Report - ojos.cc/r/uabqPn

Report Overview

Submitted URL

ojos.cc/r/uabqPn
IP

188.114.97.1

ASN

#13335 CLOUDFLARENET
Submitted

2023-03-23T16:04:40Z

Access

public
Website Title
Final URL
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

2
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
region1.analytics.google.com (1)	unknown	2022-03-17T12:26:33Z	2023-03-29T09:02:58Z	1.0 kB	450 B	216.239.32.36
www.google.no (1)	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	487 B	578 B	142.250.74.163
advance.blueeyes.tw (1)	unknown	2017-09-04T12:10:22Z	2023-03-22T17:11:56Z	467 B	907 B	104.26.0.144
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
cdnjs.cloudflare.com (3)	235	2015-04-17T22:46:33Z	2023-03-29T05:16:53Z	1.2 kB	17 kB	104.17.24.14
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	494 B	450 B	209.85.233.155
r3.o.lencr.org (8)	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.pki.goog (15)	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	5.1 kB	22 kB	142.250.74.163
ocsp.digicert.com (2)	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	682 B	1.5 kB	192.229.221.95
www.google.com (2)	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	1.8 kB	1.3 kB	142.250.74.164
static.cloudflareinsights.com (1)	1294	2019-09-24T16:34:56Z	2023-03-29T10:47:08Z	463 B	392 B	104.16.57.101
ajax.googleapis.com (1)	12905	2013-08-16T11:51:31Z	2023-03-29T10:10:07Z	396 B	34 kB	216.58.207.202
www.google-analytics.com (1)	40	2012-10-03T03:04:21Z	2023-03-29T06:01:47Z	376 B	23 kB	216.58.207.206
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
maxcdn.bootstrapcdn.com (1)	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	414 B	22 kB	188.114.99.234
www.googletagmanager.com (2)	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	772 B	70 kB	142.250.74.40
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.8 kB	58 kB	34.120.237.76
www.googleoptimize.com (1)	1604	2019-07-16T12:17:19Z	2023-03-29T14:00:31Z	388 B	47 kB	142.250.74.174
googleads.g.doubleclick.net (2)	42	2021-02-20T16:43:32Z	2023-03-29T10:24:16Z	1.8 kB	4.6 kB	142.250.74.66
ojos.cc (2)	unknown	2019-02-01T22:57:49Z	2023-03-22T17:11:40Z	792 B	1.4 kB	188.114.96.1
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
connect.facebook.net (1)	139	2012-05-22T04:51:28Z	2023-03-29T05:12:24Z	377 B	34 kB	157.240.200.14
www.facebook.com (1)	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	623 B	349 B	31.13.72.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23T16:04:37Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-03-23T16:04:37Z	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (59)

	URL	IP	Response	Size
	ojos.cc/r/uabqPn	188.114.96.1	301 Moved Permanently	0 B
URL HTTP/1.1 ojos.cc/r/uabqPn IP 188.114.96.1:0 ASN #13335 CLOUDFLARENET Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /r/uabqPn HTTP/1.1 Host: ojos.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Date: Thu, 23 Mar 2023 16:04:29 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: max-age=3600 Expires: Thu, 23 Mar 2023 17:04:29 GMT Location: https://ojos.cc/r/uabqPn Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETo6DoO6RCHKHJUhrXx4mmXn3q4qmqpfeKfcm1w2sUy%2F5Row6mtH%2BgQWfKyQcHkjFnQtSvVfinBDrTN10PiO6WQ18CutKnPqsVoCo%2F73o5Ty0XnbPE5jR5TG"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ac7e914dba6b4f1-OSL alt-svc: h2=":443"; ma=60

