kjswf.neticrm.tw Open in urlscan Pro
172.104.72.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kjswf.neticrm.tw/
Effective URL:
https://kjswf.neticrm.tw/
Submission: On November 02 via api (November 2nd 2024, 12:49:24 pm UTC) from US — Scanned from JP

Summary HTTP 44 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 9 domains to perform 44 HTTP transactions. The main IP is 172.104.72.243, located in Tokyo, Japan and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is kjswf.neticrm.tw.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 24th 2023. Valid for: a year.

This is the only time kjswf.neticrm.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	172.104.72.243 172.104.72.243	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
3	157.240.31.5 157.240.31.5	32934 (FACEBOOK) (FACEBOOK)
2	139.162.66.223 139.162.66.223	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	142.250.207.35 142.250.207.35	15169 (GOOGLE) (GOOGLE)
3	142.250.206.196 142.250.206.196	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	142.250.76.136 142.250.76.136	15169 (GOOGLE) (GOOGLE)
2	142.250.206.226 142.250.206.226	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400a:813::2002	15169 (GOOGLE) (GOOGLE)
3	142.250.206.195 142.250.206.195	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:400a:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c01::9d	15169 (GOOGLE) (GOOGLE)
1	172.217.161.226 172.217.161.226	15169 (GOOGLE) (GOOGLE)
44	15

14 172.104.72.243 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: m8.t1.neticrm.net

kjswf.neticrm.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.66.223 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: analytics.neticrm.tw

analytics.neticrm.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.206.196 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.136 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.206.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:813::2002 (Osaka, Japan)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.206.195 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:80a::200e (Osaka, Japan)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.161.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s05-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	neticrm.tw kjswf.neticrm.tw analytics.neticrm.tw	423 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	5 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	503 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	6 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	128 B
3	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26226	191 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	79 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
44	9

	Domain	Requested by
14	kjswf.neticrm.tw	kjswf.neticrm.tw
6	www.googletagmanager.com	kjswf.neticrm.tw www.googletagmanager.com
4	www.facebook.com	kjswf.neticrm.tw
3	www.google.co.jp	kjswf.neticrm.tw
3	td.doubleclick.net	www.googletagmanager.com
3	www.google.com	www.googletagmanager.com kjswf.neticrm.tw
3	connect.facebook.net	kjswf.neticrm.tw connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	analytics.neticrm.tw	kjswf.neticrm.tw analytics.neticrm.tw
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	kjswf.neticrm.tw
44	13

This site contains links to these domains. Also see Links.

Domain
www.kjswf.org.tw
www.microsoft.com
www.firefox.com
www.google.com
www.opera.com
www.gnu.org
neticrm.tw
civicrm.tw
netivism.com.tw

Subject Issuer	Validity	Valid
*.neticrm.tw Go Daddy Secure Certificate Authority - G2	`2023-10-24` - `2024-11-24`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.co.jp WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://kjswf.neticrm.tw/
Frame ID: 10E0FA637FF7BC46FA6CFA14BDD1C92B
Requests: 40 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fkjswf.neticrm.tw
Frame ID: 3EE81A5ADE0FFC6E7EB7F284555ED6BC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10821405972?random=1730551759984&cv=11&fst=1730551759984&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0z8830845207za201zb830845207&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: E72F724ABD97CE5E3C2410BDDBCE41CC
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-VT511ZVH80&gacid=689509635.1730551760&gtm=45je4au0v9175063362z89174440148za200zb9174440148&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=220365251
Frame ID: 0E60E936CE3E5DD18913E615D2F7B38C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11458411576?random=1730551760291&cv=11&fst=1730551760291&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0z89174440148za201zb9174440148&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: E3C3573C19AABD21F045795AD730B554
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

首頁 | 財團法人天主教光仁社會福利基金會

Page URL History Show full URLs

http://kjswf.neticrm.tw/ HTTP 307
https://kjswf.neticrm.tw/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

13
Subdomains

15
IPs

4
Countries

1066 kB
Transfer

2838 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.kjswf.org.tw/

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/zh-tw/download/internet-explorer.aspx
Title: 請升級或更換其他瀏覽器

