szeman.nidbox.com Open in urlscan Pro
107.167.188.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://szeman.nidbox.com/diary/read/10193351
Submission: On March 21 via manual (March 21st 2023, 8:55:43 am UTC) from LU — Scanned from SG

Summary HTTP 85 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 35 IPs in 4 countries across 25 domains to perform 85 HTTP transactions. The main IP is 107.167.188.58, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is szeman.nidbox.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 5th 2022. Valid for: a year.

This is the only time szeman.nidbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.167.188.58 107.167.188.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	139.162.123.98 139.162.123.98	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
3	2404:6800:400... 2404:6800:4003:c04::61	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::9c	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4003:c02::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.155.68.86 18.155.68.86	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c03::9c	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c11::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::9d	15169 (GOOGLE) (GOOGLE)
1	52.84.251.112 52.84.251.112	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4003:c05::68	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
5	54.192.150.68 54.192.150.68	16509 (AMAZON-02) (AMAZON-02)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	34.96.119.68 34.96.119.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	139.162.38.30 139.162.38.30	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2406:2600:7:1... 2406:2600:7:100::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	209.58.168.56 209.58.168.56	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	13.115.84.134 13.115.84.134	16509 (AMAZON-02) (AMAZON-02)
1	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.33.88.41 13.33.88.41	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
3	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
2	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	209.58.171.197 209.58.171.197	() ()
1 1	74.125.24.154 74.125.24.154	() ()
1	2606:4700:20:... 2606:4700:20::681a:567	() ()
85	35

1 107.167.188.58 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.188.167.107.bc.googleusercontent.com

szeman.nidbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 139.162.123.98 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1607-98.members.linode.com

pica.nidbox.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::9c (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c02::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.155.68.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-86.sin52.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c11::9c (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9c (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::84 (Singapore)

ASN15169 (GOOGLE, US)

3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::9b (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::9d (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.251.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-112.sin5.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::68 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.192.150.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-68.sin2.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.119.68 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.38.30 (Singapore) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1451-30.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.168.56 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.115.84.134 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-84-134.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.181 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c006:158::65 (Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-41.sin2.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::9 (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.171.197 (None, ) 1 redirects

ASN- ()

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:567 (None, )

ASN- ()

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nidbox.net pica.nidbox.net	261 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 134	205 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net	162 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 713 gum.criteo.com — Cisco Umbrella Rank: 386 mug.criteo.com — Cisco Umbrella Rank: 2753	9 KB
8	scupio.com img.scupio.com — Cisco Umbrella Rank: 87163 bw.scupio.com — Cisco Umbrella Rank: 162272 prebid.scupio.com — Cisco Umbrella Rank: 79309	148 KB
4	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 778	271 KB
3	appier.net 2 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 45233 gocm.c.appier.net — Cisco Umbrella Rank: 2183	912 B
3	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
3	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 32010	5 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	197 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 629	57 KB
2	aralego.com 1 redirects hb.aralego.com — Cisco Umbrella Rank: 26421 sync.aralego.com	678 B
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 37134 s.trvdp.com — Cisco Umbrella Rank: 35463	136 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 27333 www.google.com.sg — Cisco Umbrella Rank: 13441	939 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	89 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	32 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	76 KB
1	aralego.net cdn.aralego.net	655 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 16134	726 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 440	821 B
1	holmesmind.com ad.holmesmind.com — Cisco Umbrella Rank: 101878 c.holmesmind.com Failed	219 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19438	177 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	605 B
1	nidbox.com szeman.nidbox.com	7 KB
85	25