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18018 Expires: Thu, 23 Mar 2023 21:04:47 GMT Date: Thu, 23 Mar 2023 16:04:29 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 65fc860bc043f3fb83bdc3debdcd322d 418010755deae099ef1284e402813c5837a10f42 d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5096 Expires: Thu, 23 Mar 2023 17:29:25 GMT Date: Thu, 23 Mar 2023 16:04:29 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash 51a5d4696a6090c295850554508b51ce c44e143c2223546e64b19f543b8101aaf3b11e97 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3226 Expires: Thu, 23 Mar 2023 16:58:15 GMT Date: Thu, 23 Mar 2023 16:04:29 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 (939 B) Hash 84db75194692d4afe13196bda6f22da8 4c1f49bc973a4917f146d93c8d598344edc021f6 a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 15:15:07 GMT content-type: application/json age: 2962 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE Magic PEM certificate\012- , ASCII text Size 5348 (5.3 kB) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: u6FWyUYWz85shmhBk6oQLfg/M8zm2eWyQ5BVJvcgAOGWtiFE4sTXyc/SzCHVE/Xz/QZKY3svqXntp4mnVi2roA== x-amz-request-id: RZRPV60T6ZK9KDRY x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 15:54:06 GMT age: 623 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with no line terminators Size 12 (12 B) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 23 Mar 2023 16:04:29 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash d85a0c5dbdd6105d70f3de5fb5411b68 4f87ba7fb164aca63645b6a4a7fe7e18c4376b0a 41a73fd656a518110f66e2023fc8cb71be5676366710fe2b718d65c1caa58a8c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "41A73FD656A518110F66E2023FC8CB71BE5676366710FE2B718D65C1CAA58A8C" Last-Modified: Wed, 22 Mar 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11677 Expires: Thu, 23 Mar 2023 19:19:07 GMT Date: Thu, 23 Mar 2023 16:04:30 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE Magic JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 (329 B) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 15:17:23 GMT age: 2827 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 8s5fzEL4+ksYYxiEmw+9sw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: WEaq4OgRTRI+uUTsdxBJprrw2WA= Date: Thu, 23 Mar 2023 16:04:30 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css	188.114.99.234	200 OK	21 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css IP 188.114.99.234:0 ASN #0 Magic ASCII text, with very long lines (65371) Size 20782 (21 kB) Hash 7d20a0e75a38e3739665fab8dbd5e108 cf308f7a54d640a2c4b61a051065dcb77a3b254b a0f23d69b968fdaf17dcd7a658cc2a096dc101e72dcbd63f088e991b72e8126d HTTP Headers `GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:31 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"2f624089c65f12185e79925bc5a7fc42" last-modified: Mon, 25 Jan 2021 22:03:59 GMT cdn-cachedat: 02/17/2022 20:27:53 cdn-proxyver: 1.02 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 860 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: 441a5c346e6138207e493340368ec0b9 cdn-cache: HIT cf-cache-status: HIT age: 25033832 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ac7e9218f09b4f3-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 23c054d3aee551b6fdc42a5a472a7040 b1a46c12ac7d65c979fd1998bdb243f3dba8f956 9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 23c054d3aee551b6fdc42a5a472a7040 b1a46c12ac7d65c979fd1998bdb243f3dba8f956 9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=AW-774625255	142.250.74.40	200 OK	69 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-774625255 IP 142.250.74.40:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (8284) Size 69049 (69 kB) Hash 1616a4e3334b4d8948dc00ef4522d263 11e341314b1fead328d490b177a2eb619c3cd078 2596d4a7407ba7631f0edcb8d846fdf6c0696af88adf176283d84aa73e79296e HTTP Headers `GET /gtag/js?id=AW-774625255 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 23 Mar 2023 16:04:31 GMT expires: Thu, 23 Mar 2023 16:04:31 GMT cache-control: private, max-age=900 last-modified: Thu, 23 Mar 2023 15:14:09 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 69049 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 