Search URL Search Domain Scan URL

URL: http://www.firefox.com/

Search URL Search Domain Scan URL

URL: http://www.google.com/chrome

Search URL Search Domain Scan URL

URL: http://www.opera.com/

Search URL Search Domain Scan URL

URL: http://www.gnu.org/licenses/agpl-3.0.html
Title: GNU AGPL

Search URL Search Domain Scan URL

URL: https://neticrm.tw/
Title: netiCRM.tw

Search URL Search Domain Scan URL

URL: https://neticrm.tw/news/21379
Title: 了解我們的能源承諾

Search URL Search Domain Scan URL

URL: http://civicrm.tw/
Title: CiviCRM

Search URL Search Domain Scan URL

URL: https://netivism.com.tw/
Title: NETivism

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kjswf.neticrm.tw/ HTTP 307
https://kjswf.neticrm.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kjswf.neticrm.tw/
Redirect Chain

http://kjswf.neticrm.tw/
https://kjswf.neticrm.tw/

12 KB
5 KB

1264ms
54ms

Document
text/html

172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

m8.t1.neticrm.net

Software

nginx /

Resource Hash

bb1fde12a06744d678ba1c2a48990483e30a55a4730959c6f5d3d485a17f9884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=43200
content-encoding: gzip
content-language: zh-hant
content-type: text/html; charset=utf-8
date: Sat, 02 Nov 2024 12:49:19 GMT
etag: "1730551759-1"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sat, 02 Nov 2024 12:49:19 GMT
server: nginx
vary: Cookie Accept-Encoding
x-content-type-options: nosniff
x-drupal-cache: MISS
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://kjswf.neticrm.tw/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 40 KB
3 KB 138ms
93ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400italic,600,700%7COpen+Sans:300,400,400italic,600,700

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef364aae4d798daf7b1a15d502e73b47c1d2b33ba2b22c4748c6a551e3f0a422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 12:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 02 Nov 2024 12:49:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
kjswf.neticrm.tw/sites/default/files/css/ 7 KB
3 KB 8ms
6ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-1da3"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 css_WY-relJXLTDZhilXegxbpF_HKgJVxhrmeMFeZXg2lh0.css
kjswf.neticrm.tw/sites/default/files/css/ 3 KB
1 KB 11ms
9ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_WY-relJXLTDZhilXegxbpF_HKgJVxhrmeMFeZXg2lh0.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 598fab7a52572d30d98629577a0c5ba45fc72a0255c61ae678c15e657836961d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-a6f"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 css_gPDGeBGiEEThISRkr7yTNeqPKufId28ZdrYCYU4p53s.css
kjswf.neticrm.tw/sites/default/files/css/ 168 KB
39 KB 17ms
16ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_gPDGeBGiEEThISRkr7yTNeqPKufId28ZdrYCYU4p53s.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 80f0c67811a21044e1212464afbc9335ea8f2ae7c8776f1976b602614e29e77b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708f35b-29fb7"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 09:43:55 GMT
server: nginx

GET
H2 200 css_AFI9pRmiSxhNVD0Gfd8qxOU9oE0uoMcJP9UbWASpSzU.css
kjswf.neticrm.tw/sites/default/files/css/ 120 KB
23 KB 20ms
19ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_AFI9pRmiSxhNVD0Gfd8qxOU9oE0uoMcJP9UbWASpSzU.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 00523da519a24b184d543d067ddf2ac4e53da04d2ea0c7093fd51b5804a94b35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-1e1b0"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 css_r9Lp5ql-kJcZ_q7JUE-ldRh6Dw_j3NQyfJIYfqotGb0.css
kjswf.neticrm.tw/sites/default/files/css/ 148 KB
31 KB 25ms
24ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_r9Lp5ql-kJcZ_q7JUE-ldRh6Dw_j3NQyfJIYfqotGb0.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: afd2e9e6a97e909719feaec9504fa575187a0f0fe3dcd4327c92187eaa2d19bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-251e0"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 js_M_uLrd6g4sk11-F4E6GMvWSfkeE4sYTDdQmWnLLPR04.js Show response
kjswf.neticrm.tw/sites/default/files/js/ 143 KB
57 KB 32ms
31ms Script
application/javascript 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/js/js_M_uLrd6g4sk11-F4E6GMvWSfkeE4sYTDdQmWnLLPR04.js
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 33fb8baddea0e2c935d7e17813a18cbd649f91e138b184c37509969cb2cf474e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-23d1a"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 js_m0UIOhljMjUTfM2tfvrx98uAIIOhJXXb7bXElJB0TsM.js Show response
kjswf.neticrm.tw/sites/default/files/js/ 4 KB
2 KB 36ms
35ms Script
application/javascript 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/js/js_m0UIOhljMjUTfM2tfvrx98uAIIOhJXXb7bXElJB0TsM.js
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 9b45083a19633235137ccdad7efaf1f7cb802083a12575dbedb5c49490744ec3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708f35b-f23"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 09:43:55 GMT
server: nginx

