVmEz7ki%2BI8hanXJlPG5P3ibUCCzm3You1O%2B7436bxl8QS22Tu2IPIcajk1drMpxEbuQEGwnh0DGeXSQS0eY68N0uyjoUNOg7wZhM9ncXv6aDUf5uSWpnYAncLmK1Flg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1209600
cf-ray: 83fa3ba18ab00f70-EWR
expires: Tue, 16 Jan 2024 20:15:34 GMT

GET
H/1.1 200
OK timer.js Show response
gag.sfec.cc/js/plugin/ 16 KB
7 KB 195ms
194ms Script
application/javascript 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/js/plugin/timer.js

Requested by

Host: www.noramama.tw
URL: https://www.noramama.tw/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1661df00815a4c77e1a6a612dec3d967bbd476c7b998a3e133bda32e2c8e5777

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:32:09 GMT
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade, no-referrer-when-downgrade
Last-Modified: Sat, 04 Dec 2021 10:00:56 GMT
Server: nginx
ETag: W/"61ab3c58-4037"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=1209600
Expires: Wed, 17 Jan 2024 09:32:09 GMT

GET basic-display
gag.sysfeather.com/instagram/ Frame A6A6 0
0

GET
H3 200 basic-display Show response
gag.sysfeather.com/instagram/ Frame 67C5 17 KB
7 KB 922ms
921ms Document
text/html 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/js/instagram-widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

741269aaea7ff32cc963a56cddaa9d8cf3a800854d47f750e4b16a9d3eb448a0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noramama.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83fa3ba2cb530f70-EWR
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 09:32:10 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvC7YU5NKbjky81fSZPej2FcZRMvX6WF1MoBjTXpExJKDD%2B25SCAyUe9I8eV9WB0osWeXbjOKovTMcUuQLiYFdT4XgST9cDZx9AIC9UA%2F6rViWfms8gHTdjtsgVgMEWR36%2FiYqz3IlFD9XxV4APb0Wk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cart.php Show response
www.noramama.tw/ 1 B
325 B 213ms
212ms XHR
text/html 75.2.82.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noramama.tw/cart.php?action=count

Requested by

Host: resource.sfec.cloud
URL: https://resource.sfec.cloud/vendor/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.82.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a533ecbda6b789685.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.noramama.tw/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:32:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 wish_list.php Show response
www.noramama.tw/ 1 B
419 B 238ms
238ms XHR
text/html 75.2.82.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.noramama.tw/wish_list.php?action=count

Requested by

Host: resource.sfec.cloud
URL: https://resource.sfec.cloud/vendor/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.82.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a533ecbda6b789685.awsglobalaccelerator.com

Software

nginx /

Resource Hash

5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.noramama.tw/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 09:32:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL2FkLzBhOGFhZWI2YzQ4ZDc3NjI5ZDM2NGIzODEyMjM2ZjFkLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjA0OCwiZml0IjoiaW5zaWRlIiwid...
v2cdn.sfec.cloud/ 56 KB
57 KB 14ms
14ms Image
image/webp 2600:9000:2009:9600:1c:1162:edc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2cdn.sfec.cloud/eyJidWNrZXQiOiJzZi1lYy1zdGF0aWMiLCJrZXkiOiJraWtpa2lkc18yYmE4ZWE5Ni91cGxvYWRzL2FkLzBhOGFhZWI2YzQ4ZDc3NjI5ZDM2NGIzODEyMjM2ZjFkLmpwZyIsImVkaXRzIjp7InJlc2l6ZSI6eyJ3aWR0aCI6MjA0OCwiZml0IjoiaW5zaWRlIiwid2l0aG91dEVubGFyZ2VtZW50Ijp0cnVlfX19
Requested by: Host: www.noramama.tw
URL: https://www.noramama.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2009:9600:1c:1162:edc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca270fd06ed104ddf3997c23c772f0cc9addc31a83fdbfab66d981d51bc60fe2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 02:32:37 GMT
via: 1.1 657550dfe2740440cd2d2c5a84cf231e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 25173
x-amzn-requestid: 929fd4b2-3d06-4686-b082-080e30e3cd4b
x-cache: Hit from cloudfront
x-amz-apigw-id: Q8QS2HqnNjMEQ8w=
content-length: 57814
last-modified: Sun, 31 Dec 2023 11:44:57 GMT
x-amzn-trace-id: Root=1-6594c745-206cd0001e51cf51560ab862;Sampled=0;lineage=ed9555c6:0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Rad6AyihYrQfMDTdWYSugj74lppbM_qOPnhMZRnvOcFfad7CkK-8ow==

GET
H3 200 instagram-widget.css
gag.sysfeather.com/css/ Frame 67C5 8 KB
3 KB 711ms
709ms Stylesheet
text/css 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/css/instagram-widget.css?v=6

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89660a2deb4bb22d72826fb1c52172465dc70e52bebb939da98d6e256d8958c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Oct 2020 08:21:40 GMT
server: cloudflare
etag: W/"5f86b514-1ff5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Fr8eEN%2Fg82ibZ%2Bwqc3q8bdiXnWL5cPNHa0cVMyqgXUkxOK2zDosybW%2BEMS3RBusfhKNM2XQ7em9xtPnoT09ZK9s1FMjC9Em%2B1CWQ5Btzat%2FIJAHhLjex9EwMmpQGXX5yiCJEiJUiYrurkMOjLu0d%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 83fa3ba89e940f70-EWR
expires: Wed, 17 Jan 2024 09:32:11 GMT