23c054d3aee551b6fdc42a5a472a7040 b1a46c12ac7d65c979fd1998bdb243f3dba8f956 9e8b91ab91da9ea20dfb5f90c1c06239d2872b0eb80785534d0c59c3b51de404 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:31 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11500 Expires: Thu, 23 Mar 2023 19:16:11 GMT Date: Thu, 23 Mar 2023 16:04:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11500 Expires: Thu, 23 Mar 2023 19:16:11 GMT Date: Thu, 23 Mar 2023 16:04:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11500 Expires: Thu, 23 Mar 2023 19:16:11 GMT Date: Thu, 23 Mar 2023 16:04:31 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. Magic data Size 503 (503 B) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11500 Expires: Thu, 23 Mar 2023 19:16:11 GMT Date: Thu, 23 Mar 2023 16:04:31 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6692 (6.7 kB) Hash c05bfdf1411a931d8ea9adc64b07bc74 156ef59e53564a4f2b27002b2695fafecd578d82 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6692 x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM9d9FcOoAMFaFQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Jj5lAwItWYm45j5kLqQnd3fhsiGsiuSiSVtrBUOolyHvPAmCc0S71A== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:54:24 GMT age: 29407 etag: "156ef59e53564a4f2b27002b2695fafecd578d82" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4905 (4.9 kB) Hash 90f64fe111aa6e90ebf52e0335d21b75 4f25bdbffca3803b02c196c38491223684d36b4d 37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4905 x-amzn-requestid: f2297c3e-1187-48f5-bffb-c5ea1a79a10b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CBFgcF4_oAMFd6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6416b602-02696af01c0d586c631c5b45;Sampled=0 x-amzn-remapped-date: Sun, 19 Mar 2023 07:13:06 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: R9mjcik3i0kISOeO4gVZP6XhhvZO00mriabAtJ8vv1kNhRpz_lfsHQ== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 06:31:03 GMT age: 34408 etag: "4f25bdbffca3803b02c196c38491223684d36b4d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10480 (10 kB) Hash 6f0b9e85381489dcf646c251722b21d4 5f7ea91288a2170bcabdca6be296718c4191eacd 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: pFCYGtd2b7lK7OBFHjCsgqqLfhtMAQDB0vyYFyf1sv-3CkSHbEh3mA== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:59:52 GMT age: 65079 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10284 (10 kB) Hash 4e89d0b1281259e7399294fb5fa19d2b 5035ed41f497c97faefae9cdaf42dc07ab468557 f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10284 x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM6hjEqtIAMFvXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Pv-MA9gQ4PmXuY3EWSC77_g2fn_C9-bYUQ4azcrxLNvtwY6CZZg1nA== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:55:01 GMT age: 29370 etag: "5035ed41f497c97faefae9cdaf42dc07ab468557" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg	34.120.237.76	200 OK	6.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5950 (6.0 kB) Hash 800c2662fd6ab8829a02b7d63084c38d 0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239 76545e9f75dc558fdb7b54550934c7775318fb4150a9309f60e65d982d2e576e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93c300c4-e707-428c-9ae5-d4699c20a7ef.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5950 x-amzn-requestid: ce85112e-428d-4ca1-9dac-1d6c8c6dc74a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CKyF9EI3oAMFtyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a96f2-05c5948d6f74948b1c67d68c;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 05:49:38 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: tu0ENc_6tfykYc23nLfwYEMsi5HIfaDWF6dvzVTfX5rfjr3JrmMrCA== via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 22:02:44 GMT age: 64907 etag: "0917d2c376f8d2af2a436a33ce2bfe1cbdb8b239" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4912 (4.9 kB) Hash f4a771935927950222124e14b56046df d07fe53e4ac41048497b2732c017f6666c3eda9e 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4912 x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8H3Fl1IAMFYgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:47:44 GMT age: 65807 etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.googleoptimize.com/optimize.js?id=OPT-PX6L3ZS	142.250.74.174	200 OK	46 kB
URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-PX6L3ZS IP 142.250.74.174:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (2206) Size 46121 (46 kB) Hash 88e1a5e03be4dc44a2b9c0d953b4a7fa c635dfa26354f772a27bc0afd2ee1d0f87ee8e25 5164dc2785a75dc4bbe15c42164b17c09849277012368d3f547da0c7887e19c7 HTTP Headers `GET /optimize.js?id=OPT-PX6L3ZS HTTP/1.1 Host: www.googleoptimize.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 23 Mar 2023 16:04:31 GMT expires: Thu, 23 Mar 2023 16:04:31 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 46121 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js	104.17.24.14	200 OK	2.7 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET Magic ASCII text, with very long lines (7085), with CRLF line terminators Size 2687 (2.7 kB) Hash dd1629bb344797ac07544382c851c0b8 b3a4c1b6638a2646d9289b81023de468e1342044 1f408af5413b89b90f213ff368eefe12aeff173d429f1c995b39c1a580f5a673 HTTP Headers `GET /ajax/libs/jquery-migrate/1.2.1/jquery-migrate.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:32 GMT content-type: application/javascript; charset=utf-8 content-length: 2687 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec2-1c20" last-modified: Mon, 04 May 2020 16:11:46 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 3176440 expires: Tue, 12 Mar 2024 16:04:32 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31JLFCi3QpiFoBGi8Ii0QHC6caNI5n92PahLpwsl5YZH85rQyC2bKFh820i%2B8EdmTZtR5ZFzBXCHrnl%2FqSmSoBwcHlL9sAmQrJ%2BQSTbaAF%2BCo9xxziwB3ohSH%2FHA9iAS0iO8JaIm"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7ac7e926d854b4ed-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js	104.17.24.14	200 OK	8.6 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET Magic ASCII text, with very long lines (32034) Size 8641 (8.6 kB) Hash 7096a9205e99b4a9a0458e50e92c4ea9 751666c641948b6516927592b357d4af77f1ec41 fb21f90b3ad06190d3a5e982be2795d00d1834a8b48c8230b834d41949729f8f HTTP Headers `GET /ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:32 GMT content-type: application/javascript; charset=utf-8 content-length: 8641 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb04010-8fd0" last-modified: Mon, 04 May 2020 16:17:20 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary: Accept-Encoding cf-cache-status: HIT age: 22630958 expires: Tue, 12 Mar 2024 16:04:32 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCgbfLNMXUIkB%2BMDlmvQaHRkgZkbzyGJs6GSnUC2UVMWSyChDeStJ%2FDBwLRFmC7gGcTOz26ahpk8RRqiY%2BPNAFBnhtFZlPA5sT7RD2ZVz9NURFVciO0EswuohNxjEHT8I2WRD7Kz"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7ac7e926d860b4ed-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/17.8.2/lazyload.min.js	104.17.24.14	200 OK	2.7 kB
URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vanilla-lazyload/17.8.2/lazyload.min.js IP 104.17.24.14:0 ASN #13335 CLOUDFLARENET Magic ASCII text, with very long lines (8892) Size 2710 (2.7 kB) Hash 16178d31c4cf3012113693bbc5d4a448 e24908ba66d90e62e558233e45236d7995e63443 025f1476b73801fcaed7e66c29161cc426d07a2385a6a1fe695ce83356a47599 HTTP Headers `GET /ajax/libs/vanilla-lazyload/17.8.2/lazyload.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:32 GMT content-type: application/javascript; charset=utf-8 content-length: 2710 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "630d7674-a96" last-modified: Tue, 30 Aug 2022 02:31:16 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 108837 expires: Tue, 12 Mar 2024 16:04:32 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2c6R2lPWGQbn8XaCEit%2BthBX62Ql22QA2zJEL6bJ0iEHnADlfUJJdgOc1sxrx%2Fa4Ha8NHf6tDjveGtKqAdFzzV4jreLK%2FoZ%2FR5wVzQgZNcJSK%2BbPZrJabfIMjU57hQ7cV0Vmv7r"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 7ac7e926d85cb4ed-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1d54d3c84e73cd1f00a835aa7616c399 e869898915967fb645a7ae3bd711a831329cc792 9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	216.58.207.202	200 OK	34 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 216.58.207.202:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (32038) Size 33507 (34 kB) Hash 103708790db3586027df27ded660f8ef