2022promotion.trustme.com.tw Open in urlscan Pro
61.61.97.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://2022promotion.trustme.com.tw/
Effective URL:
https://2022promotion.trustme.com.tw/
Submission: On June 15 via manual (June 15th 2023, 12:57:33 pm UTC) from LU — Scanned from DE

Summary HTTP 76 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 20 domains to perform 76 HTTP transactions. The main IP is 61.61.97.195, located in Taiwan and belongs to NCIC-TW New Century InfoComm Tech Co., Ltd., TW. The main domain is 2022promotion.trustme.com.tw.
TLS certificate: Issued by R3 on May 2nd 2023. Valid for: 3 months.

This is the only time 2022promotion.trustme.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	61.61.97.195 61.61.97.195	9919 (NCIC-TW N...) (NCIC-TW New Century InfoComm Tech Co.)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	163.181.56.155 163.181.56.155	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
10	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
6	2600:9000:223... 2600:9000:223c:5c00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.16.97.81 2.16.97.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
2	2a03:2880:f15... 2a03:2880:f158:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	52.192.235.29 52.192.235.29	16509 (AMAZON-02) (AMAZON-02)
1	35.227.249.156 35.227.249.156	15169 (GOOGLE) (GOOGLE)
76	28

22 61.61.97.195 (Taiwan) 1 redirects

ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW)

2022promotion.trustme.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.155 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223c:5c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-81.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f158:82:face:b00c:0:25de (London, United Kingdom)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.235.29 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-235-29.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com

cft.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	trustme.com.tw 1 redirects 2022promotion.trustme.com.tw	6 MB
13	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 149717 c.holmesmind.com — Cisco Umbrella Rank: 116521 fcm.holmesmind.com — Cisco Umbrella Rank: 175417 ad.holmesmind.com — Cisco Umbrella Rank: 121305 cft.holmesmind.com — Cisco Umbrella Rank: 697067	42 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 97	988 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 124 static.doubleclick.net — Cisco Umbrella Rank: 349	3 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 279	31 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	260 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890 www.google.com — Cisco Umbrella Rank: 3	16 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	216 B
2	google.de www.google.de — Cisco Umbrella Rank: 4835	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	114 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	29 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 252	2 KB
1	line.me tr.line.me — Cisco Umbrella Rank: 14123	425 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 14415	10 KB
1	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 49255	2 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2743	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 771	24 KB
76	20

	Domain	Requested by
22	2022promotion.trustme.com.tw	1 redirects 2022promotion.trustme.com.tw
10	www.youtube.com	2022promotion.trustme.com.tw www.youtube.com
6	cdn.holmesmind.com	www.googletagmanager.com cdn.holmesmind.com
4	jnn-pa.googleapis.com	www.youtube.com
4	c.holmesmind.com	2 redirects 2022promotion.trustme.com.tw cdn.holmesmind.com
4	www.googletagmanager.com	2022promotion.trustme.com.tw www.googletagmanager.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	www.facebook.com	2022promotion.trustme.com.tw
2	www.google.com	2022promotion.trustme.com.tw www.youtube.com
2	www.google.de	2022promotion.trustme.com.tw
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	2022promotion.trustme.com.tw connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	cft.holmesmind.com	2022promotion.trustme.com.tw
1	ad.holmesmind.com	cdn.holmesmind.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	tr.line.me	2022promotion.trustme.com.tw
1	fcm.holmesmind.com	cdn.holmesmind.com
1	region1.analytics.google.com	www.googletagmanager.com
1	d.line-scdn.net	2022promotion.trustme.com.tw
1	cdn.staticfile.org	2022promotion.trustme.com.tw
1	stackpath.bootstrapcdn.com	2022promotion.trustme.com.tw
1	cdnjs.cloudflare.com	2022promotion.trustme.com.tw
1	code.jquery.com	2022promotion.trustme.com.tw
76	27

This site contains links to these domains. Also see Links.

Domain
page.line.me

Subject Issuer	Validity	Valid
2022promotion.trustme.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-24` - `2023-06-22`	3 months	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-11`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2022-08-08` - `2023-09-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://2022promotion.trustme.com.tw/
Frame ID: A2D8B316DAED56CE25474F924E0F0F6D
Requests: 51 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/getP.htm
Frame ID: 53FDB40299F50DA129B28B1F57EB0ED7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9841001&uum=4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S
Frame ID: D9622DBA10FD9BA58C1C7EA9AC9ABFA4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/getP.htm
Frame ID: D577E4303B2B040BEB631D11F3E6AACD
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: D8A1EA7118EC67727494099C4C9245B7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
Frame ID: 185EC98D11BA901A572E05972517BE52
Requests: 18 HTTP requests in this frame

Frame: https://ad.holmesmind.com/adserver/cs?website=CF-221100124151
Frame ID: 78E0312FC91F3EA33B43536CA61CF735
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

媚登峰2022週年慶，媚登峯全門市開放預約中

Page URL History Show full URLs

http://2022promotion.trustme.com.tw/ HTTP 301
https://2022promotion.trustme.com.tw/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

96 %
HTTPS

70 %
IPv6

20
Domains

27
Subdomains

28
IPs

7
Countries

7699 kB
Transfer

11403 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://page.line.me/qbu7538d

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2022promotion.trustme.com.tw/ HTTP 301
https://2022promotion.trustme.com.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 43