	Domain	Requested by
13	pica.nidbox.net	szeman.nidbox.com pica.nidbox.net
7	pagead2.googlesyndication.com	szeman.nidbox.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	img.scupio.com	szeman.nidbox.com img.scupio.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net szeman.nidbox.com
4	gum.criteo.com	2 redirects static.criteo.net
4	static.xx.fbcdn.net	www.facebook.com
3	mug.criteo.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	stg.truvidplayer.com	szeman.nidbox.com go.trvdp.com s.trvdp.com
3	www.googletagmanager.com	szeman.nidbox.com www.googletagmanager.com
2	static.criteo.net	img.scupio.com static.criteo.net
2	ad2.apx.appier.net	1 redirects
2	bw.scupio.com	img.scupio.com
2	www.google.com	szeman.nidbox.com tpc.googlesyndication.com
2	connect.facebook.net	szeman.nidbox.com connect.facebook.net
2	www.facebook.com	szeman.nidbox.com
2	www.googletagservices.com	szeman.nidbox.com securepubads.g.doubleclick.net
1	cdn.aralego.net
1	cm.g.doubleclick.net	1 redirects
1	sync.aralego.com	1 redirects
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	fastlane.rubiconproject.com	img.scupio.com
1	prebid.scupio.com	img.scupio.com
1	ad.holmesmind.com	img.scupio.com
1	hb.aralego.com	img.scupio.com
1	prebid-asia.creativecdn.com	img.scupio.com
1	bidder.criteo.com	img.scupio.com
1	gocm.c.appier.net	1 redirects
1	www.google.com.sg	szeman.nidbox.com
1	go.trvdp.com	stg.truvidplayer.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.sg	securepubads.g.doubleclick.net
1	szeman.nidbox.com
0	c.holmesmind.com Failed
85	40

This site contains links to these domains. Also see Links.

Domain
www.nidbox.com
home.nidbox.com
www.hymember.net
www.plurk.com
www.google.com

Subject Issuer	Validity	Valid
*.nidbox.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-05` - `2023-10-05`	a year	crt.sh
pica.nidbox.net Sectigo RSA Domain Validation Secure Server CA	`2022-10-04` - `2023-11-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-28`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.google.com.sg GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://szeman.nidbox.com/diary/read/10193351
Frame ID: FBC589DAF73C8E71D8B6A345CA0C764A
Requests: 46 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=button_count&locale=zh_TW&show_faces=true&width=95&action=like&font=verdana&colorscheme=light&height=22
Frame ID: 23024C1CBD6360EA567A01C28DAB58F7
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=standard&show_faces=false&width=300&action=like&colorscheme=light
Frame ID: E4A46F7AB0D06951C5D70E21929824DE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: BBE145C97FCD3BA5E6AE73775FBE8F2E
Requests: 1 HTTP requests in this frame

Frame: https://3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AAD5274527FE78DA0F5E36B5A03FDE71
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746614883199587&output=html&adk=1812271804&adf=3025194257&lmt=1679388937&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679388936745&bpp=3&bdt=619&idt=274&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7387296165490&frm=20&pv=2&ga_vid=1482589211.1679388937&ga_sid=1679388937&ga_hid=685667674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31073105%2C31071265%2C21065725&oid=2&pvsid=3095745194252614&tmod=388809782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301
Frame ID: 81E68F0FFDB6E037CDB8456FFF34D758
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746614883199587&output=html&h=435&slotname=1946875055&adk=3183792155&adf=2039955730&pi=t.ma~as.1946875055&w=615&lmt=1679388937&rafmt=11&format=615x435&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679388936748&bpp=2&bdt=622&idt=307&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7387296165490&frm=20&pv=1&ga_vid=1482589211.1679388937&ga_sid=1679388937&ga_hid=685667674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=328&ady=887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31073105%2C31071265%2C21065725&oid=2&pvsid=3095745194252614&tmod=388809782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EtVanNqaU3&p=https%3A//szeman.nidbox.com&dtd=312
Frame ID: 72A48A729A51F5B530C8D2B0BF84E996
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJE94iLgdwMeQ896LcPXSwFtdUnH1qcBgF0tmYSbrd-53KmU2jPBmApgD2Ex5XZCxUYayJ5qd3OBapi-uQH1rD2b7xkv6UaiFSgY2k9IPSR8YrRS-8_LKYc-5yMlk_Yov57rq1000UB8IrksqCNxVA9yf0yu2SzbUxjAUCvahB7D_Rtx9HQR5xXmFzwySexrRMjwWtuxqcUWmmUWJm4KWAf5OqbNSyxMxnjxU2cXqtoTXS6DaBu3SqTetsT9DwsyXZxd_k8Qqbje1hXAG5-Au4KsO9PDGX2Ec4g_4COi3-yYO2Pq-gum_GiplB6pCQMo9ZOpwq4A&sai=AMfl-YQpoLdL4GZk7inuyEpfuJ5cDUaYakXaRoKwv0o6k7YomNTVzw1Ls0oBdujwleAX_hTf6SVsZh5-KSSOQuUqLFbSTu7RW6lLM8M4521B5ISJlKmpUCecHNzTEk6E4VIC1YGZrE4Fxlr4fF4b3Wc&sig=Cg0ArKJSzC9MJeKbfBj5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AC00B1AD701D74812B65921ABB2D1A56
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/mv.html?v=1.0.143
Frame ID: 21B189E4DF7BA0A700A10B71F881919D
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC4F169894422B8C35234CCCCAB6F559
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E881D275CDD71F71313698C571F57140
Requests: 2 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=SG&timestamp=1679388939&level=0
Frame ID: EF652DDAB930CC97E363D2C580BC33E5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=szeman.nidbox.com
Frame ID: 0D326907B3D9CA4CEE3158ADB2DA6F2F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RELX用後體驗 - 絕佳!不錯的品牌選擇 @szeman's world - nidBox親子盒子