d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70 fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe HTTP Headers `GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 33507 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 22 Mar 2023 18:18:49 GMT expires: Thu, 21 Mar 2024 18:18:49 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 78343 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 1d54d3c84e73cd1f00a835aa7616c399 e869898915967fb645a7ae3bd711a831329cc792 9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	region1.analytics.google.com/g/collect?v=2&tid=G-01VHM7KQRR&gtm=45je33k0&_p=259054954&_gaz=1&cid=2029721279.1679587480&ul=en-us&sr=1280x1024&_s=1&sid=1679587480&sct=1&seg=0&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&dt=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3%E5%91%8A%E3%80%81%E9%9B%BB%E5%AD%90%E5%A0%B1%E5%BB%A3%E5%91%8A%20%7C%20%E8%97%8D%E7%9C%BC%E7%A7%91%E6%8A%80&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.32.36	204 No Content	0 B
URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-01VHM7KQRR&gtm=45je33k0&_p=259054954&_gaz=1&cid=2029721279.1679587480&ul=en-us&sr=1280x1024&_s=1&sid=1679587480&sct=1&seg=0&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&dt=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3%E5%91%8A%E3%80%81%E9%9B%BB%E5%AD%90%E5%A0%B1%E5%BB%A3%E5%91%8A%20%7C%20%E8%97%8D%E7%9C%BC%E7%A7%91%E6%8A%80&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.32.36:0 ASN #15169 GOOGLE Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-01VHM7KQRR&gtm=45je33k0&_p=259054954&_gaz=1&cid=2029721279.1679587480&ul=en-us&sr=1280x1024&_s=1&sid=1679587480&sct=1&seg=0&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&dt=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3%E5%91%8A%E3%80%81%E9%9B%BB%E5%AD%90%E5%A0%B1%E5%BB%A3%E5%91%8A%20%7C%20%E8%97%8D%E7%9C%BC%E7%A7%91%E6%8A%80&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://advance.blueeyes.tw Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://advance.blueeyes.tw date: Thu, 23 Mar 2023 16:04:32 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 5cd8c9b1a21861daf74c130682cea34e 32ceecbbe8fdfc999e4169771cf7633fdaa1f083 328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/g/collect?v=2&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1	209.85.233.155	204 No Content	0 B
URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1 IP 209.85.233.155:0 ASN #15169 GOOGLE Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /g/collect?v=2&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://advance.blueeyes.tw Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0` `HTTP/2 204 No Content access-control-allow-origin: https://advance.blueeyes.tw date: Thu, 23 Mar 2023 16:04:32 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 5cd8c9b1a21861daf74c130682cea34e 32ceecbbe8fdfc999e4169771cf7633fdaa1f083 328369b9dcb3b3b19b031dd350a02c7cbe5fb250ba4748bf8d055da5342f0837 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	216.58.207.206	200 OK	23 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 216.58.207.206:0 ASN #15169 GOOGLE Magic data Size 22723 (23 kB) Hash d0f7ead2e48f846b72bebc5ce0be2b21 611a7bb897f0d7f3838e17039124efe17f94d0c1 350de27568bfcbd69fc1f76a9c029f9f035a3d558b6db9933cf889963b060edd HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Thu, 23 Mar 2023 14:05:11 GMT expires: Thu, 23 Mar 2023 16:05:11 GMT cache-control: public, max-age=7200 age: 7164 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	8.9 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 8908 (8.9 kB) Hash 4d811c15279405b617e9c80d692f272b 2e30dea3b972cf621d3b8c72de0bf30751efe7d2 5761ccba875bea6850192f838afe6eb9316b95f7982f50bebcf73388b70b3aab HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	2.0 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 1981 (2.0 kB) Hash 1f127116d75668c8323c49fdb26a763d 639fc6c5350d8604d69ae0da788a95306533e589 dd4e148f343420dbeed638aa2b7a18b45a26e553ded41f593e50b571d916a754 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST Magic data Size 471 (471 B) Hash 4f854cb1688bc0266ffd286eb6e81089 24b179739eea5eeb80d089087b992057c1de7a4e 