GET
H2 200 %E7%A4%BE%E7%A6%8FLOGO_0.png
kjswf.neticrm.tw/sites/default/files/ 93 KB
93 KB 36ms
36ms Image
image/png 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjswf.neticrm.tw/sites/default/files/%E7%A4%BE%E7%A6%8FLOGO_0.png
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: b1239d3555f902de4096f7d58aa37df6cbbb3f7f8717f755b1cd533948835e43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
etag: "5c91d3e6-17414"
expires: Mon, 02 Dec 2024 12:49:19 GMT
accept-ranges: bytes
content-length: 95252
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: image/png
last-modified: Wed, 20 Mar 2019 05:47:18 GMT
server: nginx

GET
H2 200 insights.js Show response
kjswf.neticrm.tw/sites/all/modules/civicrm/js/ 7 KB
2 KB 3ms
2ms Script
application/javascript 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/all/modules/civicrm/js/insights.js?v41491d9&slukb2
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 9a7cda21abcdb6d10937af06789936aa9c66be14dc9f61fd7ac49f6a9f8250f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"64ae4339-1be2"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript
last-modified: Wed, 12 Jul 2023 06:07:53 GMT
server: nginx

GET
H2 200 css_-legYp4QIqaH8jGqe2HGo8R5nP83f1fQWgz-Vc-fL2Y.css
kjswf.neticrm.tw/sites/default/files/css/ 488 B
462 B 6ms
6ms Stylesheet
text/css 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/css/css_-legYp4QIqaH8jGqe2HGo8R5nP83f1fQWgz-Vc-fL2Y.css
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: fa57a0629e1022a687f231aa7b61c6a3c4799cff377f57d05a0cfe55cf9f2f66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"6708d3ca-1e8"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/css
last-modified: Fri, 11 Oct 2024 07:29:14 GMT
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
93 KB 132ms
68ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NHGJLQR

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50c2b4cd31cd54d1f3b4da99de0f82ee5f6a6e404d5a519ae9656bbb75491300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 02 Nov 2024 12:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94052
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 10ms
4ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-7wbCaPkx' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-7wbCaPkx' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4463, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 1VX3mePm/HkJ4C64PrUj9jdhtDOz0T1h9FOVYG6OCHL2OkqX79ilDA7trstE1HoCN1jrdJ13VPUwuEr9BK8jZw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
98 KB 171ms
108ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNRKXTCL

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89f4bd876af5f1fa846dab86cbfd323d94863a57a8512f8748c3db53c4a4a650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 02 Nov 2024 12:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99823
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 matomo.js Show response
analytics.neticrm.tw/ 65 KB
25 KB 165ms
6ms Script
application/javascript 139.162.66.223
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.neticrm.tw/matomo.js
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.162.66.223 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: analytics.neticrm.tw
Software: nginx /
Resource Hash: 13becf892b54d5f9592aa9980c2651793ed793333097a6cb50c87e00b2732334

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=3600, public
content-encoding: gzip
etag: W/"65c23b10-105fd"
pragma: public
expires: Sat, 02 Nov 2024 13:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript
last-modified: Tue, 06 Feb 2024 13:58:40 GMT
server: nginx

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 42ms
3ms Font
font/woff2 142.250.207.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400italic,600,700%7COpen+Sans:300,400,400italic,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.207.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s55-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kjswf.neticrm.tw
Referer: https://fonts.googleapis.com/

Response headers

age: 63596
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 19:09:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 19:09:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 Material-Design-Iconic-Font.woff2
kjswf.neticrm.tw/profiles/neticrmp/themes/neticrm/libs/material-design-iconic-font/fonts/ 37 KB
38 KB 3ms
2ms Font
font/x-woff2 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/profiles/neticrmp/themes/neticrm/libs/material-design-iconic-font/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/sites/default/files/css/css_r9Lp5ql-kJcZ_q7JUE-ldRh6Dw_j3NQyfJIYfqotGb0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kjswf.neticrm.tw
Referer: https://kjswf.neticrm.tw/sites/default/files/css/css_r9Lp5ql-kJcZ_q7JUE-ldRh6Dw_j3NQyfJIYfqotGb0.css