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

94 %
HTTPS

54 %
IPv6

25
Domains

40
Subdomains

35
IPs

4
Countries

1678 kB
Transfer

4894 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nidbox.com/rd/redir/27?rurl=https:%2F%2Fwww.nidbox.com

Search URL Search Domain Scan URL

URL: https://home.nidbox.com/
Title: 親子日記APP

Search URL Search Domain Scan URL

URL: https://www.nidbox.com/member/register
Title: 免費申請

Search URL Search Domain Scan URL

URL: https://www.nidbox.com/?returnurl=http://szeman.nidbox.com/diary/read/10193351
Title: 登入

Search URL Search Domain Scan URL

URL: https://www.hymember.net/pages/relx-infinity
Title: RELX Infinity

Search URL Search Domain Scan URL

URL: http://www.plurk.com/?qualifier=shares&status=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351%20(RELX%E7%94%A8%E5%BE%8C%E9%AB%94%E9%A9%97+-+%E7%B5%95%E4%BD%B3%21%E4%B8%8D%E9%8C%AF%E7%9A%84%E5%93%81%E7%89%8C%E9%81%B8%E6%93%87)

Search URL Search Domain Scan URL

URL: http://www.google.com/bookmarks/mark?op=add&bkmk=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&title=RELX%E7%94%A8%E5%BE%8C%E9%AB%94%E9%A9%97+-+%E7%B5%95%E4%BD%B3%21%E4%B8%8D%E9%8C%AF%E7%9A%84%E5%93%81%E7%89%8C%E9%81%B8%E6%93%87

Search URL Search Domain Scan URL

URL: https://home.nidbox.com/m/e
Title: 兒童發展檢核表

Search URL Search Domain Scan URL

URL: http://www.nidbox.com/
Title: nidBox 親子盒子

Search URL Search Domain Scan URL

URL: http://www.nidbox.com/about
Title: about

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=9ctCSgGhDpKVn4UUCXEZZA

Request Chain 78

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=szeman.nidbox.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=aQaw43xXUnQvbjdMVGY3ZWp0eHduWitqRjNlUTlhWk9FK0RoNi82ZVFhRno4R2M0UWlkNmVIOGJ0MVJLdVByYTFaVDlCdlZtMHdGRlR3ZXhzSFMrcVI0NDdWZzhKQTNaSktxWGUxUUQ3MzkyRlBzRVdzZTk0RzNqVXpwNzA0bEZrQ0VtNkxudllkd0Rud0t4dzNBWE1QQmQ2emxpS0RUdDBDemozVFVVSG01OUhxREkxMFBXNUl2bjBrWXlSUDlvdFNLN00yVGtuNVkya1ovOGs4cTJheVB5Wm8zWnJqcElxTWpEUCt5K3l1d0RxVWQwL3JBWGVpcERIK09mSGd6SkhIVkF1SHdUdGdKZCtwQTFXeVdrNkVEa25GVm0zRW1ZRzZWd1llMXFPekZoU0lQVT18&cppv=2