31d0c650d82485852f52d0db111ac6c63776c34a4b0a1409eab760ecde0b0705 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6379 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Last-Modified: Thu, 23 Mar 2023 14:18:16 GMT Server: ECAcc (ska/F757) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 8795e5b287f501dc39ee441cd6bd7125 9d420cfc40477940eff7fcfc1aee2c7731fd17a5 a2f6bc52d276e1f73a3e823606457e033bccf8eca8631940a55c298f952451ed HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	googleads.g.doubleclick.net/pagead/viewthroughconversion/774625255/?random=1679587480195&cv=11&fst=1679587480195&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4	142.250.74.66	200 OK	1.3 kB
URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/774625255/?random=1679587480195&cv=11&fst=1679587480195&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66:0 ASN #15169 GOOGLE Magic ASCII text, with very long lines (3029), with no line terminators Size 1317 (1.3 kB) Hash ab7d76bf37d23a0aa478bb5e2cb9005c f90adaaef6bc06cadcdae6021ddb3a32300f1854 3d65002cc7a41fdd49a6bc06fe2ad6812dbec0dda61c67ea742115fed548c6be HTTP Headers GET /pagead/viewthroughconversion/774625255/?random=1679587480195&cv=11&fst=1679587480195&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 16:04:35 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 1317 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 16:19:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	googleads.g.doubleclick.net/pagead/viewthroughconversion/774625255/?random=1679587480205&cv=11&fst=1679587480205&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4	142.250.74.66	200 OK	1.6 kB
URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/774625255/?random=1679587480205&cv=11&fst=1679587480205&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.66:0 ASN #15169 GOOGLE Magic ASCII text, with CRLF line terminators Size 1643 (1.6 kB) Hash b3a5d52db886ba772ad10b13b89cd2a9 6d020b710fc251e90aa079ea1cd3322528e09362 0d7e746fcff2e6f0935d5ffb182996c105f9f74eadef1ce8d88644920c87ee53 HTTP Headers GET /pagead/viewthroughconversion/774625255/?random=1679587480205&cv=11&fst=1679587480205&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&hn=www.googleadservices.com&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&auid=2126279245.1679587480&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 16:04:35 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 1315 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Thu, 23-Mar-2023 16:19:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1&z=898878746	142.250.74.163	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1&z=898878746 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic GIF image data, version 89a, 1 x 1\012- data Size 42 (42 B) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-01VHM7KQRR&cid=2029721279.1679587480&gtm=45je33k0&aip=1&z=898878746 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 16:04:35 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	connect.facebook.net/en_US/fbevents.js	157.240.200.14	200 OK	32 kB
URL HTTP/2 connect.facebook.net/en_US/fbevents.js IP 157.240.200.14:0 ASN #32934 FACEBOOK Magic data Size 31966 (32 kB) Hash 673ce6b249b19fb6c867ce95355a42fb d509967faa813615880f89e48868aaaf06aecd5f 9e7bf9468270cdeed569c9ad578a26d8d3f2d3fbc85fca39f4273f1b593d1e25 HTTP Headers `GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: application/x-javascript; charset=utf-8 report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report" cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY origin-agent-cluster: ?0 strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: 1EGBt0D8RWQ2g8wPKR5oNJEcv2KxQ0qTHfIyE93BLdcu7xiio7Yx7/qSStm435KR4Ecimx95yeBqz+NH5KsVNg== content-length: 27907 x-fb-trip-id: 1679558926 date: Thu, 23 Mar 2023 16:04:35 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ocsp.digicert.com/	192.229.221.95	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST Magic data Size 471 (471 B) Hash 4f854cb1688bc0266ffd286eb6e81089 24b179739eea5eeb80d089087b992057c1de7a4e 31d0c650d82485852f52d0db111ac6c63776c34a4b0a1409eab760ecde0b0705 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6391 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Last-Modified: Thu, 23 Mar 2023 14:18:04 GMT Server: ECAcc (ska/F775) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash a6cad75209fdd6f267646b8382348c4b 35d993c683277cba55a4a86e15afa0c378d9a1d8 f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	1.9 kB