Response headers

cache-control: max-age=2592000
etag: "5715df1f-95f0"
expires: Mon, 02 Dec 2024 12:49:19 GMT
accept-ranges: bytes
content-length: 38384
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: font/x-woff2
last-modified: Tue, 19 Apr 2016 07:32:47 GMT
server: nginx

GET
H2 200 inbound.js Show response
kjswf.neticrm.tw/sites/all/modules/civicrm/js/ 36 KB
10 KB 4ms
3ms Script
application/javascript 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/all/modules/civicrm/js/inbound.js?v41491d9&slukb2
Requested by: Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/sites/all/modules/civicrm/js/insights.js?v41491d9&slukb2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: 41190d6188097bbdd059bf6e1f3f48ba91bf03d7c6548c179cb47db95454251e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
content-encoding: gzip
etag: W/"5f34c639-912e"
expires: Mon, 02 Dec 2024 12:49:19 GMT
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript
last-modified: Thu, 13 Aug 2020 04:48:57 GMT
server: nginx

GET
H3 200 1919637054921143 Show response
connect.facebook.net/signals/config/ 79 KB
15 KB 177ms
177ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1919637054921143?v=2.9.176&r=stable&domain=kjswf.neticrm.tw&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

a3014bf309ae9c8f3e84ecf3b464d2792d899028fe6405625a72bdc643a6edd0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-oczBZlj2' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-oczBZlj2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=77, mss=1232, tbw=70860, tp=68, tpl=0, uplat=173, ullat=0
pragma: public
x-fb-debug: WYm2zYQ8SGNbIsEGvbZ+Z4EnNibab/bjdoQBGc8qP5WxGSrAT1v9VpkSvHFvLOrW6L/uDZG7ylfWWluNojPZjA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 matomo.php
analytics.neticrm.tw/ 0
196 B 36ms
35ms Ping
text/plain 139.162.66.223
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.neticrm.tw/matomo.php?action_name=kjswf.neticrm.tw%2F%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&idsite=1&rec=1&r=447324&h=21&m=49&s=19&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&_id=&_idn=1&send_image=0&_refts=0&dimension1=kjswf.neticrm.tw&pv_id=IAIIrE&pf_net=1212&pf_srv=52&pf_tfr=2&pf_dm1=175&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200

Requested by

Host: analytics.neticrm.tw
URL: https://analytics.neticrm.tw/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.162.66.223 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

analytics.neticrm.tw

Software

nginx / PHP/8.2.15

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://kjswf.neticrm.tw/

Response headers

access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: origin
access-control-allow-origin: https://kjswf.neticrm.tw
date: Sat, 02 Nov 2024 12:49:19 GMT
x-xss-protection: 1; mode=block
x-powered-by: PHP/8.2.15
server: nginx

POST
H3 200 collect
www.google.com/ccm/ 0
0 112ms
55ms Ping
text/plain 142.250.206.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1432857258.1730551760&auid=1234125024.1730551760&npa=0&gtm=45He4au0v830845207za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730551759851&tfd=1642&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGJLQR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.206.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: kix07s07-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 244 KB
88 KB 64ms
63ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10821405972&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGJLQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

196a2e09c37e49439d5588ef872b80ff0f5f5522514df0dc61b0b07f1a6eb13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 02 Nov 2024 12:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89495
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 3EE8 0
0 151ms
92ms Document
text/html 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fkjswf.neticrm.tw

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHGJLQR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 12:49:19 GMT
expires: Sun, 02 Nov 2025 12:49:19 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 11ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1919637054921143&ev=PageView&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&rl=&if=false&ts=1730551759892&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730551759889.805633355450174038&cs_est=true&ler=empty&cdl=API_unavailable&it=1730551759679&coo=false&rqm=GET

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2941, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 278ms
271ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1919637054921143&ev=PageView&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&rl=&if=false&ts=1730551759892&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730551759889.805633355450174038&cs_est=true&ler=empty&cdl=API_unavailable&it=1730551759679&coo=false&rqm=FGET