GET
H2 200 introjs.min.css
cdnjs.cloudflare.com/ajax/libs/intro.js/2.9.3/ Frame 67C5 9 KB
2 KB 31ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intro.js/2.9.3/introjs.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe867b87f2648fa01f89b37fcd35ab0a86dad0bf9084ff537ff6528326490a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3033198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
last-modified: Mon, 04 May 2020 16:11:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea7-23d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlaP9L2Ytqvo64deKPzd24HKDG%2F8Avk%2B17lQGUOkcvTbiVfhw%2FZJWuHkznwYhHuWPhTPCFpC%2Fr5gA5RUxL8EufZ77oVhbKKEtab1mLC75pX91GEuhWb5iNv6XMHGt6UTNDVZL5RhErR9HmY%2B5XTcEZFT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa475e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 emojionearea.min.css
cdnjs.cloudflare.com/ajax/libs/emojionearea/3.4.1/ Frame 67C5 22 KB
5 KB 28ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/emojionearea/3.4.1/emojionearea.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca6b037d5207e966e6121361e20b1c43c4380b3950f1d91e28822941239da87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2858964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4473
last-modified: Mon, 04 May 2020 16:09:55 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e53-5611"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kx%2F3qkhz71chLfMqAydMUOmFp71PcGgkwpjotYfbj9o%2B%2BqH1aDW30FXGmysIaG5UNpippe%2F%2FT52FvzZ07mHI9XBvRhjyVtojaY3vj8wNl56w5oQl%2BwbtVqSpycjdJnMAF3tiJX2SXtyJx6yTZDcJ3FmG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa495e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 67C5 152 KB
24 KB 55ms
19ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1074
age: 5456878
cdn-cachedat: 10/31/2023 19:55:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: dd1bb8e35fca13f51129c89f0aede8d1
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 83fa3ba8c8aa434a-EWR
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 67C5 30 KB
7 KB 47ms
12ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 871
age: 3118512
cdn-cachedat: 10/31/2023 18:51:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f99c225dea09fd9a1dc0298de4f8988a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 83fa3ba8c8a9434a-EWR
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ Frame 67C5 56 KB
10 KB 30ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3027653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10134
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dff5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IGBcFUDD9QqXvsSmNHofQ3OqHMs%2BpMcRNs3nAxZ%2FB6A0KYVp29K9g%2B9ISC31DkCTuNwEptLCsWotbHxMm5bvQAqcRaK%2B9xbNfeWMAIMKpYfT3dsqlYNOmhVPLCw2Hp2m6F1ldF6ZaGq6OHteRpl%2Fkl0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa485e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 open-iconic-bootstrap.css
cdnjs.cloudflare.com/ajax/libs/open-iconic/1.1.1/font/css/ Frame 67C5 11 KB
2 KB 30ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/open-iconic/1.1.1/font/css/open-iconic-bootstrap.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08dc271963ced376b590e940b06687e60f0fddd15aa85aaa18557fd67917e4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3109777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1711
last-modified: Mon, 04 May 2020 16:13:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3b-2c84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w232mpspSE5QyRu8lhsixHZfBDLGwEvL5EcPlWsPS8FD2iLzYpoguYKniSMInmf0tUcW%2F1xZdngvNRNZj0Vsqh%2Fpk8XtRHQrUUOCOdcAfZcDxxN4203foCmCCuKW%2BETHscf0LQGrKiGkDbc5Mz4qGO6o"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa4a5e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.1.20/ Frame 67C5 13 KB
3 KB 31ms
17ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.1.20/jquery.fancybox.min.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3c979ebd98534e34cdf48ffab11ccf6f60816e23e7afee8d33f08cccf2a856

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5360997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2850
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-358a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgiCPHfxAZj2tDxGL9PQSK3Tfk97oPTySfiijKfLrkhL4OBg4hJ%2FysLjQ02gQSsy8gHMhhG7kRxWLPDGHfBiEo2LE13A1%2FnvbxEeP%2B1wpA0IWrNaqkSP6jqAe5FUeTxwRA6vhqCyF50pLoqGgAer%2FBQO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa465e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H3 200 bootadmin.css
gag.sysfeather.com/css/ Frame 67C5 3 KB
1 KB 910ms
910ms Stylesheet
text/css 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/css/bootadmin.css

