urlscan.io logo urlscan.io
SecurityTrails logo

blog.turn.tw Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://turn.tw/
Effective URL: https://blog.turn.tw/
Submission: On July 14 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 7 countries across 16 domains to perform 70 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is blog.turn.tw.
TLS certificate: Issued by WE1 on July 8th 2024. Valid for: 3 months.
This is the only time blog.turn.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 188.114.96.3 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:50c0:800... 54113 (FASTLY)
2 188.114.97.3 13335 (CLOUDFLAR...)
1 13.32.99.15 16509 (AMAZON-02)
5 142.250.186.162 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 199.232.192.134 54113 (FASTLY)
1 2600:9000:20a... 16509 (AMAZON-02)
10 2600:9000:20a... 16509 (AMAZON-02)
5 54.65.174.105 16509 (AMAZON-02)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2 35.190.36.98 15169 (GOOGLE)
1 1 172.105.203.31 63949 (AKAMAI-LI...)
1 103.132.192.30 138552 (RTBHOUSE-...)
5 203.75.214.136 3462 (HINET Dat...)
2 178.250.1.8 44788 (ASN-CRITE...)
1 210.59.219.34 3462 (HINET Dat...)
2 2600:9000:20b... 16509 (AMAZON-02)
70 20
22    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
turn.tw
blog.turn.tw
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fakeimg.pl
1    13.32.99.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-15.fra60.r.cloudfront.net
cdn.doublemax.net
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
blog-turn-tw.disqus.com
1    2600:9000:20a0:8400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
10    2600:9000:20a0:ea00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
5    54.65.174.105 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    35.190.36.98 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com
ad2.apx.appier.net
1    172.105.203.31 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1857-31.members.linode.com
gocm.c.appier.net
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
5    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net
2    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    210.59.219.34 (Taichung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net
prebid.scupio.com
2    2600:9000:20b4:9800:9:17b1:ccc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
v.holmesmind.com
Apex Domain
Subdomains		 Transfer
22 turn.tw
turn.tw
blog.turn.tw
373 KB
18 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 138273
ad.holmesmind.com — Cisco Umbrella Rank: 99907
v.holmesmind.com
2 MB
5 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 76533
621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net
4 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
196 KB
4 gstatic.com
fonts.gstatic.com
91 KB
3 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 88973
gocm.c.appier.net — Cisco Umbrella Rank: 3432
940 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 726
42 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 662
381 B
2 disqus.com
blog-turn-tw.disqus.com
3 KB
2 fakeimg.pl
fakeimg.pl — Cisco Umbrella Rank: 361539
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
2 KB
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 87602
172 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 20507
175 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
1 doublemax.net
cdn.doublemax.net — Cisco Umbrella Rank: 806453
3 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4469
1019 KB
70 16
Domain Requested by
21 blog.turn.tw blog.turn.tw
11 cdn.holmesmind.com cdn.doublemax.net
cdn.holmesmind.com
ad.holmesmind.com
blog.turn.tw
5 ad.holmesmind.com cdn.holmesmind.com
blog.turn.tw
5 pagead2.googlesyndication.com blog.turn.tw
pagead2.googlesyndication.com
4 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
4 fonts.gstatic.com fonts.googleapis.com
3 static.criteo.net cdn.holmesmind.com
blog.turn.tw
2 v.holmesmind.com blog.turn.tw
2 bidder.criteo.com static.criteo.net
2 ad2.apx.appier.net 1 redirects blog.turn.tw
2 blog-turn-tw.disqus.com blog.turn.tw
blog-turn-tw.disqus.com
2 fakeimg.pl blog.turn.tw
2 fonts.googleapis.com blog.turn.tw
1 621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net blog.turn.tw
1 prebid.scupio.com cdn.holmesmind.com
1 prebid-asia.creativecdn.com cdn.holmesmind.com
1 gocm.c.appier.net 1 redirects
1 www.facebook.com blog.turn.tw
1 cdn.doublemax.net blog.turn.tw
1 raw.githubusercontent.com blog.turn.tw
1 turn.tw 1 redirects
70 21
Subject Issuer Validity Valid
turn.tw
WE1		 2024-07-08 -
2024-10-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
fakeimg.pl
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.doublemax.net
Go Daddy Secure Certificate Authority - G2		 2024-03-05 -
2025-04-06		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-16 -
2025-04-16		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2024-03-05 -
2025-04-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
*.t.ssp.hinet.net
 2024-03-11 -
2025-03-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2023-09-27 -
2024-10-27		 a year crt.sh

This page contains 7 frames:

Primary Page: https://blog.turn.tw/
Frame ID: C9294FCDFFA45631F2EF34B13DD04105
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E8%25BD%2589%25E5%2580%258B%25E5%25BD%258E%25E6%2597%25A5%25E8%25AA%258C%2F650279948417734&width&height=62&colorscheme=light&show_faces=false&header=true&stream=false&show_border=true&appId=775415802511486
Frame ID: 6E18489D99D7561217BFC47609012775
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 2981BFB0BBD8F37F326983368EEA03BE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: ECC2F269E4FF0A4A14E5AAEBC596CB5A
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Frame ID: AEBC003BB2A84C2C63A34033E3102104
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1009112352200321&output=html&h=600&slotname=5786407291&adk=3410920981&adf=3979276212&pi=t.ma~as.5786407291&w=300&abgtt=3&lmt=1720957353&format=300x600&url=https%3A%2F%2Fblog.turn.tw%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720957353451&bpp=37&bdt=3662&idt=332&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=7892116864701&frm=20&pv=2&ga_vid=345391069.1720957354&ga_sid=1720957354&ga_hid=1903041587&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95331687%2C95331833%2C95334509%2C95334526%2C95334830%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=234100169324205&tmod=907877950&uas=0&nvt=1&fc=640&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=355
Frame ID: 8FC7C9621882C6DFCBD2F9B88E24D9C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1009112352200321&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720957354&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.turn.tw%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_9~29_18~30_19&aiixl=32_9~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720957354749&bpp=1&bdt=4960&idt=1&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=300x600&nras=1&correlator=7892116864701&frm=20&pv=1&ga_vid=345391069.1720957354&ga_sid=1720957354&ga_hid=1903041587&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95331687%2C95331833%2C95334509%2C95334526%2C95334830%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=234100169324205&tmod=907877950&uas=0&nvt=1&fsapi=1&fc=896&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4
Frame ID: BE35CB4E8B1BB776FC23594B3718B62D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