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 1884 (1.9 kB) Hash 82cdbfbeb0c2f159e0b8d1b99547682a 963f64fa2641da191514e632a6e5b74425df8fa2 09a5f058435d7db4143b2c1c41338294c95e221736f56b6b26bf396399ab0a99 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 78815ec28cdd11dab4f66f2eaab35658 c6fd7f2a657d87c6e7641be6fc69913c427cd26a f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 471 (471 B) Hash 78815ec28cdd11dab4f66f2eaab35658 c6fd7f2a657d87c6e7641be6fc69913c427cd26a f99b9d279c7ddfe7916dde9c7390be1f225e330ffa662bd7ae603ceed76e44c3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/pagead/1p-user-list/774625255/?random=1679587480205&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1319415278&rmt_tld=0&ipr=y	142.250.74.164	200 OK	42 B
URL HTTP/2 www.google.com/pagead/1p-user-list/774625255/?random=1679587480205&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1319415278&rmt_tld=0&ipr=y IP 142.250.74.164:0 ASN #15169 GOOGLE Magic GIF image data, version 89a, 1 x 1\012- data Size 42 (42 B) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /pagead/1p-user-list/774625255/?random=1679587480205&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1319415278&rmt_tld=0&ipr=y HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 16:04:36 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/pagead/1p-user-list/774625255/?random=1679587480195&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3892944863&rmt_tld=0&ipr=y	142.250.74.164	200 OK	42 B
URL HTTP/2 www.google.com/pagead/1p-user-list/774625255/?random=1679587480195&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3892944863&rmt_tld=0&ipr=y IP 142.250.74.164:0 ASN #15169 GOOGLE Magic GIF image data, version 89a, 1 x 1\012- data Size 42 (42 B) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /pagead/1p-user-list/774625255/?random=1679587480195&cv=11&fst=1679587200000&bg=ffffff&guid=ON&async=1&gtm=45be33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&frm=0&tiba=Google%E9%97%9C%E9%8D%B5%E5%AD%97%E5%BB%A3%E5%91%8A%E4%BB%A3%E6%93%8D%E4%BD%9C%E6%9C%8D%E5%8B%99%20%7C%20%E8%97%8D%E7%9C%BC%E5%BB%A3%E5%91%8A%20-%20LINE%20%E8%97%8D%E6%A8%99%E5%BA%97%E5%AE%B6%E5%BB%A3%E5%91%8A%E3%80%81LINE%20%E5%A5%BD%E5%8F%8B%E5%BB%A3&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3892944863&rmt_tld=0&ipr=y HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Thu, 23 Mar 2023 16:04:36 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE Magic data Size 472 (472 B) Hash 9f0607231b4674d2bfb5a6798b0b4093 6c14f5c952e413365703144951b09b7126ff8e2d 869816689cb9507d294d69f953e8ea33452a177d405816ad86f729b123ceaa98 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 23 Mar 2023 16:04:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.facebook.com/tr/?id=256967611441022&ev=PageView&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&rl=&if=false&ts=1679587484971&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679587484970.935597194&it=1679587483809&coo=false&rqm=GET	31.13.72.36	200 OK	0 B
URL HTTP/2 www.facebook.com/tr/?id=256967611441022&ev=PageView&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&rl=&if=false&ts=1679587484971&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679587484970.935597194&it=1679587483809&coo=false&rqm=GET IP 31.13.72.36:0 ASN #32934 FACEBOOK Magic Size 0 (0 B) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /tr/?id=256967611441022&ev=PageView&dl=https%3A%2F%2Fadvance.blueeyes.tw%2Fgoogle-adwords.php&rl=&if=false&ts=1679587484971&sw=1280&sh=1024&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679587484970.935597194&it=1679587483809&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Thu, 23 Mar 2023 16:04:36 GMT X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE Magic JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7424 (7.4 kB) Hash 05c7970e81559904d05b6e8cf693f085 709b01a360624eceafb1876f56378824aa4936b3 