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 60

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
2022promotion.trustme.com.tw/
Redirect Chain

http://2022promotion.trustme.com.tw/
https://2022promotion.trustme.com.tw/

10 KB
3 KB

780ms
270ms

Document
text/html

61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 600b783f55ced9d7261e112d826c8ddc330e44e88d0244598f595ba360e87ada

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html
date: Thu, 15 Jun 2023 12:57:18 GMT
etag: W/"63a165bb-28b5"
expires: Thu, 15 Jun 2023 13:12:18 GMT
last-modified: Tue, 20 Dec 2022 07:35:23 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 15 Jun 2023 12:57:17 GMT
Location: https://2022promotion.trustme.com.tw/
Server: nginx

GET
H2 200 swiper-bundle.min.css
2022promotion.trustme.com.tw/assets/css/ 16 KB
5 KB 787ms
787ms Stylesheet
text/css 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: https://2022promotion.trustme.com.tw/assets/css/swiper-bundle.min.css
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:18 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 08:18:19 GMT
server: nginx
etag: W/"636227cb-4055"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Fri, 16 Jun 2023 12:57:18 GMT

GET
H2 200 layout.css
2022promotion.trustme.com.tw/css/ 245 KB
35 KB 531ms
531ms Stylesheet
text/css 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: https://2022promotion.trustme.com.tw/css/layout.css?v=2
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ab597264634d59127e54e8c0f6ba8172d18da84e59ec3b8e8f9f042950127eaf

Request headers

Referer: https://2022promotion.trustme.com.tw/
Origin: https://2022promotion.trustme.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:18 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 00:58:27 GMT
server: nginx
etag: W/"636c4cb3-3d573"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
expires: Fri, 16 Jun 2023 12:57:18 GMT

GET
H2 200 btn_lipo.png
2022promotion.trustme.com.tw/images/ 9 KB
9 KB 755ms
752ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/btn_lipo.png?v=1.8
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e4f420754bfe2b1f70a5b228f81a371fee013bbe3993903de16f8aabfcff13ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Thu, 10 Nov 2022 01:43:25 GMT
server: nginx
etag: "636c573d-2444"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 9284
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 line.png
2022promotion.trustme.com.tw/images/ 4 KB
4 KB 755ms
752ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/line.png?v=1.8
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 79ddf3e41ab1bf2918f236f3716ce33baa640765427ec9529418161e47b420aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:13 GMT
server: nginx
etag: "636227c5-e2c"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3628
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 home-banner1.jpg
2022promotion.trustme.com.tw/images/ 712 KB
713 KB 755ms
753ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/home-banner1.jpg?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 24d212123750f10429f6f57d1767f57960a5980927c47b0df5338265f084a900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:09 GMT
server: nginx
etag: "636227c1-b1ff9"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 729081
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 home-banner3.jpg
2022promotion.trustme.com.tw/images/ 230 KB
230 KB 755ms
753ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/home-banner3.jpg?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 04fbf625f1d0261d4195f33fe941adb5b200805435958dbac26a73b2dc38fd3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:42:46 GMT
server: nginx
etag: "63622d86-3974f"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 235343
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 m6-bg.png
2022promotion.trustme.com.tw/images/ 16 KB
16 KB 755ms
753ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/m6-bg.png?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 94b7356c90fcc23d170b628db03ac68ad437b704fc8b31c3624af34d6f3c7c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:17 GMT
server: nginx
etag: "636227c9-40f9"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16633
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 m6-p1.jpg
2022promotion.trustme.com.tw/images/ 205 KB
205 KB 756ms
753ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/m6-p1.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f3ae6e6575833ad8f491ea2f7c81bfaddcd3d009fa239a83ba503804a2b5d871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:17 GMT
server: nginx
etag: "636227c9-33359"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 209753
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 m6-p2.jpg
2022promotion.trustme.com.tw/images/ 199 KB
200 KB 756ms
754ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/m6-p2.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c6cf2a86dfdb8bd6637dc00ac9706050718b3d12af7a5f8dd632cdcadee83950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:17 GMT
server: nginx
etag: "636227c9-31d2d"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 204077
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 m6-p3.jpg
2022promotion.trustme.com.tw/images/ 233 KB
233 KB 756ms
754ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/m6-p3.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c974e8d4b0539d30376f8dc219fad6dea7ead5d7647547ddc3d303af542c4587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:18 GMT
server: nginx
etag: "636227ca-3a242"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 238146
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 lipo-pic1.png
2022promotion.trustme.com.tw/images/ 937 KB
938 KB 756ms
754ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/lipo-pic1.png?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 669fd0200147112379605e879e8804cf7b8aa09bd03bb233793c65d2627ed4f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:15 GMT
server: nginx
etag: "636227c7-ea48f"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 959631
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 lipo-pic2.png
2022promotion.trustme.com.tw/images/ 811 KB
812 KB 756ms
754ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/lipo-pic2.png?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 71e8692fd3d1d087aa27e914c824166cfcada1fc7e3bc49b7323e142de9ca2ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:15 GMT
server: nginx
etag: "636227c7-cac34"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 830516
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 lipo-pic3.png
2022promotion.trustme.com.tw/images/ 1012 KB
1013 KB 756ms
754ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/lipo-pic3.png?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 41e867d359062cd0dd2b1addc29e38bc490d818168131ce8155ab09d6038c18f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:17 GMT
server: nginx
etag: "636227c9-fcf00"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 1036032
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 lipo-pic4.png
2022promotion.trustme.com.tw/images/ 889 KB
890 KB 756ms
755ms Image
image/png 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/lipo-pic4.png?v=1.7
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 878383aa8188dd2e79c2eca6a33976fd667ca3647573e26cee05e68a5104642e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:37:15 GMT
server: nginx
etag: "63622c3b-de275"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
content-length: 909941
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 lipo-pic-bg.jpg
2022promotion.trustme.com.tw/images/ 38 KB
38 KB 994ms
992ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/lipo-pic-bg.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a605b8ec6c24ef06b04001c7282b7104f76d23938978c33e4f976120a6a73dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:13 GMT
server: nginx
etag: "636227c5-96f0"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 38640
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 footer.jpg
2022promotion.trustme.com.tw/images/ 687 KB
688 KB 994ms
993ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/footer.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1cef78f08a0521017b36ccd0c97adff79ba862be9186807f60aa985384bef793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:09 GMT
server: nginx
etag: "636227c1-abd46"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 703814
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 88ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://2022promotion.trustme.com.tw/
Origin: https://2022promotion.trustme.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1686833839.dop054.fr8.t,1686833839.cds125.fr8.hn,1686833839.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 jquery-3.6.0.min.js Show response
2022promotion.trustme.com.tw/assets/js/ 87 KB
31 KB 287ms
286ms Script
text/javascript 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: https://2022promotion.trustme.com.tw/assets/js/jquery-3.6.0.min.js
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 08:18:21 GMT
server: nginx
etag: W/"636227cd-15d9d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
expires: Thu, 22 Jun 2023 12:57:19 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/ 20 KB
7 KB 73ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://2022promotion.trustme.com.tw/
Origin: https://2022promotion.trustme.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3057755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6634
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-51ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFg%2Feb5knxF2vdwayz3udnSleYNnGEMarfjpI7bqc1W4awcK9MUfkov3YC74wm57eA73SQAhQbd538Xze%2BRQOceJ54No5aiJ5qXnvMSiELng6fSVj8KVZNF99%2FH8ccDXdkzGaGPto0vYIWkFNBEmAJDV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d7afa670b66bb5c-FRA
expires: Tue, 04 Jun 2024 12:57:19 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/ 54 KB
15 KB 87ms
40ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2022promotion.trustme.com.tw/
Origin: https://2022promotion.trustme.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1053
cdn-cachedat: 04/26/2023 08:07:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:07 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6895e8cd60b62646ce12426015888f58"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 47363eef34c90b9310477e87b00d5645
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7d7afa6708ee9130-FRA
cdn-requestpullsuccess: True