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e9cb845ba9f9a3126a5277517daf461c0b121fc9a9d6a76219a40d21feb3dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 May 2018 17:34:22 GMT
server: cloudflare
etag: W/"5af08e1e-bc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHfHOyLH%2BpOUrZn6evR6tbAFBZ90xeOhBy9mv%2B1VDzkL9JmQpNDGWkbS%2FfeHeuJEEH09%2BPgzzgt3t%2BVBuiwjxpRcs5GsE95PpCDZsTnCySDCNLkRSbnsXtAVpQW4%2Bp8mBVi2Qz48MNVGTcRTvPjFH%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 83fa3ba89e990f70-EWR
expires: Wed, 17 Jan 2024 09:32:11 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ Frame 67C5 3 KB
2 KB 38ms
37ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fce4fb2c635793b64fe056502bc394c9b3c6ba7dde5537565cf87f8d159d3e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Origin: https://gag.sysfeather.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 09:32:10 GMT
content-md5: fBaT44YlO0sDj/0bnhdT5Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: 4qDK8Tu/Hyjl5BNmayesbxSaqVh3oeMM4w1qCAs+D3UG6KypweKv94UWrM2jGFdkISYW8QoQ25W2qCLlKfqjtA==
x-fb-content-md5: 00489d226801dcd19438b317ce3f9d92
cross-origin-opener-policy: same-origin-allow-popups
etag: "45122f1a9da8ec3b2313ae265d542b5c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 03 Jan 2024 09:37:44 GMT

GET
H3 200 instagram.png
gag.sysfeather.com/images/ Frame 67C5 4 KB
4 KB 719ms
718ms Image
image/png 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gag.sysfeather.com/images/instagram.png

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c604018a550b63d359608469904de09b8efc5f38395cca106faa49262dfde0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3841
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Nov 2020 03:02:45 GMT
server: cloudflare
etag: "5fa8b155-f01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twNDuoQSvyyptYYSjzp4sBLsLi4ad2zXZYJ2QB318vIxUpiZokUjVqNSnTd6fIgoV9KuBaYiGiMDmJnvZ15mIbkMjTND8oZ13TxJiVi9zILB7bwTvtXY9MSpLgHIsSxa%2F06w%2B3SdxLYyBHVW5SGRkZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 83fa3ba89e9b0f70-EWR
expires: Wed, 17 Jan 2024 09:32:11 GMT

GET
H3 200 glyph-logo_May2016.png
gag.sysfeather.com/images/ Frame 67C5 13 KB
14 KB 907ms
907ms Image
image/png 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gag.sysfeather.com/images/glyph-logo_May2016.png

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36513f2857fd1ef71ca6a40a46758ae13df5cc9f8bc2721661e8b70f40b32bb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 13382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Oct 2020 07:16:52 GMT
server: cloudflare
etag: "5f855464-3446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMPudlVm%2BhxxvxMBShLlUE%2Bsm6ZM5DpKzB6biz0SfRPAzNFyiwzur%2B5fna17rpmQWbJLFQWWu0LxB3P1RMN9rEn9BCSOOoXfGhAsgU6bhUAc3KcDy6exd3YMEDAlEt%2BNUgQM33O2sDsWJd9dYjS2CS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 83fa3ba89e9c0f70-EWR
expires: Wed, 17 Jan 2024 09:32:11 GMT

GET
H2 200 414477500_2269980303193525_1760257668046560630_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 184 KB
184 KB 542ms
172ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/414477500_2269980303193525_1760257668046560630_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=EEuQocdCFOgAX9usU9J&_nc_oc=AQn2Z_6_FwG73GsarFRYPLrr26swa0mcqyzyyWy_FRwOEfKvIg-_n73aIiAo0zHyPGs&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfBD0RulU1W52KmPrZdMYP7MBecRPzq4-6vUbyqK5JNjvA&oe=659A121D
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a7d9cc9061625003ba2bcb40d5ea9cab1280a2e6ef33aa50a41733350c82a66e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 01 Jan 2024 05:00:26 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3062718059
thrift_fmhk: GBB6mjYH8TNuiwlkPqKzVUWZFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3062718059
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 188428

GET
H2 200 414442950_1060419481753761_3136119396947217719_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 163 KB
164 KB 541ms
172ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/414442950_1060419481753761_3136119396947217719_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=Rn1mZ1R7tSIAX_VjmcO&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfC8hN1wl7zJhYJXN629-fchkn3Rw4Q2aOPnfqlT4_HPxw&oe=659A58FD
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 638dc6adc2ea1eb1675a60748c0ac123a27c086992c4a5d0c2c7e077d6b7ea63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 01 Jan 2024 03:47:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=832610213
thrift_fmhk: GBAlhUVWfDYBm6dY+7JLRiqvFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 832610213
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 167335

GET
H2 200 413922568_922926442685132_4481780706262868547_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 112 KB
112 KB 539ms
171ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/413922568_922926442685132_4481780706262868547_n.jpg?_nc_cat=108&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=v3kwWZDGYGcAX8ilE4e&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfDQONzZB0NPBkF0QuLW98IJxCU2dIuFxi0afAO58anBfA&oe=6599B2EF
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d60ecc0e864b5b2a5b093a55b333125863635a7d3737be10516708ae4d7acee5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 31 Dec 2023 06:12:05 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2270563765
thrift_fmhk: GBAToAShkMBAqlsQ3+YNTQBWFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2270563765
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 114533

GET
H2 200 413372028_489386150435510_2191644206164086694_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 135 KB
136 KB 538ms
170ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/413372028_489386150435510_2191644206164086694_n.jpg?_nc_cat=106&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=dGkiO3w52gMAX8JByvV&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfCK2txHcazynzsg1i9QUBzYWjFmfqRB6zMKixOtGHsm1g&oe=659948A9
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 417dd7d4c031d3fdde20449c1b182a9001ee55ba35264576a235fe3e9a233dd6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 30 Dec 2023 03:05:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=276064957
thrift_fmhk: GBD9G9ezykUUWwBWaZLGkNeRFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 276064957
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 138520