轉個彎日誌 | by 阿川先生

Page URL History Show full URLs

  1. https://turn.tw/ HTTP 301
    http://blog.turn.tw/ HTTP 307
    https://blog.turn.tw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

40 %
IPv6

16
Domains

21
Subdomains

20
IPs

7
Countries

4166 kB
Transfer

5478 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://turn.tw/ HTTP 301
    http://blog.turn.tw/ HTTP 307
    https://blog.turn.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NAv8Tow_CoKYAZ4brLmTZg

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
blog.turn.tw/
Redirect Chain
  • https://turn.tw/
  • http://blog.turn.tw/
  • https://blog.turn.tw/
99 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6567dd0f658f132ab42f107126d7956f8f13685f491226fc8845cc7d97c0f6c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8a313fe5991e18f3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 14 Jul 2024 11:42:29 GMT
link
<https://blog.turn.tw/index.php?rest_route=/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yk4KFLI14HPaOoi0F%2BxKdJjJwKSxTN8sMmIpGWbwUNJ5gM2w3FfKSh1jk32g6cO9gN2nkX%2FCMw%2BljvyhlUuUYlQDXN0E7hL%2F1U7bCAWWXWPnVznOlXOhVLUTUixOVgw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://blog.turn.tw/
Non-Authoritative-Reason
HttpsUpgrades
style.min.css
blog.turn.tw/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:30 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"145a9-5db6cebead146-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bln2XmFyceTND%2BYHyOulU2Yp9%2BkQZ6Uc5Y3NOx6IGsWV70HIxufK40H4hK15thAvDzY8jEBmEFZj8YFaxihgXRnHhcGQi3bmiTH4xbD09qZMFLYPQi6hCFV7%2FfU1iWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d7c18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
11191
css
fonts.googleapis.com/ 		5 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6799697917e31082c4371f1b02745d309f1e0af1786224c0ee0002845c7cda81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 11:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 11:26:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 11:42:29 GMT
genericons.css
blog.turn.tw/wp-content/themes/twentyfourteen/genericons/ 		30 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:30 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 06:27:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7945-5db69a4671e67-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xnqIpi8CjfG74nqJeqttC2Wpm3KdDMTlgn2jScPhzN90cCzdoVBWW8rYvJPrdZ%2F2U4qyCCQk0vc0FWDp8pz3VLs4pofsPGwkkr3yexwwOyOAla5SVMFGx%2Fe98zbOOPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d8018f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
19329
style.css
blog.turn.tw/wp-content/themes/twentyfourteen/ 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/themes/twentyfourteen/style.css?ver=20190507
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a0b91d593ee394d8f11346236a3ea69990e40928ef743a72690a54e7a464a0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:30 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 06:27:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1424e-5db69a4670ec7-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCKHVDC2uf%2BKLk8nHXbf%2BG8DFPpQ8ZREUcTjlp6JAxwY2jkMkYN72K8tsXqAIxsRTtbctRGaJUyPx6A0EuQdugPwIbugzd6zERCBhc4VztxKIy1ursuHilPuL0oJTzA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d8518f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
14739
blocks.css
blog.turn.tw/wp-content/themes/twentyfourteen/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce7e9715dfeded3495e0d9c54966b1ff7b26a768ca2024c2cf097ee90015cd6

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:29 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 06:27:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e0e-5db69a4671e67-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1c%2F76M2%2Bb7lepZzNM7iQjhJKCd3aKX53lMZGYc%2FRBI5gxIF4CYq%2FY8d31vOy7cof3qIVlVIUhfZadJekBKqoI9ip9USdqcllWWAVDgkkmGsYD97pvTqswHPskmC5QM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d8818f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
1649
pum-site.min.css
blog.turn.tw/wp-content/plugins/popup-maker/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/plugins/popup-maker/assets/css/pum-site.min.css?ver=1.18.1
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 29 Apr 2023 02:19:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1d1e-5fa7036e14654-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4AJejssHHwhvdrwYM%2FJRyjKfQvCpoFWSZTDTUx%2BrgMinzLXrQ4BELwLcHDEfDoUwAaO%2BV6BH%2FeD%2FxX9Y1DuGoTTXk5o6NIlbPXp4owB5lQOqWPgSZi3bWT%2Bjofyt4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d8a18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
1889
css
fonts.googleapis.com/ 		2 KB
969 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 14 Jul 2024 11:42:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 14 Jul 2024 09:58:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Jul 2024 11:42:29 GMT
jquery.min.js
blog.turn.tw/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:29 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15db1-5db6cebe95a42-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSJG57%2BLZIDBQmcFOQW0TH8hpVHqT79m1sblE0iNOl1VCof3v%2FxHpDN8Zpix1HmFmQB83LziypEOeq4CLCPYI%2FRrjgR9yQjqDiXyJR22GXEGCuVATcvfOcNWZxJT2tY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d8e18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
30908
jquery-migrate.min.js
blog.turn.tw/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:29 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2bd8-5db6cebe95a42-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOT%2FYIbCTh8HItaH%2BJUxIkz5kSfqnBSXEEn3zBxwXEaDz9FHZoRFQw7Jz8P0eWs1PiEVwesgjsTLxoDGtU1qrAlX08mh2FwSL0hUC%2B0S%2BabodzJMDr4uip3xK8l9pvY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d9018f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
4169
jerry.png
blog.turn.tw/wp-content/uploads/2020/10/ 		211 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.turn.tw/wp-content/uploads/2020/10/jerry.png
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd6922bb38bd584adcf4a8b27b99f5c3c87efe22784177f61fb3beb6282ef046