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432663210159463882"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: kqyqeuGTl4+WCK+PMBJ3hpE2o59j56NFN4jGRVA1RoAQ6KCxNSwxNO+EBdovO2ZiqA9i7HMFQkVbXDQGFfdqsg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432663210159463882", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3475, tp=-1, tpl=-1, uplat=266, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 401 KB
129 KB 97ms
97ms Script
application/javascript 142.250.76.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VT511ZVH80&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNRKXTCL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ea515d890b17fc086ece20dc09ed2e694d77418249fc00de0a6452d0ed76d810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 02 Nov 2024 12:49:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132162
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 277 KB
96 KB 176ms
176ms Script
application/javascript 142.250.76.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11458411576&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNRKXTCL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7bec67f1de4c445bd7cc81c1595a27cec2822fa6f64facb246956cdc805b4d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 02 Nov 2024 12:49:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98091
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 1037956477473428 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 167ms
167ms Script
application/x-javascript 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1037956477473428?v=2.9.176&r=stable&domain=kjswf.neticrm.tw&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-nrt1.fbcdn.net

Software

Resource Hash

2a763a77ec89daa4f0b7fd68a5c4ecf9aae252db7d5adc1f349e42625dd2c890

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-jjfTGbi9' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-jjfTGbi9' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=91, mss=1232, tbw=87901, tp=87, tpl=0, uplat=164, ullat=0
pragma: public
x-fb-debug: i4uO67zg1pR3pSEVnOeTojwLT/A4WyIBw6KoBPs/yXRPWq5S49OVJka/MZ83nIN3iQwEBw+zi82qqw2lfaJkmA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10821405972/ 6 KB
2 KB 119ms
67ms Script
text/javascript 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10821405972/?random=1730551759984&cv=11&fst=1730551759984&bg=ffffff&guid=ON&async=1&gtm=45be4au0z8830845207za201zb830845207&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10821405972&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s10-in-f2.1e100.net

Software

cafe /

Resource Hash

1ddd92c0d982adea4de031a24fa3211db1d759770be786f470bd668bcfda7e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2415
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 10821405972
td.doubleclick.net/td/rul/ Frame E72F 0
0 167ms
106ms Document
text/html 2404:6800:400a:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/10821405972?random=1730551759984&cv=11&fst=1730551759984&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0z8830845207za201zb830845207&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10821405972&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kjswf.neticrm.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 12:49:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/10821405972/ 42 B
64 B 67ms
66ms Image
image/gif 142.250.206.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10821405972/?random=1730551759984&cv=11&fst=1730548800000&bg=ffffff&guid=ON&async=1&gtm=45be4au0z8830845207za201zb830845207&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dlhSHtQKmoUhccbQJ_FHVyR-S76U2eA&random=2357812650&rmt_tld=0&ipr=y

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/10821405972/ 42 B
64 B 107ms
55ms Image
image/gif 142.250.206.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/10821405972/?random=1730551759984&cv=11&fst=1730548800000&bg=ffffff&guid=ON&async=1&gtm=45be4au0z8830845207za201zb830845207&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dlhSHtQKmoUhccbQJ_FHVyR-S76U2eA&random=2357812650&rmt_tld=1&ipr=y

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 4ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1037956477473428&ev=PageView&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&rl=&if=false&ts=1730551760127&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730551759889.805633355450174038&ler=empty&cdl=API_unavailable&it=1730551759679&coo=false&rqm=GET

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3306, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 324ms
324ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1037956477473428&ev=PageView&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&rl=&if=false&ts=1730551760127&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730551759889.805633355450174038&ler=empty&cdl=API_unavailable&it=1730551759679&coo=false&rqm=FGET

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432663214389289731"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: hNo0H1llV4HNB3oFGYxoeAce35uI/J4mmZZbVw1nWgboCrJQudNVJ7vgod4W3amPgYt2A50ZizwWSmKQ89K1Mw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432663214389289731", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=6762, tp=-1, tpl=-1, uplat=319, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
analytics.google.com/g/ 0
0 111ms
51ms Fetch
text/plain 2404:6800:400a:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VT511ZVH80&gtm=45je4au0v9175063362z89174440148za200zb9174440148&_p=1730551759635&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=689509635.1730551760&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730551760&sct=1&seg=0&dl=https%3A%2F%2Fkjswf.neticrm.tw%2F&dt=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2030
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT511ZVH80&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:80a::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://kjswf.neticrm.tw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 107ms
36ms Ping
text/plain 2404:6800:4008:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT511ZVH80&cid=689509635.1730551760&gtm=45je4au0v9175063362z89174440148za200zb9174440148&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT511ZVH80&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://kjswf.neticrm.tw
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 0E60 0
0 56ms
55ms Document
text/html 2404:6800:400a:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-VT511ZVH80&gacid=689509635.1730551760&gtm=45je4au0v9175063362z89174440148za200zb9174440148&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&z=220365251