GET
H2 200 swiper-bundle.min.js Show response
2022promotion.trustme.com.tw/assets/js/ 140 KB
39 KB 547ms
544ms Script
text/javascript 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: https://2022promotion.trustme.com.tw/assets/js/swiper-bundle.min.js
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 08:18:21 GMT
server: nginx
etag: W/"636227cd-2310e"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
expires: Thu, 22 Jun 2023 12:57:19 GMT

GET
H/1.1 200
OK jquery.cookie.min.js Show response
cdn.staticfile.org/jquery-cookie/1.4.1/ 1 KB
2 KB 399ms
25ms Script
application/javascript 163.181.56.155
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: af14507fb9d30eac2ad0cf5f66da5a7309c234813d5c2c8f46375691262c23b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-Log: X-Log
Date: Wed, 14 Jun 2023 13:52:51 GMT
Via: cache21.l2de2[0,0,304-0,H], cache1.l2de2[0,0], ens-cache2.de4[0,0,200-0,H], ens-cache3.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: znwAAACeIsDjimgX
Age: 83068
X-Swift-CacheTime: 86387
X-Cache: HIT TCP_MEM_HIT dirn:9:250922398
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="jquery.cookie.min.js"; filename*=utf-8''jquery.cookie.min.js
Connection: keep-alive
X-Swift-SaveTime: Wed, 14 Jun 2023 13:53:04 GMT
Content-Length: 708
Last-Modified: Fri, 01 Jul 2016 19:34:19 GMT
Server: Tengine
Etag: "Fp54LdwuvOITiwf-IpcS4SOH1w7W.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1686750771
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1b16868338395188423e

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 94ms
39ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

701711966531317b4c71ef2ddcd28366c144d48cffbab71dfb189d22d5d04f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 15 Jun 2023 12:57:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 80ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4643c0478daf6d9dda24c7cfdb91b32a453fbb57c79fa221188e7ff91d0fb8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45920
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 12:57:19 GMT

GET
H2 200 icon-arrow-right.jpg
2022promotion.trustme.com.tw/images/ 491 B
718 B 993ms
993ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/icon-arrow-right.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/css/layout.css?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d81b9a43ebf684b297f829ead7de618cfef787175f6b410f7ceeecf796929a0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/css/layout.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:10 GMT
server: nginx
x-accel-version: 0.01
etag: "1e2a19-1eb-5ec787b2b9a8b"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 491
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 icon-arrow-left.jpg
2022promotion.trustme.com.tw/images/ 495 B
722 B 993ms
993ms Image
image/jpeg 61.61.97.195
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2022promotion.trustme.com.tw/images/icon-arrow-left.jpg
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/css/layout.css?v=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.61.97.195 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 927e3ced7f9a5490e0d437b41770c55bec71c48b9070bd87b95c707d59c82caa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/css/layout.css?v=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 02 Nov 2022 08:18:10 GMT
server: nginx
x-accel-version: 0.01
etag: "1e29f5-1ef-5ec787b2b2172"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 495
expires: Thu, 15 Jun 2023 15:57:19 GMT