Request Chain 80

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fszeman.nidbox.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Ew7UyHxZcmpRQUJVeEVCaDZYUHJjbllnTGNTUW1lQ3VnSmtaTmtUNDd3S1pCbVQrbnRNNnNOb0JxbmltRHN2QnBwZk9DeWJmb1FjWVVXWitONkpmUTdWOE5qR2VBbHprNXVMdUdxWWpJb3k1RmdkdVQ1SWMvVWNFUXZJUnpYY3lRTnhRTFZ6MEJrZGVkNXNFbmtvY2NrU3pCRmhZY2RMbGVpYmZ6L3A3akhXVkdCdVRjeUJjZkdLN0crNjFFejF6YU05RlZBYWY5T2NlZCtmeG9QYWNnQ2h3cjdia2tKYlFmd0lnYzF1S3UzN2U4TzdubDR4ZS8wbUVxSHdTbkZrOUJKcVVrMU5jdkVaVFovdHdxM3VESXArOHkxbmpsVVFGRXp6L0JNR3ZYL1RTVTdCbz18&cppv=2

Request Chain 81

https://sync.aralego.com/idSync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=Y2I0YWJkZWMtNTU0YS0zOTQ1LTg4MmItNTk0Yzc0ODVlYzVh&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 82

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 10193351 Show response
szeman.nidbox.com/diary/read/ 19 KB
7 KB 2490ms
91ms Document
text/html 107.167.188.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.167.188.58 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.188.167.107.bc.googleusercontent.com

Software

Apache /

Resource Hash

59da4a71d82230fb1281af82cfe824c6b459bafa0739ab1f6ec9c7be76036364

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-length: 6539
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 08:55:35 GMT
expires: Wed, 18 Jan 2000 07:30:00 GMT
server: Apache
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 blog.min.css
pica.nidbox.net/css/ 64 KB
9 KB 325ms
104ms Stylesheet
text/css 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/css/blog.min.css?b13
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 32bef405edc80eb23a5640fad152387651b0a61b1e5248e968f05d2a659f19f5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Mon, 20 Feb 2023 05:14:23 GMT
server: nginx
etag: "101be-5f51abc75b9ad-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9373
expires: Wed, 22 Mar 2023 05:29:32 GMT

GET
H2 200 blog10006.min.css
pica.nidbox.net/css/10006/ 6 KB
2 KB 415ms
194ms Stylesheet
text/css 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 6bc4faadac92d5e492f77905814d8faa4ec9c8b6c1230dbce19472bdab0d92a8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 06:25:36 GMT
server: nginx
etag: "1918-5d4cfd25a3800-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1839
expires: Tue, 21 Mar 2023 11:52:07 GMT

GET
H2 200 jquery-1.4.4.min.js Show response
pica.nidbox.net/lib/js/jquery/ 77 KB
27 KB 416ms
195ms Script
application/javascript 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/lib/js/jquery/jquery-1.4.4.min.js
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Mon, 14 Mar 2011 02:09:25 GMT
server: nginx
etag: "13309-49e67cd001f40-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 27073
expires: Sat, 25 Mar 2023 01:45:47 GMT

GET
H2 200 common.js Show response
pica.nidbox.net/lib/js/ 4 KB
2 KB 417ms
196ms Script
application/javascript 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/lib/js/common.js?v4
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: ccf764b9e3b96507a1b66d1b32d826612c1223f3b73fa68fc0f6524375e30b0a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 02:43:19 GMT
server: nginx
etag: "10b1-542678d0c1fc0-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1593
expires: Sat, 25 Mar 2023 01:45:47 GMT

GET
H2 200 scrolltopcontrol.min.js Show response
pica.nidbox.net/jquery/plugins/ 2 KB
1 KB 505ms
285ms Script
application/javascript 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/jquery/plugins/scrolltopcontrol.min.js
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 70b988c5d868897603321ac8dfa5118d0c88f6c5270094590099645481272e54

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Wed, 21 Jun 2017 09:21:36 GMT
server: nginx
etag: "93f-55274e50be800-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1015
expires: Sat, 25 Mar 2023 02:06:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 24ms
13ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20236009-1

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d485e4194cd043509c4fd4b24c7a2ef9b058c3cce00a3da1dcc34598450fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44662
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 33ms
23ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-20TG1B1HKH

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7e2567e7967d1f0f3cef5c26006c8fbfa7f388e938c210d29104c26f057f9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 22ms
6ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2deab63b2d384d2e9fb1d80dfc54557cc7fd23289f9ee5eb514b43b613245255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27174
x-xss-protection: 0
server: sffe
etag: "1517 / 190 of 1000 / last-modified: 1679360970"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 37ms
25ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3746614883199587