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:30 GMT
cf-cache-status
HIT
last-modified
Tue, 13 Oct 2020 06:50:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"34a1b-5b187d3f879e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JURBBGRf7Y0Jy9NS33JqZKO7WnoDd%2FYbMX%2FkW%2BpGluO%2BVe3Dcg2%2FGfQ55PDq2WAR2ck%2FOMTfO%2BIHk%2F8bLaqZsBeFEioyJBSjHI4y6tnf1ChRGokf1ayB6DIBbTQlNyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a313fec4d9118f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
215579
screenshot-cafenomad.png
raw.githubusercontent.com/howtomakeaturn/nomadic/master/images/ 		1018 KB
1019 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/howtomakeaturn/nomadic/master/images/screenshot-cafenomad.png
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c327bfbfd1c44640ca9b2a5879bd98707c7a5a0d0f10452dfa35c8ca261b4d21
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fastly-request-id
71ad7631a2ddbfafeffce1f5be9f316e66a19cc4
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 14 Jul 2024 11:42:30 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
1042035
x-xss-protection
1; mode=block
x-served-by
cache-mad2200130-MAD
x-github-request-id
254C:163094:C96BBA:D65279:6693B9A5
x-timer
S1720957350.934239,VS0,VE296
etag
W/"e09b19665b5aa2b3d418de9633bb91d5ac0f710b6da1cef1175d7795601c618b"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 14 Jul 2024 11:47:30 GMT
/
fakeimg.pl/400x300/282828/eae0d0/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeimg.pl/400x300/282828/eae0d0/?text=Nomadic
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f2a2e43400b911f55a5097d53fb462af1896f04d4149a90b14aadeb812818a

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6341
x-ua-compatible
IE=Edge,chrome=1
last-modified
2024-06-11 11:09:36.030897
server
cloudflare
etag
5963ab07c2876a86770444b61b5dc266df8b1e6f
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJ53ALtbvSUQVQwedc4aGXEOQCGLaf2vazrCIRnXULyyGlZ83Q%2FaTOdJO%2FxthmXVbwrwHl3tzsW7YGgnJ%2Be%2Ffuh%2FX4dw7nx5CBk%2Bwo2%2FkNCLjYLn99EkFOYpoaZC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=36000
accept-ranges
bytes
cf-ray
8a314000bed79766-FRA
priority
u=2,i
/
fakeimg.pl/400x300/222/fff/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fakeimg.pl/400x300/222/fff/?text=ListPower!
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43a98d221fd96cc2982ccba20e6c52654dcfc54c69043b21cf68e84d79ec521

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7448
x-ua-compatible
IE=Edge,chrome=1
last-modified
2024-07-04 05:18:46.855856
server
cloudflare
etag
df16302a1984362854100c5fda83188b481db63b
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ptfow0eOxgutiA3rQx6sQkpOgMnOw37cLw%2F%2F2TR4ASvMwb%2BGQ8IGfPSGTWT8CXZAdC6nxJwYMDePaLnZWkpOQJnkbwRlOPRiykooB9LE9DWRODibamBhqxZEBc0W"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=36000
accept-ranges
bytes
cf-ray
8a314000bedc9766-FRA
priority
u=2,i
email-decode.min.js
blog.turn.tw/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 08:14:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"668f945f-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSinZCsVzAwuc9w6gQVId%2B4FKOw2PCTsD2%2FnCwxoRKwIWp9hLqN9pv%2BXQSzMQiZs0yCabZnoFh9VbCGo4ydE4NGZOT6Ildr5btostvJqptIVUZpBRwvvH4QuutXcTv4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a3140001be518f3-FRA
expires
Tue, 16 Jul 2024 11:42:32 GMT
init.js
cdn.doublemax.net/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doublemax.net/js/init.js
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-15.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
content-encoding
gzip
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
date
Sun, 14 Jul 2024 11:42:33 GMT
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
8
x-amz-server-side-encryption
AES256
etag
W/"2b18447e41c64d14195cefd72eb57400"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
TiLoYHL0VywLogP0xqie6N4L7SOYwbiZL-xwFfr08PbU0FOFlc-PWQ==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ce1eb0cd47a701353af6a92207eebcd953e7875e9520ccd54c6dca36a7cdbab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53735
x-xss-protection
0
server
cafe
etag
8493143146046090061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 14 Jul 2024 11:42:33 GMT
comment_count.js
blog.turn.tw/wp-content/plugins/disqus-comment-system/public/js/ 		889 B
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 05:25:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"379-5db68c506bb47-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZZf5%2BAcriBmCX3UnWQl6vwUuyM7pAG6%2B4b2lNj9AsdLzmJ8PoQ0od0dFrmi1nfUjSR8oSHQ9uqjmfhqHZWTkVymCTVKtc6XGwl8y1p9%2BEKLex7TXCJHxyvvd%2BnmUuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140001be718f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
440
admin.js
blog.turn.tw/wp-content/plugins/custom-css-editor/fresh-framework//framework/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/plugins/custom-css-editor/fresh-framework//framework/admin.js?ver=5.9.2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Nov 2016 05:38:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0-5407315682dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCPUPwwvUcdNERJGZJI4tquk4PrwQzyME%2BH5%2FyTLg%2FlXLmBSI7vi19E0M1EfFvRZDTvnq1iPCZe%2BToyBx%2FKGad%2FFtQDtV8GPTMUukrDFqu%2FC3%2B%2BfB8b973PueqNlDhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002be918f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
imagesloaded.min.js
blog.turn.tw/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15fd-5db6cebe998c3-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOpywUJYW6m1KkJz7qklOm9iy3TcqtWdVNUYj4xPFBpEDe9e29oV6%2FHewv5kbm95WzvjPopzbflHxDnzsdiYaqPkgrfGRnrD3KBR5M0Tc3sM2GRS%2FxwLIEYghKQdxMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bea18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
1834
masonry.min.js
blog.turn.tw/wp-includes/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:34 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e4a-5db6cebe98923-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGPe3CtUJ80UlA5rVK7d36Lok0rQZfZ3DngEvTxmpQ0miUlVhmshkiE16QMrgt9kxw5WhpdafPtwe2j3USyPha3sHGA0VOInHCHBR1jVaflQkGi0DLzhhzP8kQN36hA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bed18f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
7382
jquery.masonry.min.js
blog.turn.tw/wp-includes/js/jquery/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sun, 27 Mar 2022 13:05:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"71b-5db32d814dfe7-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2P2zPxaWRDe1%2BTQdqKYDzIKG55WO%2BTM%2Fttzl5xud5uRPKHOVklMzbM%2FxkmpxuXmLUzeCoEBKo1rrFcmp2zSwH%2FmjRjFnnMMGbXJZ22OnFVrcyqPjI2Kqwldz3N0l0gg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bf018f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
716
functions.js
blog.turn.tw/wp-content/themes/twentyfourteen/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/themes/twentyfourteen/js/functions.js?ver=20171218
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd82cac24cbdef5b83f92479a62813edddc8f515353bfa0e3e774f30f6327254