GET
H2 200 rtid.js Show response
cdn.holmesmind.com/js/ 6 KB
6 KB 127ms
27ms Script
application/javascript 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtid.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c3b9515d29e24bd4db3a9edb807411a88c419d7bfc583e2dd6c6a3cc07ad82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 8xDtNBpK3CrOx_yFopYVhGLA4aupSWoP
date: Thu, 15 Jun 2023 12:57:12 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified: Wed, 14 Jun 2023 13:45:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14
x-amz-server-side-encryption: AES256
etag: "02bf8ba06088c1e9034e592de5f8fad4"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5826
x-amz-cf-id: K6D0BKGeF09PWptI0VNZ4qlE6iNPRQLdFZyrv34XZvdN0AS4eEGqGg==

GET
H2

200

cm
c.holmesmind.com/
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
505 B

138ms
137ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Thu, 15 Jun 2023 12:57:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 triggerTracker.js Show response
cdn.holmesmind.com/dmp/cft/ 2 KB
2 KB 23ms
23ms Script
application/javascript 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/dmp/cft/triggerTracker.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9000fc8ecec95f6461c91aa01e279028703be153cd93a66591d4c264258f2a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 4Yrufkip1R4wQHTkWS6dgL63xLqEZjOv
date: Thu, 15 Jun 2023 12:53:34 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 09:18:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 225
x-amz-server-side-encryption: AES256
etag: "1e04967fd75cf24a6b8fe16036d4f22b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1554
x-amz-cf-id: cHEjb_HiYyrZDDTXeLiijRx1mHAfH7THkUTBRNx0wZdBCsA3GhGWCQ==

GET
H2 200 tracker.js Show response
cdn.holmesmind.com/dmp/cft/ 27 KB
28 KB 28ms
28ms Script
application/javascript 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecedbf94b420eb2111edee11c55fba472271494b84c6cbc4b84780073022aa9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: qP2xgGWM76MesyjnYcbcM9HMG.6sI6Sx
date: Thu, 15 Jun 2023 12:57:19 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jun 2023 09:18:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 1
x-amz-server-side-encryption: AES256
etag: "61818076a62402cc2a8ea842e9a1bd9d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 27926
x-amz-cf-id: J4WsEWLCNoqrrC8TE_Jt4JmoRuLBpg9kMBg4K-OBpb3pwdRY948bqA==

GET
H2 200 getP.htm Show response
cdn.holmesmind.com/js/ Frame 53FD 368 B
762 B 22ms
22ms Document
text/html 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/getP.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72

Request headers

Referer: https://2022promotion.trustme.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13
content-length: 368
content-type: text/html
date: Thu, 15 Jun 2023 12:57:13 GMT
etag: "5a73a8424da0d3c569e5ee22d9327c5a"
last-modified: Wed, 14 Jun 2023 13:45:01 GMT
server: AmazonS3
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-id: oEztPZUgJy7NOZvw5NsoDFWvjlCVUav6Gjgc6GLebk-_KuGUW29WGg==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: rK87Fya5eUFghjY6wAqtCAhGHCWLSZSR
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-247178744-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6dcf652abf44277f741b3aacecde396cc27041b93b8af74b6b23a07008953f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66224
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 12:57:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11013203871

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PRK9H5S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a18dc374a47902437bce404853a0251582630aeadfec20f84d24a9ab974adf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72014
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 12:57:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
80 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2HCNS9G7LC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247178744-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5768fb7318667330f751f5e04c80e1b3b0339e9cf472b5a1f70110d0c852235e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 12:57:19 GMT

GET
H2 200 capmapping_dmp.htm Show response
cdn.holmesmind.com/js/ Frame D962 2 KB
3 KB 23ms
23ms Document
text/html 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9841001&uum=4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01d8a14fce512c19d367702dc32bbda2695335d7384803b009dfd5e00ea58912

Request headers

Referer: https://2022promotion.trustme.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38
content-length: 2179
content-type: text/html
date: Thu, 15 Jun 2023 12:56:55 GMT
etag: "da5b163c3dd863a2597dea08be745659"
last-modified: Wed, 14 Jun 2023 13:44:52 GMT
server: AmazonS3
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-id: 91oL154HSskKi0hU5-SA_wWtUnzsETqofsDT_AkUSjisohQ0X-CVeA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: h1JxovxG8eQYI1795dAcjjIX3svZxbDt
x-cache: Hit from cloudfront

GET
H2 200 getP.htm Show response
cdn.holmesmind.com/js/ Frame D577 368 B
753 B 21ms
20ms Document
text/html 2600:9000:223c:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/getP.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72