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9f5d6d5442ac4f7057c161b519eb7b71e1688fda925f7aea6c321bc36b7d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Origin: https://szeman.nidbox.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48661
x-xss-protection: 0
server: cafe
etag: 14764910882743058164
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 1675326326_7d5bcc1d_82.jpg
pica.nidbox.net/82/b/ 112 KB
113 KB 369ms
369ms Image
image/jpeg 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/82/b/1675326326_7d5bcc1d_82.jpg
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 63148b7c0392b5c16c4e3f81f3dd5f834ee6f11de2a590cef9aeaf6da205da7a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Thu, 02 Feb 2023 08:25:26 GMT
server: nginx
etag: "1c0fd-5f3b34e968fc4"
x-cache-status: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 114941
expires: Thu, 20 Apr 2023 08:55:36 GMT

GET
H2 200 jquery.lockfixed.min.js Show response
pica.nidbox.net/jquery/ 1 KB
950 B 91ms
91ms Script
application/javascript 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://pica.nidbox.net/jquery/jquery.lockfixed.min.js
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: d720884cc342625fc7104a0b1fffc9c2f180155886a044fa128a235a71443fce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
last-modified: Sun, 09 Feb 2014 14:45:27 GMT
server: nginx
etag: "558-4f1fa4618efc0-gzip"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 677
expires: Sat, 25 Mar 2023 21:29:57 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2302 42 KB
16 KB 317ms
308ms Document
text/html 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=button_count&locale=zh_TW&show_faces=true&width=95&action=like&font=verdana&colorscheme=light&height=22

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

552af20ec21555b9ae0f8bc676b6bc1ca19848068e55d0e187cd4a7b1eddacc3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 21 Mar 2023 08:55:36 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: PyrE20CQ4ZbcI2O2WR1qNa1enMST3h7b3REoyObsrM2RQJZVIFc8NIsEvaGIucVMToXamQRxrhTbqb2IxdrXHQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E4A4 43 KB
16 KB 310ms
302ms Document
text/html 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=standard&show_faces=false&width=300&action=like&colorscheme=light

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a4b7be7c2216ce39ad8979e502166b1feac2ddaec31940d9484f3da82a540cd

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Tue, 21 Mar 2023 08:55:36 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: k0e1qVvuKRwyBCINDQGcVBE6yougsCPRHjhuwWCs4OWaoGRNvbz9TO7Ivijku+nHCW8/TAGhhwoRAsu0AwGEAw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 15ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?v2

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4a6211092546e8172d4a9dab28a9100f33a7a43ccf5240a19893c977fe64470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 08:55:36 GMT
content-md5: Hb/uU49749Mdb5VlVDXzJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: N1Ob/U1hNhvUbCztBAuGZCT43d8CYr5NYubJ4gW/iIGnRVObodwnSjVrP2IAAqBfj1f5Qkvqo8EoAEZ37N916w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 548340344
x-fb-content-md5: d38534b5aa413f220bf9d9a09d6e1dcf
cross-origin-opener-policy: same-origin-allow-popups
etag: "0e6a3d898fc8a9b1f8ab25510946ca89"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 21 Mar 2023 09:00:38 GMT

GET
H2 200 header.png
pica.nidbox.net/css/10006/ 71 KB
71 KB 95ms
94ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/css/10006/header.png
Requested by: Host: pica.nidbox.net
URL: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: ae2d99379f39bc0073a4dfbf57fe91d4146867dd9201b69a580dc8d24eaff966

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Tue, 25 Feb 2014 03:51:57 GMT
server: nginx
etag: "11b40-4f3330275d140"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 72512
expires: Fri, 31 Mar 2023 09:02:32 GMT

GET
H2 200 split_icon_blog.png
pica.nidbox.net/img/ 27 KB
28 KB 228ms
227ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/img/split_icon_blog.png?v3
Requested by: Host: pica.nidbox.net
URL: https://pica.nidbox.net/css/blog.min.css?b13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 302fee34d24c0da60697bd85fed29ac4a84527cbd4b7227b01736e3469eedf2e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pica.nidbox.net/css/blog.min.css?b13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Thu, 24 Oct 2019 09:58:58 GMT
server: nginx
etag: "6d3e-595a514ffbc80"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27966
expires: Fri, 31 Mar 2023 04:05:08 GMT