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT511ZVH80&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:813::2002 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kjswf.neticrm.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 12:49:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 58ms
57ms Image
image/gif 142.250.206.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT511ZVH80&cid=689509635.1730551760&gtm=45je4au0v9175063362z89174440148za200zb9174440148&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=1167892987

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11458411576/ 6 KB
2 KB 65ms
64ms Script
text/javascript 142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11458411576/?random=1730551760291&cv=11&fst=1730551760291&bg=ffffff&guid=ON&async=1&gtm=45be4au0z89174440148za201zb9174440148&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11458411576&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s10-in-f2.1e100.net

Software

cafe /

Resource Hash

d955fd8c24f508b321f1eed8ed75004d9f648cc9cb6fca955ad8e9fbc3f172dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2429
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 11458411576
td.doubleclick.net/td/rul/ Frame E3C3 0
0 64ms
63ms Document
text/html 172.217.161.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11458411576?random=1730551760291&cv=11&fst=1730551760291&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4au0z89174440148za201zb9174440148&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11458411576&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kjswf.neticrm.tw/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 12:49:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/11458411576/ 42 B
64 B 57ms
57ms Image
image/gif 142.250.206.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11458411576/?random=1730551760291&cv=11&fst=1730548800000&bg=ffffff&guid=ON&async=1&gtm=45be4au0z89174440148za201zb9174440148&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dFJEk-L3m5l-cfd-HtKsRBeVuvOA8Khpk-7WTtWUFOcoEN6-7&random=1803200885&rmt_tld=0&ipr=y

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.jp/pagead/1p-user-list/11458411576/ 42 B
64 B 55ms
55ms Image
image/gif 142.250.206.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/11458411576/?random=1730551760291&cv=11&fst=1730548800000&bg=ffffff&guid=ON&async=1&gtm=45be4au0z89174440148za201zb9174440148&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fkjswf.neticrm.tw%2F&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%96%E9%A0%81%20%7C%20%E8%B2%A1%E5%9C%98%E6%B3%95%E4%BA%BA%E5%A4%A9%E4%B8%BB%E6%95%99%E5%85%89%E4%BB%81%E7%A4%BE%E6%9C%83%E7%A6%8F%E5%88%A9%E5%9F%BA%E9%87%91%E6%9C%83&npa=0&pscdl=noapi&auid=1234125024.1730551760&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dFJEk-L3m5l-cfd-HtKsRBeVuvOA8Khpk-7WTtWUFOcoEN6-7&random=1803200885&rmt_tld=1&ipr=y

Requested by

Host: kjswf.neticrm.tw
URL: https://kjswf.neticrm.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 02 Nov 2024 12:49:20 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 %E7%A4%BE%E7%A6%8FLOGO.png
kjswf.neticrm.tw/sites/default/files/ 93 KB
93 KB 5ms
4ms Other
image/png 172.104.72.243
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kjswf.neticrm.tw/sites/default/files/%E7%A4%BE%E7%A6%8FLOGO.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.104.72.243 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: m8.t1.neticrm.net
Software: nginx /
Resource Hash: b1239d3555f902de4096f7d58aa37df6cbbb3f7f8717f755b1cd533948835e43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kjswf.neticrm.tw/