a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 7424 x-amzn-requestid: 9a2bd57a-40d2-4bc0-b4ca-183e9a928bdc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM-3aGPzoAMFj6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b782f-0dc56e4a7c4aaeb45b45c75b;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:50:39 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 8mTKClr9GKzzrm1TtEmMeBnOQfMLTO4dBuAO-fE4UEfV-SwrFbkjZQ== via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 02:54:31 GMT age: 47407 etag: "709b01a360624eceafb1876f56378824aa4936b3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ojos.cc/r/uabqPn	188.114.97.1	302 Found	0 B
URL HTTP/2 ojos.cc/r/uabqPn IP 188.114.97.1:0 ASN #13335 CLOUDFLARENET Magic Size 0 (0 B) Hash HTTP Headers `GET /r/uabqPn HTTP/1.1 Host: ojos.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 302 Found date: Thu, 23 Mar 2023 16:04:30 GMT content-type: text/html; charset=utf-8 location: https://advance.blueeyes.tw/google-adwords.php cache-control: max-age=600 expires: Thu, 23 Mar 2023 16:14:29 GMT vary: User-Agent cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0D5uIJ%2BOURW9BYA5nvnEIzRP8GGk07S5oVQovZyXyb01svKOvl5Zn0bUJ9NjtlaF2uNHjFpaFmlENkA6Qe5gvREKlu6A24DEBb9wDRxYEhnizif8ChiDET6e"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains server: cloudflare cf-ray: 7ac7e916583eb524-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	advance.blueeyes.tw/google-adwords.php	104.26.0.144	200 OK	0 B
URL HTTP/2 advance.blueeyes.tw/google-adwords.php IP 104.26.0.144:0 ASN #13335 CLOUDFLARENET Magic Size 0 (0 B) Hash HTTP Headers `GET /google-adwords.php HTTP/1.1 Host: advance.blueeyes.tw User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:31 GMT content-type: text/html; charset=utf-8 cache-control: max-age=0, no-cache cf-railgun: direct (starting new WAN connection) vary: Accept-Encoding x-frame-options: SAMEORIGIN, SAMEORIGIN x-mod-pagespeed: pagespeed x-xss-protection: 1; mode=block cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jHWBHp0PGB%2BV4m9gKGUoK3hQQDpJbrEmddYqxbmbTcMT1836AL3eSuDr3aqyVAwmTo1pNdy3eeNvfEw7kABiVRRTGLdH7s82PTNWQeB4Q5hy6A1AI4EKmu%2BSkHX5Je%2BqBr%2B%2FNs%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7ac7e91cca00b524-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114	104.16.57.101	200 OK	0 B
URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 IP 104.16.57.101:0 ASN #13335 CLOUDFLARENET Magic Size 0 (0 B) Hash HTTP Headers `GET /beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114 HTTP/1.1 Host: static.cloudflareinsights.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://advance.blueeyes.tw Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Thu, 23 Mar 2023 16:04:32 GMT content-type: text/javascript;charset=UTF-8 access-control-allow-origin: * cache-control: public, max-age=86400 etag: W/2023.3.0 last-modified: Mon, 20 Mar 2023 17:58:49 GMT cross-origin-resource-policy: cross-origin vary: Accept-Encoding server: cloudflare cf-ray: 7ac7e92708d8b4f4-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtm.js?id=GTM-KLJZC5Z	142.250.74.40	200 OK	0 B
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KLJZC5Z IP 142.250.74.40:0 ASN #15169 GOOGLE Magic Size 0 (0 B) Hash HTTP Headers `GET /gtm.js?id=GTM-KLJZC5Z HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://advance.blueeyes.tw/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 23 Mar 2023 16:04:31 GMT expires: Thu, 23 Mar 2023 16:04:31 GMT cache-control: private, max-age=900 last-modified: Thu, 23 Mar 2023 15:14:09 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 73550 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

#1 JS:Script (size: 1074)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#2 JS:Script (size: 1443)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#3 JS:Script (size: 331)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#4 JS:Script (size: 16691)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#5 JS:Script (size: 8893)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#6 JS:Script (size: 14906)

URL

IP

ASN

Introduced by

Inline HTML

Observations

Hash

#7 JS:Script (size: 23180)

URL

IP

ASN

Introduced by

Inline HTML