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 06:27:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"17a6-5db69a4670ec7-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bzxxh4wGqvOVNr%2FPQ0fugE21eSm49FzULbjWb%2BnvJRPV9tsy8D5OYybLkAzVJH%2BRM%2FLm095zCgSuqqar%2FqBsGKnygD043bCUYrUFqsLptpM9fHbxuLr6HcQqRaI%2F6kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bf118f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
2136
core.min.js
blog.turn.tw/wp-includes/js/jquery/ui/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"50ea-5db6cebe969e2-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zH2NV1OowgKBknooP88LFJ3DhOHvoG2QOuhYolbJ8T9e601MrbsBr3p9Ihz7%2FH0oqaQ8BnJA2CLkuN8qtYeuZs7cjTARYYdGlRGAzBS06XU1q1BCRRKvnUf0d2cjS%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bf218f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
6875
site.min.js
blog.turn.tw/wp-content/plugins/popup-maker/assets/js/ 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-content/plugins/popup-maker/assets/js/site.min.js?defer&ver=1.18.1
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Sat, 29 Apr 2023 02:19:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"11021-5fa7036e12713-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCLMdTvnxeHYcue98GpUuo1hwgHy1kRYBIeiFebXaJDEJCWxWVQO%2BRNqx7yH0OwC6MaKFirH%2B5xM7eaCp80cTwaR4U2I2yzrPo1snUWBQ1%2B9YkjzCOJPm7Aw7x1tf8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140002bf418f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
17282
wp-emoji-release.min.js
blog.turn.tw/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.turn.tw/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:34 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 30 Mar 2022 10:22:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4705-5db6cebe98923-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qvC9rIA99OtZBqByoxCCE3EJegQIj9T6h80wXwwzzlo2Ramn1FnfYmGM%2FFSCjGknJEqjrNtHlJg%2BrdQVOVJyjVUcjhvVXiHNCR6h7smRdATlgp7%2FSK3oj6sGnwq9ts8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a3140003c0518f3-FRA
alt-svc
h3=":443"; ma=86400
content-length
4930
likebox.php
www.facebook.com/plugins/ Frame 6E18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E8%25BD%2589%25E5%2580%258B%25E5%25BD%258E%25E6%2597%25A5%25E8%25AA%258C%2F650279948417734&width&height=62&colorscheme=light&show_faces=false&header=true&stream=false&show_border=true&appId=775415802511486
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jul 2024 11:42:33 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391455549879091563"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391455549879091563"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=61, ullat=0
x-fb-debug
qx/eqWBFuslrh/1BlGxVmsm2f5YiLUcZ3YrP8hG11uKfifAHZecqoUv2CYpVyYimuzqgH+cWZzKpKk7KhRFpow==
x-frame-options
DENY
x-xss-protection
0
pattern-light.svg
blog.turn.tw/wp-content/themes/twentyfourteen/images/ 		534 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.turn.tw/wp-content/themes/twentyfourteen/images/pattern-light.svg
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/wp-content/themes/twentyfourteen/style.css?ver=20190507
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3cc0845b1dd5140cfb07c4caa46282024bf90675c6e7c66c9bcc0f69c66de37

Request headers

Referer
https://blog.turn.tw/wp-content/themes/twentyfourteen/style.css?ver=20190507
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Mar 2022 06:27:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"216-5db69a4671e67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYAbfLbmZTrl2PJD9%2FzuBzgRDfoGoYDl%2B2UiNFOPDQ9%2FXCY0l7IA5XJPmm0xiPhbWNuC0iwgiRUAeywKtKfUSOuIitCqJBsIbl71dcv45h4fLgSmubcq0raLlT%2FonNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8a3140006c5318f3-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9