GET
H2 200 412631876_862165388939212_3826677585234948226_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 104 KB
104 KB 538ms
171ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/412631876_862165388939212_3826677585234948226_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=-VjT2iEArPsAX-9Totr&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfDXfnI16ntC2Ly2VHCobpZfy0w8Ubke7cV-8bwbOae-Uw&oe=65995693
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7fc4a1cce150269aa3727123720546f86ccda891307381eb626b5f10e1453543

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 26 Dec 2023 01:36:36 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3798431515
thrift_fmhk: GBBFpw1Y3KfrnGnBxShSRd9nFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3798431515
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 106695

GET
H2 200 412566671_852848146579863_3875462341942731745_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 81 KB
81 KB 540ms
172ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/412566671_852848146579863_3875462341942731745_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=eOMYhiYNXQ8AX9-mxNJ&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfAhGt8623t1V59pnA_vwnLkJqy1OAZDR_g-OJPuArnL1g&oe=659AFB82
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 463af73ec2d411ff4623bde03594c2ec20772193c99c3bcdd1b12c8eaf95eca2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 26 Dec 2023 00:40:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3186710661
thrift_fmhk: GBBpfbjdIEQPnR3QFrK8D6loFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3186710661
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 82782

GET
H2 200 412541354_1779741102487028_8151319097540465920_n.jpg
scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/ Frame 67C5 157 KB
157 KB 421ms
420ms Image
image/jpeg 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-1.cdninstagram.com/v/t51.29350-15/412541354_1779741102487028_8151319097540465920_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=c4dd86&_nc_ohc=TgWRN3ixlvAAX_K89cr&_nc_ht=scontent-nrt1-1.cdninstagram.com&edm=ANQ71j8EAAAA&oh=00_AfDXP_odruw6Nd0mfewsxyxFbCPX2UcoyA-MTfVFavqCXg&oe=659A9967
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 04579c3c27de14302f073a7a45bc3639d302fb24b9cf02b7df4401a970bc2740

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 25 Dec 2023 02:15:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2820607231
thrift_fmhk: GBCLCV/pMRSUtyn9TF7eF0MOFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2820607231
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 160576

GET
H3 200 common.js Show response
gag.sysfeather.com/js/ Frame 67C5 10 KB
3 KB 14ms
11ms Script
application/javascript 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/js/common.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0e0889fdefbafaa74aac323b1b0a6a046425584280f0ce7054bcc023731fc8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 366341
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 07 Apr 2019 06:18:51 GMT
server: cloudflare
etag: W/"5ca9964b-29d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ecGNeaNu1Aw6t2rD90aG02opeg49rkjPshxFZTPwSlbtQAfBV6H7tuWs8SD3tAhazYxhnnjNFhioimfj1Dlt5HTi7fA%2BpB7XiAjfULDzrDBx831H0hdOwCs5FonKlXHR8Mp4rua66Bo94e70qgN5Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1209600
cf-ray: 83fa3ba89e9e0f70-EWR
expires: Sat, 13 Jan 2024 03:46:29 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 67C5 85 KB
30 KB 66ms
12ms Script
text/javascript 2607:f8b0:4020:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 00:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 00:22:42 GMT

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ Frame 67C5 24 KB
7 KB 25ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5361011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-619d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOqpYM8pitU3kAFew3zr4SHVaHWUUnrzr6uhOJcjIdVSMvz1pQ%2FU6bzvqeogA%2FQspGeafMuCkn4BD9qPR1tYPRtuIrzyUtln8vaBPzkORXLUHlsMLr1vL%2FTB%2BKjYswA%2Be5fcgutlubhd3DKC5ICLh%2BCJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8aa4b5e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 67C5 21 KB
7 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 430233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNWuRovoXwbRDssjym47qkScOziP7NatduVxw4sJ2w7RbqSe%2B%2F8uS0NdpcIHLFGq69dSoOjEV3FNZfVEUmiAq2qGjbBH3Cqb6Q32JvgnTYRnh13OqTNkXygxcoShuVvVSMPEqcx93sPPPiYGuHn1X6tS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8ba4f5e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H2 200 moment-with-locales.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/ Frame 67C5 306 KB
51 KB 24ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/moment-with-locales.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 475574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52012
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-4c8c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSpghYyLHmeP3j9XkRrG3zus%2Fjr2dTf5gQiqlUJsP7rN3YoOKvDHx%2BDkm0LPE3JjSIMfOceofimvleMGc5iyXBhLCWqrBpJn1wtEnUObdoqAmAZEz44XGpxJHMZKCJpxVPCOWlCby1GUVBXqsk8CrK7K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8ba515e68-EWR
expires: Mon, 23 Dec 2024 09:32:11 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 67C5 57 KB
16 KB 46ms
14ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 951
age: 4578168
cdn-cachedat: 07/25/2022 03:11:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bbc77f297e0601f8b813d264b8254835
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 83fa3ba8c8ab434a-EWR
cdn-requestpullsuccess: True