Request headers

Referer: https://2022promotion.trustme.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13
content-length: 368
content-type: text/html
date: Thu, 15 Jun 2023 12:57:13 GMT
etag: "5a73a8424da0d3c569e5ee22d9327c5a"
last-modified: Wed, 14 Jun 2023 13:45:01 GMT
server: AmazonS3
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
x-amz-cf-id: 13FFA7yRPuoOZTYj_Ay1yZc6Pu1ObSLO-jH81jZywN1zuI_CQXJJYQ==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: rK87Fya5eUFghjY6wAqtCAhGHCWLSZSR
x-cache: Hit from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247178744-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 11:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6751
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 13:04:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11013203871/ 3 KB
2 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11013203871/?random=1686833839631&cv=11&fst=1686833839631&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2F2022promotion.trustme.com.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&auid=25167782.1686833840&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11013203871

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5129dd23743d1d9100b8b5d3e0dad2dc26fc31fb6ebe51f32a636a624216ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1401
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 62ms
20ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Jun 2023 12:57:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: B5UtzV2yH1ntQ8VoUgl4aYNjwQE3BOfB1x9pt57yUnbvvv7ovf62Hg5QTRvtwU5dTzNZ+JUfotvSOVd0i9Ilfg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 125ms
22ms Script
application/javascript 2.16.97.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.97.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-16-97-81.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: QeOsX9koaYaEVSwhu6Vgw7qS-9HmTwX
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Thu, 15 Jun 2023 12:57:19 GMT
last-modified: Wed, 30 Nov 2022 03:10:52 GMT
server: VOS
x-amz-request-id: tx000001c7ddb41a39485f4-006386ca0c-10f518b1-jp2
etag: "d3d2564cc3580b0de15d9c80b04c8c6a"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=2534607
accept-ranges: bytes
content-length: 9943
expires: Fri, 14 Jul 2023 21:00:46 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 80ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2HCNS9G7LC&gtm=45je36c0&_p=483758532&_gaz=1&cid=1203003111.1686833840&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1686833839&sct=1&seg=0&dl=https%3A%2F%2F2022promotion.trustme.com.tw%2F&dt=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HCNS9G7LC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2022promotion.trustme.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 82ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2HCNS9G7LC&cid=1203003111.1686833840&gtm=45je36c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2HCNS9G7LC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2022promotion.trustme.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 97ms
45ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2HCNS9G7LC&cid=1203003111.1686833840&gtm=45je36c0&aip=1&z=1536291841

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

cm
c.holmesmind.com/ Frame D962
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
16 B

135ms
135ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9841001&uum=4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S
Protocol: H3
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Thu, 15 Jun 2023 12:57:19 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame D8A1 39 B
182 B 198ms
119ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping_dmp.htm?rtid=9841001&uum=4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Thu, 15 Jun 2023 12:57:19 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
215 B 28ms
26ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=483758532&t=pageview&_s=1&dl=https%3A%2F%2F2022promotion.trustme.com.tw%2F&ul=en-us&de=UTF-8&dt=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=941616308&gjid=1192319367&cid=1203003111.1686833840&tid=UA-247178744-1&_gid=941978200.1686833840&_r=1&gtm=457e36c0&jsscut=1&z=837936889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2022promotion.trustme.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2022promotion.trustme.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11013203871/ 42 B
455 B 83ms
34ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11013203871/?random=1686833839631&cv=11&fst=1686830400000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2F2022promotion.trustme.com.tw%2F&frm=0&tiba=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1044383397&rmt_tld=0&ipr=y

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11013203871/ 42 B
455 B 36ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11013203871/?random=1686833839631&cv=11&fst=1686830400000&bg=ffffff&guid=ON&async=1&gtm=45be36c0&u_w=1600&u_h=1200&url=https%3A%2F%2F2022promotion.trustme.com.tw%2F&frm=0&tiba=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1044383397&rmt_tld=1&ipr=y

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 12:57:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1770174853355984 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 223ms
222ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1770174853355984?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78ac4ecba7df58f172fb2cf9076a6102a12f286ac22a8ce2aeca4c809456c3e6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Jun 2023 12:57:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: seUDog0RSszlr39WQkvCiOlx4EuclZPmz2ud8H/cF/qJhLlk0TD3wF1F6Zyc2TjUKRT5fiIgZbW7PTfHc0Sg5g==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-247178744-1&cid=1203003111.1686833840&jid=941616308&gjid=1192319367&_gid=941978200.1686833840&_u=YADAAUAAAAAAACAAI~&z=2088909574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2022promotion.trustme.com.tw/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Jun 2023 12:57:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2022promotion.trustme.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 1768ms
269ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=fb321d9e-5f46-4aaf-ab4d-0539de9073bc&b_u=https%3A%2F%2F2022promotion.trustme.com.tw%2F&b_d=2022promotion.trustme.com.tw&b_p=%2F&b_t=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&c_t=lap&t_id=9b667a5f-fe5a-4602-b4e9-42d7a4ea042d&s_id=8e6d5391-a5c11da4&x4=1&e=pv&v=3.3.0&_t=1686833839776
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Thu, 15 Jun 2023 12:57:21 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/0c9b5d20/www-widgetapi.vflset/ 196 KB
61 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77e1784708a41fec8d8ecd8f8876d60574600c7aba9aa9d0ec162b8436e89fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:31:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62164
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 12:31:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 103ms
34ms Image
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1770174853355984&ev=PageView&dl=https%3A%2F%2F2022promotion.trustme.com.tw%2F&rl=&if=false&ts=1686833840034&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=30&fbp=fb.2.1686833840019.1026789789&it=1686833839735&coo=false&rqm=GET

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Jun 2023 12:57:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 sjKB_tULams Show response
www.youtube.com/embed/ Frame 185E 76 KB
31 KB 131ms
130ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