Request headers

Referer
Origin
https://blog.turn.tw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.turn.tw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:42:21 GMT
x-content-type-options
nosniff
age
439212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:42:21 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.turn.tw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 14:56:54 GMT
x-content-type-options
nosniff
age
420339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 14:56:54 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.turn.tw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:32:28 GMT
x-content-type-options
nosniff
age
439805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:32:28 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.turn.tw
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 15:12:24 GMT
x-content-type-options
nosniff
age
419409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 15:12:24 GMT
count.js
blog-turn-tw.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog-turn-tw.disqus.com/count.js
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 11:42:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=300; includeSubdomains
X-Amz-Cf-Pop
DFW3-C1
Age
38
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 09 Jul 2024 13:14:54 GMT
Server
nginx
ETag
"668d37ce-367"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
St974-x2OzQ_6l8cRT4Lp77H4oZ4P4Gzwlv5FT9YA2v5a0jkgDbQHQ==
capmapping.htm
cdn.holmesmind.com/js/ Frame 2981 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:8400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://blog.turn.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
28
content-length
9921
content-type
text/html
date
Sun, 14 Jul 2024 11:42:34 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 04ddc2ad740f178bb6e0e07dc16f9744.cloudfront.net (CloudFront)
x-amz-cf-id
P9fACryMCzrLKHfi_k-98YYtz7JpxhPyin01TbmtX6_KsyZxPUypJA==
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame ECC2 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a9a5d577628840b4692dd02d31e4a8e7f146d5ec2d080d710f4ca656bbf6413

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
XgoyGQR70I_SFekCFX.gP1RN3dwkGpcu
date
Sun, 14 Jul 2024 11:42:34 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Tue, 28 May 2024 00:20:53 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
22
x-amz-server-side-encryption
AES256
etag
"536a802a0b6ee023d504ce876d84f986"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10958
x-amz-cf-id
BN3D4IgQ0bgd7oy3pwvQ_Y4smbusT5K6t6LUfE2tpKVYSVIVsHcAkw==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1009112352200321&plah=blog.turn.tw&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
8b7dc10c130cd407e515aee158cf35e3135ff05b89fc1e87dfa893c71a1eb8e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146685
x-xss-protection
0
server
cafe
etag
1535362050307906801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 14 Jul 2024 11:42:33 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/ Frame AEBC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240709/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1009112352200321&plah=blog.turn.tw&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

age
61167
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 13 Jul 2024 18:43:07 GMT
etag
2738592464165616
expires
Sat, 27 Jul 2024 18:43:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 8FC7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1009112352200321&output=html&h=600&slotname=5786407291&adk=3410920981&adf=3979276212&pi=t.ma~as.5786407291&w=300&abgtt=3&lmt=1720957353&format=300x600&url=https%3A%2F%2Fblog.turn.tw%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720957353451&bpp=37&bdt=3662&idt=332&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=7892116864701&frm=20&pv=2&ga_vid=345391069.1720957354&ga_sid=1720957354&ga_hid=1903041587&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=10&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95331687%2C95331833%2C95334509%2C95334526%2C95334830%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=234100169324205&tmod=907877950&uas=0&nvt=1&fc=640&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=355
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1009112352200321&plah=blog.turn.tw&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jul 2024 11:42:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
count-data.js
blog-turn-tw.disqus.com/ 		616 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog-turn-tw.disqus.com/count-data.js?1=3648%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3648&1=3679%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3679&1=3697%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3697&1=3720%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3720&1=3752%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3752&1=3768%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3768&1=3787%20http%3A%2F%2Fblog.turn.tw%2F%3Fp%3D3787
Requested by
Host: blog-turn-tw.disqus.com
URL: https://blog-turn-tw.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b6609b7d64b9e99f5419560611049265427660c383bf2024532c63dd007fd77
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 14 Jul 2024 11:42:34 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
616
X-XSS-Protection
1; mode=block
Preset.js
ad.holmesmind.com/adserver/ Frame ECC2 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=6254
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
af4d907034c7d4693d00295dc448070fd278b6d76a31733fb6679babf8c717cc

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://blog.turn.tw
date
Sun, 14 Jul 2024 11:42:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame ECC2 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Sun, 14 Jul 2024 11:42:34 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
4
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
GYPNWDD6dIl6W8_f2h8779qOhJvaBbzqqmlohxRJyIbCciBcfgcVmw==
ads
pagead2.googlesyndication.com/pagead/ Frame BE35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1009112352200321&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720957354&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fblog.turn.tw%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=32~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=32_7~27_9~29_18~30_19&aiixl=32_9~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720957354749&bpp=1&bdt=4960&idt=1&shv=r20240709&mjsv=m202407090101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=300x600&nras=1&correlator=7892116864701&frm=20&pv=1&ga_vid=345391069.1720957354&ga_sid=1720957354&ga_hid=1903041587&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95331687%2C95331833%2C95334509%2C95334526%2C95334830%2C31084184%2C31078663%2C31078668%2C31078670&oid=2&pvsid=234100169324205&tmod=907877950&uas=0&nvt=1&fsapi=1&fc=896&brdim=90%2C90%2C90%2C90%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1009112352200321&plah=blog.turn.tw&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.turn.tw/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Jul 2024 11:42:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads.js
ad.holmesmind.com/adserver/ Frame ECC2 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=6254&rf=https%3A%2F%2Fblog.turn.tw%2F&n=379&o=4&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3320-TgVYseGmslN63FWozXCFJdP7XOONB9lJ&fp_uuid=3320-cc000969cb9b2f148b4d6370e52763ef&initver=230627P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
49a3dfc5e4a1820bd2740292ca90f086987ceb6422301ffe1db6960da964da91