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.1.20/ Frame 67C5 51 KB
15 KB 13ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.1.20/jquery.fancybox.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4321168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14946
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-cc4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiXTIZ88Irl7CYI8SkVZbWPkHRmv08GmrEjmlEVAGD3DqzHq%2B3alvMPeUIPipD5Ik%2FE6152ZzUG6vBTLSoRH3YuzMYnz1Y9d9VPMizwKsNxSgamSHS9wSbm7Hmy2bZiCL5pwRM1i5pfU5fhM2s5FQCqE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fa3ba8ba525e68-EWR
expires: Mon, 23 Dec 2024 09:32:10 GMT

GET
H3 200 bootadmin.js Show response
gag.sysfeather.com/js/ Frame 67C5 2 KB
1 KB 15ms
13ms Script
application/javascript 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/js/bootadmin.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b5230251a34620e6902efb5e9844d8eaf739b5b321fbef6bfcb51afa128a4b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 366341
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 May 2018 17:34:22 GMT
server: cloudflare
etag: W/"5af08e1e-944"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTIk1joNBbd2GjTulxcxi5xxizIQEo3tUc9RXdupXjMhpb%2F696y02SO2Ix8b%2F2wRfG8IzDGzAMv%2FEINa8euMrmoMu3cnwO81dsQPEjbEC8CT3BzgQriUXqVJ60JBSpsxLAaadfTdlmpLP%2FgIvPoUq7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1209600
cf-ray: 83fa3ba89e9f0f70-EWR
expires: Sat, 13 Jan 2024 03:46:29 GMT

GET
H3 200 jquery.instagramFeed.min.js Show response
gag.sysfeather.com/js/ Frame 67C5 4 KB
2 KB 15ms
13ms Script
application/javascript 2606:4700:3037::6815:20c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sysfeather.com/js/jquery.instagramFeed.min.js

Requested by

Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:20c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dd4dcf8684ebdfe94e69f14f4da31c4116a963606f1f2d7df885144bf188d33

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:10 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 47029
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Apr 2020 12:25:44 GMT
server: cloudflare
etag: W/"5e8b1fc8-11dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riAftwHx6jPgBgA6CTNuJeI4RVEI2hKre7tZNi95vDWeW1n2oOaOsBGUK%2FBEE%2FhKNMQCl3nhEpJ9GITV0cKFAFskyJdkcPpr12w6F%2F%2BNHhrWGmzSLJfrxifx0YMJfa2XbpRSEE7SLV1QmJqozOCsWyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=1209600
cf-ray: 83fa3ba89ea00f70-EWR
expires: Tue, 16 Jan 2024 20:28:21 GMT

GET
DATA 200
OK truncated
/ Frame 67C5 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 CB4F9FF3AE85732729973872AB94AF8E_video_dashinit.mp4
scontent-nrt1-1.cdninstagram.com/o1/v/t16/f1/m82/ Frame 67C5 4 MB
4 MB 420ms
419ms Media
video/mp4 2a03:2880:f20f:c4:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://scontent-nrt1-1.cdninstagram.com/o1/v/t16/f1/m82/CB4F9FF3AE85732729973872AB94AF8E_video_dashinit.mp4?efg=eyJ2ZW5jb2RlX3RhZyI6InZ0c192b2RfdXJsZ2VuLmNsaXBzLnVua25vd24tQzMuNzIwLmRhc2hfYmFzZWxpbmVfMV92MSJ9&_nc_ht=scontent-nrt1-1.cdninstagram.com&_nc_cat=111&vs=724502262980461_1145845522&_nc_vs=HBksFQIYT2lnX3hwdl9yZWVsc19wZXJtYW5lbnRfcHJvZC9DQjRGOUZGM0FFODU3MzI3Mjk5NzM4NzJBQjk0QUY4RV92aWRlb19kYXNoaW5pdC5tcDQVAALIAQAVAhg6cGFzc3Rocm91Z2hfZXZlcnN0b3JlL0dJaWJ3eGpDc1B0T0NDNEJBQlI5ZnI1MW1DZFJicV9FQUFBRhUCAsgBACgAGAAbAYgHdXNlX29pbAExFQAAJpqtho728Pk%2FFQIoAkMzLBdAJ0QYk3S8ahgSZGFzaF9iYXNlbGluZV8xX3YxEQB1AAA%3D&ccb=9-4&oh=00_AfBxynqOvGwSZ7pPvxJBB0k6RKayjBA5a8XLjE7VzETENw&oe=65969A8A&_nc_sid=1d576d&_nc_rid=e95dcda864
Requested by: Host: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f20f:c4:face:b00c:0:43fe Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 489ae2da7a8d9f7c4a9efb89f8168aa7b8c957aeccb228a668dc3777857569f4

Request headers

Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 03 Jan 2024 09:32:11 GMT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-4132616/4132617
thrift_fmhk: GBDjrFbc5Z/jzsnCJL+syfoJFeq3uckLAA==
x-upstream-checksum-algorithm: crc32, crc32
accept-ranges: bytes
timing-allow-origin: *
x-fb-vts-requestid: 49bdcbac79
alt-svc: h3=":443"; ma=86400
Content-Length: 4132617