Response headers

cache-control: max-age=2592000
etag: "5c73aacd-17414"
expires: Mon, 02 Dec 2024 12:49:20 GMT
accept-ranges: bytes
content-length: 95252
date: Sat, 02 Nov 2024 12:49:20 GMT
content-type: image/png
last-modified: Mon, 25 Feb 2019 08:43:57 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kjswf.neticrm.tw/	1970-01-21 01:15:51	Name: SSESS430fb0cecad6b504efadd09490dc3543 Value: 4CAZnLii0mLnnkT4PzUXJh13bArZ4EMrYWSTH5cVEc4
.neticrm.tw/	1970-01-21 02:52:07	Name: _gcl_au Value: 1.1.1234125024.1730551760
.neticrm.tw/	1970-01-21 02:52:07	Name: _fbp Value: fb.1.1730551759889.805633355450174038
.neticrm.tw/	1970-01-21 10:18:31	Name: _ga Value: GA1.1.689509635.1730551760
.neticrm.tw/	1970-01-21 10:18:31	Name: _ga_VT511ZVH80 Value: GS1.1.1730551760.1.0.1730551760.60.0.0
.doubleclick.net/	1970-01-21 10:18:31	Name: IDE Value: AHWqTUn5qc2RXSWrCkkVeiteDJjsRMEWJuFA_1BafEiwT3aXGr-yE9SFhEWEHm1h

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.neticrm.tw
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
kjswf.neticrm.tw
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.co.jp
www.google.com
www.googletagmanager.com
139.162.66.223
142.250.206.195
142.250.206.196
142.250.206.226
142.250.207.35
142.250.76.136
157.240.31.5
172.104.72.243
172.217.161.226
2404:6800:4004:823::200a
2404:6800:4008:c01::9d
2404:6800:400a:80a::200e
2404:6800:400a:80e::2008
2404:6800:400a:813::2002
2a03:2880:f10f:83:face:b00c:0:25de
00523da519a24b184d543d067ddf2ac4e53da04d2ea0c7093fd51b5804a94b35
13becf892b54d5f9592aa9980c2651793ed793333097a6cb50c87e00b2732334
196a2e09c37e49439d5588ef872b80ff0f5f5522514df0dc61b0b07f1a6eb13f
1ddd92c0d982adea4de031a24fa3211db1d759770be786f470bd668bcfda7e6a
2a763a77ec89daa4f0b7fd68a5c4ecf9aae252db7d5adc1f349e42625dd2c890
33fb8baddea0e2c935d7e17813a18cbd649f91e138b184c37509969cb2cf474e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41190d6188097bbdd059bf6e1f3f48ba91bf03d7c6548c179cb47db95454251e
50c2b4cd31cd54d1f3b4da99de0f82ee5f6a6e404d5a519ae9656bbb75491300
598fab7a52572d30d98629577a0c5ba45fc72a0255c61ae678c15e657836961d
7bec67f1de4c445bd7cc81c1595a27cec2822fa6f64facb246956cdc805b4d42
80f0c67811a21044e1212464afbc9335ea8f2ae7c8776f1976b602614e29e77b
89f4bd876af5f1fa846dab86cbfd323d94863a57a8512f8748c3db53c4a4a650
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9a7cda21abcdb6d10937af06789936aa9c66be14dc9f61fd7ac49f6a9f8250f6
9b45083a19633235137ccdad7efaf1f7cb802083a12575dbedb5c49490744ec3
a3014bf309ae9c8f3e84ecf3b464d2792d899028fe6405625a72bdc643a6edd0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afd2e9e6a97e909719feaec9504fa575187a0f0fe3dcd4327c92187eaa2d19bd
b1239d3555f902de4096f7d58aa37df6cbbb3f7f8717f755b1cd533948835e43
bb1fde12a06744d678ba1c2a48990483e30a55a4730959c6f5d3d485a17f9884
c44fab5ab25ff9f9dc07aced65f77686ec6a831bb858efaac266ba5deaf7d26e
d955fd8c24f508b321f1eed8ed75004d9f648cc9cb6fca955ad8e9fbc3f172dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
ea515d890b17fc086ece20dc09ed2e694d77418249fc00de0a6452d0ed76d810
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef364aae4d798daf7b1a15d502e73b47c1d2b33ba2b22c4748c6a551e3f0a422
fa57a0629e1022a687f231aa7b61c6a3c4799cff377f57d05a0cfe55cf9f2f66

kjswf.neticrm.tw Open in urlscan Pro 172.104.72.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

40 %IPv6

9 Domains

13 Subdomains

15 IPs

4 Countries

1066 kBTransfer

2838 kBSize

6 Cookies

10 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kjswf.neticrm.tw Open in urlscan Pro
172.104.72.243 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

40 %
IPv6

9
Domains

13
Subdomains

15
IPs

4
Countries

1066 kB
Transfer

2838 kB
Size

6
Cookies

44 HTTP transactions
0 data transactions