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://blog.turn.tw
date
Sun, 14 Jul 2024 11:42:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame ECC2 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date
Sun, 14 Jul 2024 11:42:35 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 03:28:50 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
23
x-amz-server-side-encryption
AES256
etag
"519bf06eca29382b4ee4cc4f1dace214"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2905
x-amz-cf-id
VYRmS71qpk5mTN08wCYTH4FZLimnhSSeoVxSGWQYslc9Suk05x1p-w==
publishertag.js
static.criteo.net/js/ld/ Frame ECC2 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ad2b5b80199ab7b82bb111f4c8dce959f24a351227756dd6d53c0d1a24ce65fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 03 Jul 2024 13:01:44 GMT
server
nginx
etag
W/"66854bb8-1fe51"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 15 Jul 2024 11:42:35 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame ECC2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date
Sun, 14 Jul 2024 11:42:37 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 02:29:01 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
etag
"13519f9e63c9828d93a698c47992e115"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3197
x-amz-cf-id
Qmca8SD542XEKMWFMgE6eUcNSXO57kZ9RHv74rX1c8eSTg6Y6WMPeQ==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame ECC2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date
Sun, 14 Jul 2024 11:42:37 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 08:50:04 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
etag
"41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3470
x-amz-cf-id
M7KjHVz6c2diHwjNfYhQ9c43q4ZuGZAEnPhWMPgI_vIiorXFvVeMPg==
appierV2.js
cdn.holmesmind.com/js/ Frame ECC2 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date
Sun, 14 Jul 2024 11:42:35 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 06:52:43 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
42
x-amz-server-side-encryption
AES256
etag
"21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3446
x-amz-cf-id
wEvLbKzJmbX61pB-Rd5-qoyWbHKyDxotkwT6CHYyIYaaRkEMJkDdYQ==
bid
ad2.apx.appier.net/v1/prebid/ Frame ECC2
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=NAv8Tow_CoKYAZ4brLmTZg
2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=NAv8Tow_CoKYAZ4brLmTZg
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Server
35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
98.36.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Sun, 14 Jul 2024 11:42:36 GMT
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=NAv8Tow_CoKYAZ4brLmTZg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame ECC2 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://blog.turn.tw
date
Sun, 14 Jul 2024 11:42:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
utag.js
t.ssp.hinet.net/ Frame ECC2 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 06:51:38 GMT
server
nginx
etag
W/"65e6c0fa-15e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Sun, 14 Jul 2024 11:52:36 GMT
drawV2.js
cdn.holmesmind.com/js/ Frame ECC2 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=6254&rf=https%3A%2F%2Fblog.turn.tw%2F&n=379&o=4&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=3320-TgVYseGmslN63FWozXCFJdP7XOONB9lJ&fp_uuid=3320-cc000969cb9b2f148b4d6370e52763ef&initver=230627P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
MSt.illVoQb3pO8IADvHgNboFaeniBxV
date
Sun, 14 Jul 2024 11:42:01 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 06:01:02 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
35
x-amz-server-side-encryption
AES256
etag
"dcf480340ca4b65dc9aa76bd9e677036"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13033
x-amz-cf-id
rbCMiX3viH1AzhMlIqF0phz6vnRMlHq8c9uyEynzhxj_by9a1w5soA==
index.php
blog.turn.tw/ 		161 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.turn.tw/index.php?rest_route=/pum/v1/analytics/?event=open&pid=3805&_cache=1720957355682
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d4c4141efd4bd59a405cd9969608d5b1aab54740997a4d71eda3f9ad8e4425a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wuuH4KClo1dKsSsqxQowIQclAk8Hd0U4puwJ5BoJ%2B9q0JUpCpo7cAaa%2B7t7MJm7KYithLsEfPwTyQe5bZk3ae%2F%2FLK1pgxEYNTIgnCChZqSbOCU8dM0XaE2HzGp7aDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
x-robots-tag
noindex
link
<https://blog.turn.tw/index.php?rest_route=/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray
8a3140111c3818f3-FRA
alt-svc
h3=":443"; ma=86400
main.js
cdn.holmesmind.com/module/product/inner/inner_video/ Frame ECC2 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/module/product/inner/inner_video/main.js
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4625c2e4c47c8c49479485031a30f70c8dbc37193a2b6be02dea85ed7399a5e3