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ Frame 67C5 297 KB
85 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f02c:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=dbbdfdb3d540ef38dda30d744ecad9df

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02c:13:face:b00c:0:3 Boca Raton, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4304fad65c8baf0bdf9983ff74b0c40552b11163793460d4ebdc6ff61edaea79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1
Origin: https://gag.sysfeather.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 09:32:11 GMT
content-md5: iRgQiDEhCaqXBy8y8CykmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87036
reporting-endpoints
x-fb-debug: wZ+I/qJ2eBdBpnnEpApS6tiGviDaac6gMo4BQIHCwHThWBL+4LWF4bgUECs1z5UVzixrzvHszyJlmDtIAzahcg==
x-fb-content-md5: 5371578758b6dc7e955ff19cb7a41ade
cross-origin-opener-policy: same-origin-allow-popups
etag: "1b53a4714b8db7f8d0e8c65fa58bbefb"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jan 2025 09:07:41 GMT

GET
DATA 200
OK truncated
/ Frame 67C5 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 67C5 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK timer.html Show response
gag.sfec.cc/ Frame 72ED 26 KB
9 KB 197ms
197ms Document
text/html 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E8%B3%BC%E8%B2%B7%F0%9F%9B%92&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E4%B9%9D%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E8%B3%A3%E2%9A%A1%EF%B8%8F&time=2023-09-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/js/plugin/timer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7f6fd592f114c2e7bcc09190e442e4a6cf5ee93f24b0d414c3a1a610a683389c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noramama.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 09:32:13 GMT
ETag: W/"61b0dbdb-6697"
Last-Modified: Wed, 08 Dec 2021 16:22:51 GMT
Referrer-Policy: no-referrer-when-downgrade no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 zR3RPCP.png
i.imgur.com/ 136 KB
136 KB 22ms
12ms Image
image/png 146.75.32.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/zR3RPCP.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

990b8fc8086c76d292f03920727cd2d4666a39996db18986804a35b26abd945f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.noramama.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:32:12 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 25173
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 139360
x-served-by: cache-iad-kjyo7100074-IAD
last-modified: Mon, 01 Jan 2024 05:39:57 GMT
server: cat factory 1.0
x-timer: S1704274333.695855,VS0,VE2
etag: "536f4b135501cccbf30fbe7e37e1c8ed"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9dbBhAc3e5Ps4oRh6Em-2QxRFneMLTfMeX75YfQOlmYUzyiktUvdGA==
x-cache-hits: 1

GET
H/1.1 200
OK timer.html Show response
gag.sfec.cc/ Frame 25F4 26 KB
9 KB 197ms
196ms Document
text/html 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E5%9C%98%E4%B8%AD%E2%9A%A1%EF%B8%8F&time=2023-08-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/js/plugin/timer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7f6fd592f114c2e7bcc09190e442e4a6cf5ee93f24b0d414c3a1a610a683389c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noramama.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 09:32:13 GMT
ETag: W/"61b0dbdb-6697"
Last-Modified: Wed, 08 Dec 2021 16:22:51 GMT
Referrer-Policy: no-referrer-when-downgrade no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK timer.html Show response
gag.sfec.cc/ Frame E566 26 KB
9 KB 392ms
194ms Document
text/html 35.73.75.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E5%8D%81%E4%BA%8C%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%99%90%E6%99%82%E6%94%B6%E5%96%AE%EF%BD%9E12%2F10&time=2023-12-10T12:59&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/js/plugin/timer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

35.73.75.13 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-73-75-13.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7f6fd592f114c2e7bcc09190e442e4a6cf5ee93f24b0d414c3a1a610a683389c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.noramama.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 09:32:13 GMT
ETag: W/"61b0dbdb-6697"
Last-Modified: Wed, 08 Dec 2021 16:22:51 GMT
Referrer-Policy: no-referrer-when-downgrade no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.6.14/dist/ Frame 72ED 336 KB
93 KB 14ms
4ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.14/dist/vue.js

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E8%B3%BC%E8%B2%B7%F0%9F%9B%92&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E4%B9%9D%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E8%B3%A3%E2%9A%A1%EF%B8%8F&time=2023-09-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E8%B3%BC%E8%B2%B7%F0%9F%9B%92&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E4%B9%9D%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E8%B3%A3%E2%9A%A1%EF%B8%8F&time=2023-09-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 09:32:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6203452
x-jsd-version: 2.6.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95130
x-served-by: cache-fra-etou8220028-FRA, cache-lga21971-LGA
x-jsd-version-type: version
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.6.14/dist/ Frame 25F4 336 KB
93 KB 4ms
3ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.14/dist/vue.js

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E5%9C%98%E4%B8%AD%E2%9A%A1%EF%B8%8F&time=2023-08-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E2%9A%A1%EF%B8%8F%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%96%8B%E5%9C%98%E4%B8%AD%E2%9A%A1%EF%B8%8F&time=2023-08-10T12:00&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 09:32:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6203452
x-jsd-version: 2.6.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95130
x-served-by: cache-fra-etou8220028-FRA, cache-lga21971-LGA
x-jsd-version-type: version
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vue.js Show response
cdn.jsdelivr.net/npm/vue@2.6.14/dist/ Frame E566 336 KB
93 KB 5ms
4ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.6.14/dist/vue.js