GET
H2 200 title2.png
pica.nidbox.net/css/10006/ 1 KB
1 KB 235ms
234ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/css/10006/title2.png
Requested by: Host: pica.nidbox.net
URL: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: bd4e12cc0920804d1957b76c746685b616f6f11a74640bbf80d5746b17c86ae9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Sun, 23 Feb 2014 15:16:00 GMT
server: nginx
etag: "440-4f31455218c00"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1088
expires: Fri, 31 Mar 2023 09:02:32 GMT

GET
H2 200 btn_bg.png
pica.nidbox.net/img/ 473 B
699 B 235ms
234ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/img/btn_bg.png
Requested by: Host: pica.nidbox.net
URL: https://pica.nidbox.net/css/blog.min.css?b13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 7213264d5b7cf1602cf91a951a978c9132ed5a5f5c8182083368229984242db8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pica.nidbox.net/css/blog.min.css?b13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Thu, 01 Aug 2013 07:42:11 GMT
server: nginx
etag: "1d9-4e2ddfad8bac0"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 473
expires: Fri, 31 Mar 2023 04:05:10 GMT

GET
H2 200 sidebar_title.png
pica.nidbox.net/css/10006/ 1 KB
1 KB 235ms
235ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/css/10006/sidebar_title.png
Requested by: Host: pica.nidbox.net
URL: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 8d233f9e095fe803ad6af7d849d60e71cb136b4da1620570f5a19d0728be0c1d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pica.nidbox.net/css/10006/blog10006.min.css?b13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Mon, 24 Feb 2014 02:46:00 GMT
server: nginx
etag: "49a-4f31df8c36a00"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1178
expires: Fri, 31 Mar 2023 09:02:32 GMT

GET
H2 200 index.php Show response
stg.truvidplayer.com/ 977 B
757 B 384ms
248ms Script
text/html 18.155.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=2946&playlist_id=2124&m=a&cb=7194583412577076
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-86.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e8fe6aa52c4c87f9a9ced6fc3cd0000a6a9056cd2b9536cb84e23e913f0061e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: gzip
via: 1.1 0e0ce09b6e10a8fc07c3a94faa7d2626.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: gpmncLaK9EwyO7J288QITlX0_MlQ9l5eujjvrXaJ-flBb8-mjGRdZw==

GET
H2 200 scrolltopcontrol_nidbox.png
pica.nidbox.net/jquery/plugins/ 4 KB
4 KB 194ms
194ms Image
image/png 139.162.123.98
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pica.nidbox.net/jquery/plugins/scrolltopcontrol_nidbox.png
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 139.162.123.98 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li1607-98.members.linode.com
Software: nginx /
Resource Hash: 6465192137e3e28ff31ee26d0f24f8593f2bfb8130af74f6d0db92275b60e1cd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
last-modified: Thu, 01 Aug 2013 07:40:46 GMT
server: nginx
etag: "e65-4e2ddf5c7bb80"
x-cache-status: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3685
expires: Fri, 31 Mar 2023 04:09:03 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 306 KB
87 KB 12ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=d31cf4991ea5c39bf92e1eb34a6e547c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?v2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0190265d315003af2f3edae0854901d772b16b2852353d7e1001432f7bd7c45e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://szeman.nidbox.com/
Origin: https://szeman.nidbox.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 08:55:36 GMT
content-md5: vScfIPRUEOQk/WAxDbuX/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88739
x-fb-rlafr: 0
x-fb-debug: L3exUqaiozwsMRw6+UbH6GNIIbGKvRq7pvxYlEYtWxBLxI2qOFTMBpblq4SDMBXqU9zZFAdAXYMBK0yjuhTnJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0d17c6584e7c3824980ad8a25f1fc1a4
cross-origin-opener-policy: same-origin-allow-popups
etag: "28cd178f80d3811065c3d8616fa0824f"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 20 Mar 2024 06:57:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
21ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20236009-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 08:22:35 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1981
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Mar 2023 10:22:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 19ms
17ms Script
application/javascript 2404:6800:4003:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-20TG1B1HKH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20236009-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81b6cab5ff0f7f04d40c1c319ecb39b67b77a10f6bd82ae93ed4be077600aed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78090
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 pubads_impl_2023031601.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 49ms
21ms Script
text/javascript 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 10:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136618
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:37:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Mar 2024 10:56:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
899 B 53ms
22ms XHR
application/json 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=szeman.nidbox.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd9ead7bfe8c849fb05178c33077cc3bc739aaba9bd245d19cfb24c0de7eeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 356
x-xss-protection: 0
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/ 350 KB
117 KB 135ms
93ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3746614883199587