717e3db0cc65c6349f44ca1f29e779b1b8e49df24e2c757137cf6ee98ccee971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2022promotion.trustme.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 12:57:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/0c9b5d20/ Frame 185E 410 KB
48 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1079
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49278
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 12:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 185E 15 KB
16 KB 72ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 394125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 185E 15 KB
15 KB 77ms
27ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:45 GMT
x-content-type-options: nosniff
age: 414575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0c9b5d20/www-embed-player.vflset/ Frame 185E 306 KB
92 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

218e9b4fc642d3680f5ed7d0d6d3a055e2035f427146c3d340e26e07243a2a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94020
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 12:14:24 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/ Frame 185E 2 MB
744 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e0ce0dcec97a5f7f1dc435b986cfd674b430c936d8de56fd7968ea5e5d7a3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 761464
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Jun 2024 16:56:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0c9b5d20/fetch-polyfill.vflset/ Frame 185E 9 KB
3 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 11:59:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 11:59:15 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 185E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

28ms
27ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a59aee51cab47aedde2e6041bdd92a428f8719f4c844fbe2fbcd3ea6613261bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 15 Jun 2023 12:57:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 185E 29 B
495 B 79ms
23ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:42:32 GMT
x-content-type-options: nosniff
age: 888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Jun 2023 12:57:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 87ms
28ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 15 Jun 2023 12:57:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 185E 68 KB
31 KB 37ms
37ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1daa32182c47e334794c451c99724ec97ee25bda73a93855e4aeef360a0d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31644
x-xss-protection: 0

GET
H2 200 PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js Show response
www.google.com/js/th/ Frame 185E 37 KB
15 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 11:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 11:13:48 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/ Frame 185E 28 KB
8 KB 31ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34100e92f37a0ab2c22deba02f7c8a0cd6cc894315466d521421a574f230ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:56:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8205
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 01:50:57 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Jun 2024 16:56:30 GMT

GET
DATA 200
OK truncated
/ Frame 185E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqOrQPU6dBNJH_OiQx8oIWIY-Xz-0a3GTmApiwS4Yw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 185E 1 KB
2 KB 437ms
376ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqOrQPU6dBNJH_OiQx8oIWIY-Xz-0a3GTmApiwS4Yw=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e04e450e988be83e273a7521593c654db97303109cb1335cad649561fee3a46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v7cf"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
x-xss-protection: 0
expires: Fri, 16 Jun 2023 12:57:20 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/sjKB_tULams/ Frame 185E 29 KB
29 KB 174ms
110ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/sjKB_tULams/maxresdefault.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b77f608c268872a687f3f122e63645611fa94f69f595eba7c120de0725a63c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
x-content-type-options: nosniff
server: sffe
etag: "1667376301"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29436
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Jun 2023 14:57:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 34ms
33ms Image
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1770174853355984&ev=Microdata&dl=https%3A%2F%2F2022promotion.trustme.com.tw%2F&rl=&if=false&ts=1686833840552&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD%22%2C%22meta%3Akeywords%22%3A%22%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD%22%2C%22meta%3Adescription%22%3A%22%E5%AA%9A%E7%99%BB%E5%B3%AF%E6%8C%BA%E4%BD%A0%2C%20%E7%94%A8%E6%9B%B4%E6%A3%92%E7%9A%84%E6%9B%B2%E7%B7%9A%E9%A7%95%E9%A6%AD%E6%96%B0%E8%A1%A3%EF%BC%81%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD%22%2C%22og%3Atype%22%3A%22activity%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.trustme.com.tw%2F2022anniversary%2Fpromotion%22%2C%22og%3Adescription%22%3A%22%E5%AA%9A%E7%99%BB%E5%B3%AF%E6%8C%BA%E4%BD%A0%2C%20%E7%94%A8%E6%9B%B4%E6%A3%92%E7%9A%84%E6%9B%B2%E7%B7%9A%E9%A7%95%E9%A6%AD%E6%96%B0%E8%A1%A3%EF%BC%81%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.trustme.com.tw%2F2022anniversary%2Fpromotion%2Fimages%2Fimg_for_fb.jpg%3Fv%3D1.4%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=30&fbp=fb.2.1686833840019.1026789789&it=1686833839735&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Jun 2023 12:57:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 185E 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?z6ek3w
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cs Show response
ad.holmesmind.com/adserver/ Frame 78E0 0
628 B 902ms
285ms Document
text/html 52.192.235.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/cs?website=CF-221100124151
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/dmp/cft/tracker.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.235.29 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-235-29.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2022promotion.trustme.com.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Jun 2023 12:57:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 analytics
cft.holmesmind.com/dmp/ 0
475 B 358ms
265ms Image
image/png 35.227.249.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cft.holmesmind.com/dmp/analytics?en=pageview&cftuid=30c3c8cb-bf2b-e615-be9f-77200136e63e&cf_p=&uu_m=4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S&sid=CF-221100124151&sc=1600x1200x24&bn=Chrome&bv=114&pn=Windows&pv=10&dv=&dm=&dt=PC&tz=&tu=0&de=UTF-8&ul=en-us&if=N&tt=%E5%AA%9A%E7%99%BB%E5%B3%B02022%E9%80%B1%E5%B9%B4%E6%85%B6%EF%BC%8C%E5%AA%9A%E7%99%BB%E5%B3%AF%E5%85%A8%E9%96%80%E5%B8%82%E9%96%8B%E6%94%BE%E9%A0%90%E7%B4%84%E4%B8%AD&rf=&uh=2022promotion.trustme.com.tw&up=%2F&z=3784805977&t=20230615T125720
Requested by: Host: 2022promotion.trustme.com.tw
URL: https://2022promotion.trustme.com.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2022promotion.trustme.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
x-guploader-uploadid: ADPycdvUzL6E7_-wkxatU0x0u-tP12Kg-ileByQylnKvuvQmMTESyKKlI2yHyfkVXMAUi5alF3R7eQLOEtgpJXKDPJwkrA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601650311
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Thu, 15 Jun 2023 13:57:20 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
27ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 15 Jun 2023 12:57:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 185E 90 B
134 B 32ms
31ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