Requested by

Host: gag.sfec.cc
URL: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E5%8D%81%E4%BA%8C%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%99%90%E6%99%82%E6%94%B6%E5%96%AE%EF%BD%9E12%2F10&time=2023-12-10T12:59&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gag.sfec.cc/timer.html?button=%E9%BB%9E%E6%88%91%E9%80%9B%E9%80%9B&link=https%3A%2F%2Fwww.kikikids.co%2Fproduct.php%3Fcid%3D79&title=%E5%8D%81%E4%BA%8C%E6%9C%88%E4%BB%BD%E5%9C%98%E8%B3%BC%E9%9E%8B%E9%99%90%E6%99%82%E6%94%B6%E5%96%AE%EF%BD%9E12%2F10&time=2023-12-10T12:59&cssBg=%23fffcf5&cssCounter=%23fc795b&cssCounterUnit=%23574a47&cssContent=%23574a47&cssBtn=%23fc795b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 03 Jan 2024 09:32:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6203452
x-jsd-version: 2.6.14
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 95130
x-served-by: cache-fra-etou8220028-FRA, cache-lga21971-LGA
x-jsd-version-type: version
etag: W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Domain: gag.sysfeather.com
URL: https://gag.sysfeather.com/instagram/basic-display?username=kikikids2020&size=8&title=1