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
A5Xo6L2drE53gBzGo3BIM0SlSCqCBWpC
date
Sun, 14 Jul 2024 11:42:36 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jun 2024 00:24:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
98
x-amz-server-side-encryption
AES256
etag
"7b71f6fcbe284d37e47364989a848421"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27082
x-amz-cf-id
rgO0rSYsTWIN9-T6U40XgAo1NURI1fpjFO1oY3NhS9o745lgc3K3NA==
cf.png
cdn.holmesmind.com/ Frame ECC2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/cf.png
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date
Sun, 14 Jul 2024 08:22:15 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jun 2023 03:09:39 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
12376
x-amz-server-side-encryption
AES256
etag
"7cb0cc414e01c6f48a9eefee02d81959"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2399
x-amz-cf-id
E2v1X0bVCCOewv6Og4nghpKRtVnlnY9nLnqW4oBsc-tVUGgWNVhLEw==
cdb
bidder.criteo.com/ Frame ECC2 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=155&profileId=184&cb=39416511481
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://blog.turn.tw
date
Sun, 14 Jul 2024 11:42:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame ECC2 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5230647442072311
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
210.59.219.34 Taichung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
210-59-219-34.hinet-ip.hinet.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://blog.turn.tw
Date
Sun, 14 Jul 2024 11:42:36 GMT
Access-Control-Allow-Credentials
true
Server
Kestrel
i
ad.holmesmind.com/adserver/ Frame ECC2 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1720957355&p=6254:112570:236311:a1180d963ef9460a836c7b788e83edbb:14756
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/png
date
Sun, 14 Jul 2024 11:42:36 GMT
server
nginx/1.14.0 (Ubuntu)
s_baad421691356e137ad72c361a066bbf.mp4
v.holmesmind.com/14756/video/output/ Frame ECC2 		440 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v.holmesmind.com/14756/video/output/s_baad421691356e137ad72c361a066bbf.mp4
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:9800:9:17b1:ccc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://blog.turn.tw/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 14 Jul 2024 11:42:38 GMT
x-amz-version-id
EV8ml1oHUzmzJZ0o7SQEvkGrJpoh1cS.
via
1.1 78e03c1b28d33ab75a53563ffdf54ba6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jul 2024 02:56:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
etag
"f591c984fc87c432687a7074df4e90de"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2804023/2804024
x-amz-meta-mediaconvert-jobid
1720666578762-n4t0e4
accept-ranges
bytes
x-amz-cf-id
JcQsUMXWj8RU3G9KVkQROlzZDn9hDflRC6Tyvq1qZ2GkvSNvO5QgiQ==
Content-Length
2804024
/
t.ssp.hinet.net/ Frame ECC2 		36 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
6efa1062541cda92e48b9c8c07b7ffe8e12ce9d955fc2f4e39078bc85e819ae1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://blog.turn.tw
cache-control
no-cache, private
access-control-allow-credentials
true
white-mute.png
cdn.holmesmind.com/image/creative/vastplayer/ Frame ECC2 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.holmesmind.com/image/creative/vastplayer/white-mute.png
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ea00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
20cbe51aa556f8704bbada00f5ad25aecaf9329d08febbb133c2543cc2ba6f96

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
.rcUQ0OelG5m7EK.OA8C.clVq89aSZuO
date
Sun, 14 Jul 2024 08:19:42 GMT
via
1.1 ae0d2a327c332a4081a71ea179abdd70.cloudfront.net (CloudFront)
last-modified
Thu, 15 Jun 2023 01:14:50 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
12175
x-amz-server-side-encryption
AES256
etag
"217636ef44316cdf319fe9c258f94bf2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
690
x-amz-cf-id
I63--wCvhLj09ck8k92j2qBi6P-aP8s2x-UiV21whgONyptqoaEqlg==
truncated
/ Frame ECC2 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f31502bd8b58a334acc32b695f096fde6dd136fa1106f2d2d9fb4825d41b1abb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
bidder.criteo.com/csm/ Frame ECC2 		0
190 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://blog.turn.tw
date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame ECC2 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 09 Jul 2025 11:42:36 GMT
pixel.gif
static.criteo.net/images/ Frame ECC2 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Wed, 09 Jul 2025 11:42:36 GMT
emome2
t.ssp.hinet.net/ Frame ECC2 		30 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=621c4cb5-d0bd-4f46-bd39-0cc05733d8f6
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://blog.turn.tw
cache-control
no-cache, private
access-control-allow-credentials
true
cm
t.ssp.hinet.net/ Frame ECC2 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=3320-TgVYseGmslN63FWozXCFJdP7XOONB9lJ&mp=621c4cb5-d0bd-4f46-bd39-0cc05733d8f6
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:36 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://blog.turn.tw
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net/ Frame ECC2 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net/pixel?bd=621c4cb5-d0bd-4f46-bd39-0cc05733d8f6&t=50ef57&referrer=
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:37 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
av
ad.holmesmind.com/adserver/ Frame ECC2 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/av?p=6254:112570:236311:a1180d963ef9460a836c7b788e83edbb:14756&type=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:37 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
v
ad.holmesmind.com/adserver/ Frame ECC2 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/v?id=a1180d963ef9460a836c7b788e83edbb-6254&duration=30&track=1
Requested by
Host: blog.turn.tw
URL: https://blog.turn.tw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.174.105 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-174-105.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blog.turn.tw/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 14 Jul 2024 11:42:38 GMT
server
nginx/1.14.0 (Ubuntu)
lst
log st is 0
content-type
image/png
s_baad421691356e137ad72c361a066bbf.mp4
v.holmesmind.com/14756/video/output/ Frame ECC2 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://v.holmesmind.com/14756/video/output/s_baad421691356e137ad72c361a066bbf.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20b4:9800:9:17b1:ccc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1b01ecfee2400882eec5c43d77c400ac223d66d7f0049e96044e82f87a058cb

Request headers

Referer
https://blog.turn.tw/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=450919-

Response headers

x-amz-version-id
EV8ml1oHUzmzJZ0o7SQEvkGrJpoh1cS.
date
Sun, 14 Jul 2024 11:42:40 GMT
via
1.1 78e03c1b28d33ab75a53563ffdf54ba6.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jul 2024 02:56:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
etag
"f591c984fc87c432687a7074df4e90de"
x-cache
RefreshHit from cloudfront
content-type
video/mp4
Content-Range
bytes 450919-2804023/2804024
x-amz-meta-mediaconvert-jobid
1720666578762-n4t0e4
accept-ranges
bytes
x-amz-cf-id
lyZLabk-e-cNx9Ko6MLJ4VEtHMH-5WOQ7BVw1iVqkIMpCTJYbNlPlA==
Content-Length
2353105

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| _wpemojiSettings function| jQuery object| adsbygoogle object| countVars string| disqus_shortname function| EvEmitter function| imagesLoaded function| c_tag_mk function| getCookie function| getVideoCardInfo object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| DISQUSWIDGETS function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| pum_vars object| pum_sub_vars object| pum_popups object| PUM object| PUM_Accessibility object| PUM_Analytics function| pm_cookie function| pm_cookie_json function| pm_remove_cookie string| ajaxurl object| pum function| FormSerializer object| google_ama_state number| google_rum_task_id_counter object| twemoji object| wp object| criteo_syncframe_state