172ceb556d2319d52a039f35a3b7fd26fe185a78fcc086ef0b601ade6477735a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 15 Jun 2023 12:57:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 185E 28 B
54 B 34ms
34ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c9b5d20/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1686833842822
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/sjKB_tULams?autoplay=0&controls=0&showinfo=0&modestbranding=0&loop=1&playlist=sjKB_tULams&fs=0&cc_load_policty=0&iv_load_policy=3&autohide=0&enablejsapi=1&origin=https%3A%2F%2F2022promotion.trustme.com.tw&widgetid=1
X-YouTube-Client-Version: 1.20230611.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs0RDhjYkdOMVU3YyiwlaykBg%3D%3D
X-YouTube-Ad-Signals: dt=1686833840296&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1170%2C688&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 15 Jun 2023 12:57:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 15 Jun 2023 12:57:22 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UM_vOYclJpo
.youtube.com/	1970-01-20 16:53:05	Name: VISITOR_INFO1_LIVE Value: 4D8cbGN1U7c
2022promotion.trustme.com.tw/	1970-01-20 13:17:05	Name: CFFPCKUUID Value: 8181-L5Lqk3zaGIkPGXQ38nD0PZyMOUqTi4r4
.trustme.com.tw/	1970-01-20 13:17:05	Name: CFFPCKUUIDMAIN Value: 4551-5VKmbHPZrxnylpruHSx5OW1ko5W76j3S
.trustme.com.tw/	1970-01-20 14:43:29	Name: _cft_uid Value: 30c3c8cb-bf2b-e615-be9f-77200136e63e
.trustme.com.tw/	1970-01-20 14:43:29	Name: _gcl_au Value: 1.1.25167782.1686833840
.trustme.com.tw/	1970-01-20 22:09:53	Name: _ga_2HCNS9G7LC Value: GS1.1.1686833839.1.0.1686833839.60.0.0
.trustme.com.tw/	1970-01-20 22:09:53	Name: _ga Value: GA1.3.1203003111.1686833840
.trustme.com.tw/	1970-01-20 12:35:20	Name: _gid Value: GA1.3.941978200.1686833840
.trustme.com.tw/	1970-01-20 12:33:53	Name: _gat_gtag_UA_247178744_1 Value: 1
.doubleclick.net/	1970-01-20 12:33:54	Name: test_cookie Value: CheckForPermission
.2022promotion.trustme.com.tw/	1970-01-20 22:09:53	Name: __lt__cid Value: fb321d9e-5f46-4aaf-ab4d-0539de9073bc
.2022promotion.trustme.com.tw/	1970-01-20 12:33:55	Name: __lt__sid Value: 8e6d5391-a5c11da4
.holmesmind.com/	1970-01-20 12:55:01	Name: Vision Value: 20230615-23:59,20230615-23,20230615-23,20230615-23:59
.holmesmind.com/	1970-01-20 12:55:01	Name: C Value: null
.holmesmind.com/	1970-01-20 14:58:51	Name: RK Value: null
.holmesmind.com/	1970-01-20 22:09:53	Name: P Value: 164160-66UjEcuFkumxlVs4NbIGlsTqDDxHnytu
.trustme.com.tw/	1970-01-20 14:43:29	Name: _fbp Value: fb.2.1686833840019.1026789789
.line.me/	1970-01-20 22:09:53	Name: _ldbrbid Value: tr__k1y/XGSLCrGAIbCCPavdAg==
ad.holmesmind.com/	1970-01-20 12:43:58	Name: AWSALBCORS Value: XGLBPJfCYZ6fBJ4zpORnd11DG+GaVwK7IAMCVvWw8IV04wit/DIQ7R6TJnm62pHxszflYsfawaVAT4IBp1qhBLE44bxloThLqhrruBLr4GxYP3nf0We993xnXaKp
ad.holmesmind.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mdnm1ifqp2krd5gni4uggb7b9m