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.noramama.tw/	1969-12-31 23:59:59	Name: PHPSESSID Value: r5arl26qnrkgbnddgqehuhhjj6
www.noramama.tw/	1970-01-20 19:34:10	Name: sf_session Value: 2EyG1L2NI6Bpt88lOAqnYqPDb854kKNsyT74MhXy
.noramama.tw/	1970-01-21 03:00:34	Name: _ga_PNVKYLZWSC Value: GS1.1.1704274329.1.0.1704274329.0.0.0
.noramama.tw/	1970-01-20 17:26:00	Name: _gid Value: GA1.2.334544808.1704274330
.noramama.tw/	1970-01-20 17:24:34	Name: _gat_gtag_UA_214933034_21 Value: 1
.noramama.tw/	1970-01-21 03:00:34	Name: _ga_78Z53PJFJS Value: GS1.1.1704274329.1.0.1704274329.0.0.0
.noramama.tw/	1970-01-21 03:00:34	Name: _ga Value: GA1.1.600261436.1704274330
.noramama.tw/	1970-01-20 19:34:10	Name: _fbp Value: fb.1.1704274329743.1133984028
www.noramama.tw/	1970-01-20 17:54:48	Name: wish_list Value: %5B%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://gag.sfec.cc/js/plugin/timer.js(Line 27) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://gag.sfec.cc') does not match the recipient window's origin ('https://www.noramama.tw').
security	error	URL: https://gag.sfec.cc/js/plugin/timer.js(Line 27) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://gag.sfec.cc') does not match the recipient window's origin ('https://www.noramama.tw').
security	error	URL: https://gag.sfec.cc/js/plugin/timer.js(Line 27) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://gag.sfec.cc') does not match the recipient window's origin ('https://www.noramama.tw').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
gag.sfec.cc
gag.sysfeather.com
i.imgur.com
maxcdn.bootstrapcdn.com
resource.sfec.cloud
scontent-nrt1-1.cdninstagram.com
static.getbutton.io
v2cdn.sfec.cloud
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.noramama.tw
gag.sysfeather.com
146.75.32.193
2600:9000:2009:9600:1c:1162:edc0:93a1
2600:9000:24f2:5e00:9:ed18:3180:93a1
2606:4700:20::ac43:4af7
2606:4700:3037::6815:20c7
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4006:80e::2008
2607:f8b0:4020:805::200e
2607:f8b0:4020:807::200a
2a03:2880:f02c:13:face:b00c:0:3
2a03:2880:f12c:83:face:b00c:0:25de
2a03:2880:f20f:c4:face:b00c:0:43fe
2a04:4e42:200::485
35.73.75.13
75.2.82.70
04579c3c27de14302f073a7a45bc3639d302fb24b9cf02b7df4401a970bc2740
06df7c2fe538d8e34bf418bfc5af554ed25cec90aadfdf4af6a1fbab95c85301
08dc271963ced376b590e940b06687e60f0fddd15aa85aaa18557fd67917e4e5
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1043db4676e61aac00815a825370b3f453b5c2a32e6a202d8b60a7603d1d75e8
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1661df00815a4c77e1a6a612dec3d967bbd476c7b998a3e133bda32e2c8e5777
16a7a513b94c5f986745e655a1b3ba938daf438f23b74e26e9902d38d35cbfca
1735adb046b94ab6dce62b7f80bd20ddbbb5cdfef6c2d2fb98fbcaff1eaf0ee2
2ca6b037d5207e966e6121361e20b1c43c4380b3950f1d91e28822941239da87
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
417dd7d4c031d3fdde20449c1b182a9001ee55ba35264576a235fe3e9a233dd6
4304fad65c8baf0bdf9983ff74b0c40552b11163793460d4ebdc6ff61edaea79
463af73ec2d411ff4623bde03594c2ec20772193c99c3bcdd1b12c8eaf95eca2
489ae2da7a8d9f7c4a9efb89f8168aa7b8c957aeccb228a668dc3777857569f4
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
50111bbd2295251d3edf5953c76acef2156db1aca20e8f3787df42211be48a32
56cdfa29a02c92681533baf7953ec79db31e8d5dcfc6d1483c1525114f4328a4
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
638dc6adc2ea1eb1675a60748c0ac123a27c086992c4a5d0c2c7e077d6b7ea63
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73f61f1158bd377c9c6bca94e3f6c87c9f3a1c730cd8b4300a4f1d8b907b21d8
741269aaea7ff32cc963a56cddaa9d8cf3a800854d47f750e4b16a9d3eb448a0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dd4dcf8684ebdfe94e69f14f4da31c4116a963606f1f2d7df885144bf188d33
7f6fd592f114c2e7bcc09190e442e4a6cf5ee93f24b0d414c3a1a610a683389c
7fc4a1cce150269aa3727123720546f86ccda891307381eb626b5f10e1453543
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
80c7d8d88a91688aa18a1ce39ec33e15ac5e1cad7c7be1c5fa3c403f34f1b53c
981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef
990b8fc8086c76d292f03920727cd2d4666a39996db18986804a35b26abd945f
99e6804783103df108275cde34335e6c3563b5dd2e2b4e0d3d05d86a152170d3
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9a8ed4a9ae2e4bf2af86d128b59c0c65e4992b3181e73851ff7d9cdca3833586
9e0e0889fdefbafaa74aac323b1b0a6a046425584280f0ce7054bcc023731fc8
9fce3e936b9e72a7b299fcdd72c52b300c675d0c9c74fb3b905618b279c2b2db
a50dcac7558e2bb46ca938cdd3dc1367663b7d30d11b769357218fa67828b3bc
a7d9cc9061625003ba2bcb40d5ea9cab1280a2e6ef33aa50a41733350c82a66e
a9e9cb845ba9f9a3126a5277517daf461c0b121fc9a9d6a76219a40d21feb3dd
ab0d8d1b494966592ee70e3d8061428fb41380981e6ca69defdf78138ba8d6c7
aed793318acfce80b49cfaa58011449c8218bd6b0a6ec19d649ad8836a2dcd38
b22f3f6659508c75d6480005fbe785a089136d686e2e2eb3dd378e875208bad3
b9c604018a550b63d359608469904de09b8efc5f38395cca106faa49262dfde0
baafb1c39ed6514614c7781d5ca605bab219f7484a53240da5d5a6666f2fc7c3
c33a2ad0fef0daa2f345c26c177d7dcba1bd3a2964de7539099f2d9d8f538c52
c621157e7f0c6270720d6906226927ed1c1ffe384f8fd66a4dcc7ca03cc8ea4e
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c7b5230251a34620e6902efb5e9844d8eaf739b5b321fbef6bfcb51afa128a4b
c89660a2deb4bb22d72826fb1c52172465dc70e52bebb939da98d6e256d8958c
c9675b2d3535a122014fe4b9d55dd6997b381d353da2005bc3589a10957f5f0f
ca270fd06ed104ddf3997c23c772f0cc9addc31a83fdbfab66d981d51bc60fe2
ce00bc93d0b8b19519a7c5213c47fdb452d66f205f709b18fa59ec70a49b63ba
d508af8f7999d51f2a058bdb6f7de1d2e480509c76e0b376d780f3036bc70d88
d60ecc0e864b5b2a5b093a55b333125863635a7d3737be10516708ae4d7acee5
d63d6003d087ebb286ee2c3f0ca2d6a44c03d797d419022cd9b1b90eb93b6804
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1203b2b006440713a74893a80e2affba524e80d6d17fa550fd678b59c4ba636
e20690772bbef6ac023ff9dbfc792f79c6562a2d26aaf6a92e0aacb358a1992c
e336e6d463780f44dbe165be9602081d3a692b5b8c1cbe73a1b121156dd77883
e36513f2857fd1ef71ca6a40a46758ae13df5cc9f8bc2721661e8b70f40b32bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ed3c979ebd98534e34cdf48ffab11ccf6f60816e23e7afee8d33f08cccf2a856
ed918abdaa662a8b49b9803e24b6d8b623222a497f9bd16308c5bbbd60554799
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f411e378e5dc6f54e396de0d171a69b1d208e570370b0b3663f6ea0b836573ff
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fce4fb2c635793b64fe056502bc394c9b3c6ba7dde5537565cf87f8d159d3e4f
fe867b87f2648fa01f89b37fcd35ab0a86dad0bf9084ff537ff6528326490a76

www.noramama.tw Open in urlscan Pro 75.2.82.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

97 %HTTPS

81 %IPv6

15 Domains

16 Subdomains

17 IPs

3 Countries

7183 kBTransfer

10749 kBSize

9 Cookies

5 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.noramama.tw Open in urlscan Pro
75.2.82.70 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

97 %
HTTPS

81 %
IPv6

15
Domains

16
Subdomains

17
IPs

3
Countries

7183 kB
Transfer

10749 kB
Size

9
Cookies

87 HTTP transactions
3 data transactions