16 Cookies

Domain/Path Name / Value
.turn.tw/ Name: ISMD5VERSION
Value: 1
.turn.tw/ Name: __eoi
Value: ID=a86cf61b7b7ef710:T=1720957354:RT=1720957354:S=AA-AfjbFpBhvoeeRVXo-_LDzVgdk
.holmesmind.com/ Name: P
Value: 970376-nnHbWSNNADa88SWSrMtfQBxAeFw9sA2f
.holmesmind.com/ Name: Vision
Value: 20240714-23:59,20240714-22,20240714-22,20240714-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.turn.tw/ Name: CFFPCKUUID
Value: 3229-1mwhvpm2qNqJYXFizj9Flk9eSOFw4yhe
.turn.tw/ Name: CFFPCKUUIDMAIN
Value: 3320-TgVYseGmslN63FWozXCFJdP7XOONB9lJ
.turn.tw/ Name: FPUUID
Value: 3320-cc000969cb9b2f148b4d6370e52763ef
.holmesmind.com/ Name: fcm
Value: 1
.lndata.com/ Name: admckid
Value: 2407141942351375178
.hinet.net/ Name: uuid
Value: 621c4cb5-d0bd-4f46-bd39-0cc05733d8f6
.turn.tw/ Name: __htid
Value: 621c4cb5-d0bd-4f46-bd39-0cc05733d8f6
.turn.tw/ Name: _ht_em
Value: 1
.c.appier.net/ Name: _auid
Value: NAv8Tow_CoKYAZ4brLmTZg
.turn.tw/ Name: _ht_50ef57
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://blog.turn.tw/index.php?rest_route=/pum/v1/analytics/?event=open&pid=3805&_cache=1720957355682
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

621c4cb5-d0bd-4f46-bd39-0cc05733d8f6.t.ssp.hinet.net
ad.holmesmind.com
ad2.apx.appier.net
bidder.criteo.com
blog-turn-tw.disqus.com
blog.turn.tw
cdn.doublemax.net
cdn.holmesmind.com
fakeimg.pl
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
raw.githubusercontent.com
static.criteo.net
t.ssp.hinet.net
turn.tw
v.holmesmind.com
www.facebook.com
103.132.192.30
13.32.99.15
142.250.186.162
172.105.203.31
178.250.1.8
188.114.96.3
188.114.97.3
199.232.192.134
203.75.214.136
210.59.219.34
2600:9000:20a0:8400:0:e06c:e940:93a1
2600:9000:20a0:ea00:0:e06c:e940:93a1
2600:9000:20b4:9800:9:17b1:ccc0:93a1
2606:50c0:8002::154
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
2a02:2638:3::3
2a03:2880:f177:185:face:b00c:0:25de
35.190.36.98
54.65.174.105
00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0e1536ec01be2959f60ab02b0194f62521734031080914187efc25e482fefdc9
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1a9a5d577628840b4692dd02d31e4a8e7f146d5ec2d080d710f4ca656bbf6413
20cbe51aa556f8704bbada00f5ad25aecaf9329d08febbb133c2543cc2ba6f96
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
4625c2e4c47c8c49479485031a30f70c8dbc37193a2b6be02dea85ed7399a5e3
49a3dfc5e4a1820bd2740292ca90f086987ceb6422301ffe1db6960da964da91
4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5b6609b7d64b9e99f5419560611049265427660c383bf2024532c63dd007fd77
5d4c4141efd4bd59a405cd9969608d5b1aab54740997a4d71eda3f9ad8e4425a
6799697917e31082c4371f1b02745d309f1e0af1786224c0ee0002845c7cda81
6efa1062541cda92e48b9c8c07b7ffe8e12ce9d955fc2f4e39078bc85e819ae1
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
8b7dc10c130cd407e515aee158cf35e3135ff05b89fc1e87dfa893c71a1eb8e5
8c09f40aa9ac3105f86ea363d58ad2a81f5d5741b810786a1a6291e7dd9d43ad
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
a8a0b91d593ee394d8f11346236a3ea69990e40928ef743a72690a54e7a464a0
ad2b5b80199ab7b82bb111f4c8dce959f24a351227756dd6d53c0d1a24ce65fa
af4d907034c7d4693d00295dc448070fd278b6d76a31733fb6679babf8c717cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43a98d221fd96cc2982ccba20e6c52654dcfc54c69043b21cf68e84d79ec521
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd6922bb38bd584adcf4a8b27b99f5c3c87efe22784177f61fb3beb6282ef046
bd82cac24cbdef5b83f92479a62813edddc8f515353bfa0e3e774f30f6327254
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c327bfbfd1c44640ca9b2a5879bd98707c7a5a0d0f10452dfa35c8ca261b4d21
c3cc0845b1dd5140cfb07c4caa46282024bf90675c6e7c66c9bcc0f69c66de37
c3f2a2e43400b911f55a5097d53fb462af1896f04d4149a90b14aadeb812818a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c55bb187432531f48be10df58477eb1ab34d4ec4b7aecfb4c179845a5227fcd2
ce1eb0cd47a701353af6a92207eebcd953e7875e9520ccd54c6dca36a7cdbab5
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d1b01ecfee2400882eec5c43d77c400ac223d66d7f0049e96044e82f87a058cb
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f31502bd8b58a334acc32b695f096fde6dd136fa1106f2d2d9fb4825d41b1abb
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f6567dd0f658f132ab42f107126d7956f8f13685f491226fc8845cc7d97c0f6c
fce7e9715dfeded3495e0d9c54966b1ff7b26a768ca2024c2cf097ee90015cd6
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869