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/0c9b5d20/www-widgetapi.vflset/www-widgetapi.js(Line 1127) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2022promotion.trustme.com.tw
ad.holmesmind.com
c.holmesmind.com
cdn.holmesmind.com
cdn.staticfile.org
cdnjs.cloudflare.com
cft.holmesmind.com
code.jquery.com
connect.facebook.net
d.line-scdn.net
fcm.holmesmind.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
region1.analytics.google.com
stackpath.bootstrapcdn.com
static.doubleclick.net
stats.g.doubleclick.net
tr.line.me
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
yt3.ggpht.com
147.92.191.92
163.181.56.155
2.16.97.81
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2600:9000:223c:5c00:0:e06c:e940:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2006
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::2016
2a00:1450:400c:c0c::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f158:82:face:b00c:0:25de
34.95.67.231
35.201.76.93
35.227.249.156
52.192.235.29
61.61.97.195
01d8a14fce512c19d367702dc32bbda2695335d7384803b009dfd5e00ea58912
04fbf625f1d0261d4195f33fe941adb5b200805435958dbac26a73b2dc38fd3b
172ceb556d2319d52a039f35a3b7fd26fe185a78fcc086ef0b601ade6477735a
19c3b9515d29e24bd4db3a9edb807411a88c419d7bfc583e2dd6c6a3cc07ad82
1cef78f08a0521017b36ccd0c97adff79ba862be9186807f60aa985384bef793
1e0ce0dcec97a5f7f1dc435b986cfd674b430c936d8de56fd7968ea5e5d7a3b1
218e9b4fc642d3680f5ed7d0d6d3a055e2035f427146c3d340e26e07243a2a9d
24d212123750f10429f6f57d1767f57960a5980927c47b0df5338265f084a900
3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758
3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41e867d359062cd0dd2b1addc29e38bc490d818168131ce8155ab09d6038c18f
5768fb7318667330f751f5e04c80e1b3b0339e9cf472b5a1f70110d0c852235e
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
5941ff070d3ed6be45cd7d5407c70f4dd94ba3984c7fee1ec5b58485b904ff72
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
600b783f55ced9d7261e112d826c8ddc330e44e88d0244598f595ba360e87ada
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
669fd0200147112379605e879e8804cf7b8aa09bd03bb233793c65d2627ed4f7
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a18dc374a47902437bce404853a0251582630aeadfec20f84d24a9ab974adf5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dcf652abf44277f741b3aacecde396cc27041b93b8af74b6b23a07008953f7a
701711966531317b4c71ef2ddcd28366c144d48cffbab71dfb189d22d5d04f3b
717e3db0cc65c6349f44ca1f29e779b1b8e49df24e2c757137cf6ee98ccee971
71e8692fd3d1d087aa27e914c824166cfcada1fc7e3bc49b7323e142de9ca2ab
77e1784708a41fec8d8ecd8f8876d60574600c7aba9aa9d0ec162b8436e89fd4
78ac4ecba7df58f172fb2cf9076a6102a12f286ac22a8ce2aeca4c809456c3e6
79ddf3e41ab1bf2918f236f3716ce33baa640765427ec9529418161e47b420aa
878383aa8188dd2e79c2eca6a33976fd667ca3647573e26cee05e68a5104642e
9000fc8ecec95f6461c91aa01e279028703be153cd93a66591d4c264258f2a36
927e3ced7f9a5490e0d437b41770c55bec71c48b9070bd87b95c707d59c82caa
94b7356c90fcc23d170b628db03ac68ad437b704fc8b31c3624af34d6f3c7c0d
a59aee51cab47aedde2e6041bdd92a428f8719f4c844fbe2fbcd3ea6613261bc
a605b8ec6c24ef06b04001c7282b7104f76d23938978c33e4f976120a6a73dc9
ab597264634d59127e54e8c0f6ba8172d18da84e59ec3b8e8f9f042950127eaf
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
af14507fb9d30eac2ad0cf5f66da5a7309c234813d5c2c8f46375691262c23b7
b05beb5a9a40307eb0228cca06a6426d2501485abcf448e8a31fedfb70e87e49
b4643c0478daf6d9dda24c7cfdb91b32a453fbb57c79fa221188e7ff91d0fb8e
b5e75a6b6761afacf1cd0fa8c0063321b61434773ac5275c7fa7ec666d8d5c3c
b77f608c268872a687f3f122e63645611fa94f69f595eba7c120de0725a63c97
bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724
c6cf2a86dfdb8bd6637dc00ac9706050718b3d12af7a5f8dd632cdcadee83950
c974e8d4b0539d30376f8dc219fad6dea7ead5d7647547ddc3d303af542c4587
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d81b9a43ebf684b297f829ead7de618cfef787175f6b410f7ceeecf796929a0b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e04e450e988be83e273a7521593c654db97303109cb1335cad649561fee3a46f
e34100e92f37a0ab2c22deba02f7c8a0cd6cc894315466d521421a574f230ce4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f420754bfe2b1f70a5b228f81a371fee013bbe3993903de16f8aabfcff13ae
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ecedbf94b420eb2111edee11c55fba472271494b84c6cbc4b84780073022aa9e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ae6e6575833ad8f491ea2f7c81bfaddcd3d009fa239a83ba503804a2b5d871
f5129dd23743d1d9100b8b5d3e0dad2dc26fc31fb6ebe51f32a636a624216ad3
fa1daa32182c47e334794c451c99724ec97ee25bda73a93855e4aeef360a0d64
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

2022promotion.trustme.com.tw Open in urlscan Pro 61.61.97.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

96 %HTTPS

70 %IPv6

20 Domains

27 Subdomains

28 IPs

7 Countries

7699 kBTransfer

11403 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

2022promotion.trustme.com.tw Open in urlscan Pro
61.61.97.195 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

96 %
HTTPS

70 %
IPv6

20
Domains

27
Subdomains

28
IPs

7
Countries

7699 kB
Transfer

11403 kB
Size

21
Cookies

76 HTTP transactions
1 data transactions