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f339b2e7dd069a534f88fd4911623dbf2d3feced706c63db731dc9a67673c5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119453
x-xss-protection: 0
server: cafe
etag: 16158213859869541949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Mar 2023 08:55:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame BBE1 10 KB
5 KB 125ms
70ms Document
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3746614883199587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 16065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 04:27:51 GMT
etag: 2378337311435320485
expires: Tue, 04 Apr 2023 04:27:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
172 B 32ms
32ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-20TG1B1HKH&gtm=45je33f0&_p=685667674&cid=1482589211.1679388937&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679388936&sct=1&seg=0&dl=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&dt=RELX%E7%94%A8%E5%BE%8C%E9%AB%94%E9%A9%97%20-%20%E7%B5%95%E4%BD%B3!%E4%B8%8D%E9%8C%AF%E7%9A%84%E5%93%81%E7%89%8C%E9%81%B8%E6%93%87%20%40szeman%27s%20world%20-%20nidBox%E8%A6%AA%E5%AD%90%E7%9B%92%E5%AD%90&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-20TG1B1HKH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://szeman.nidbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 91ms
91ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=685667674&t=pageview&_s=1&dl=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&ul=en-us&de=UTF-8&dt=RELX%E7%94%A8%E5%BE%8C%E9%AB%94%E9%A9%97%20-%20%E7%B5%95%E4%BD%B3!%E4%B8%8D%E9%8C%AF%E7%9A%84%E5%93%81%E7%89%8C%E9%81%B8%E6%93%87%20%40szeman%27s%20world%20-%20nidBox%E8%A6%AA%E5%AD%90%E7%9B%92%E5%AD%90&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2018427434&gjid=1279182002&cid=1482589211.1679388937&tid=UA-20236009-1&_gid=1670388696.1679388937&_r=1&gtm=457e33f0&z=1708473183

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://szeman.nidbox.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://szeman.nidbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 199ms
81ms Script
application/javascript 2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=szeman.nidbox.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 176ms
84ms Script
application/javascript 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=szeman.nidbox.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
17 KB 455ms
455ms XHR
text/plain 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3095745194252614&correlator=343250144788329&eid=31072878%2C31073284%2C21065725&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=31938717%2CPC_PMP_970x250%2CPC_content_inread%2Cmobile_content_m1a_PRA%2Cmobile_content_m1b_PRA%2Cmobile_content_m1c_PRA&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%2C1x1%7C640x360%2C1x1%7C300x250%7C336x280%2C336x280%7C1x1%7C300x250%2C336x280%7C1x1%7C300x250&ifi=3&adks=3277228379%2C1921078029%2C3767587143%2C3851007444%2C3355915229&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679388936963&lmt=1679388936&dlt=1679388936126&idt=794&adxs=-9%2C235%2C-9%2C-9%2C-9&adys=-9%2C862%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&frm=20&vis=1&psz=0x-1%7C800x1365%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C800x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C4%2C2%2C2%2C2&ohw=0%2C1130%2C0%2C0%2C0&ga_vid=1482589211.1679388937&ga_sid=1679388937&ga_hid=685667674&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e107ea83c19407d699434214825aec73ce66a629252e132abc82fbcac3f59cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16525
x-xss-protection: 0
google-lineitem-id: 4697433756,5244703665,5157970761,5310935642,5309738040
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138235555081,138297824032,138285579384,138304361293,138304011275
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://szeman.nidbox.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAD5 6 KB
3 KB 186ms
74ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:55:37 GMT
expires: Wed, 20 Mar 2024 08:55:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
354 B 174ms
69ms XHR
text/plain 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-20236009-1&cid=1482589211.1679388937&jid=2018427434&gjid=1279182002&_gid=1670388696.1679388937&_u=YADAAUAAAAAAACAAI~&z=923563527

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://szeman.nidbox.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://szeman.nidbox.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame E4A4 299 B
565 B 45ms
44ms Image
image/png 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=standard&show_faces=false&width=300&action=like&colorscheme=light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: hG7hVADXyYCHE/lBuPpkFuM9x9A7UMWWbOxfGCRsiQlhgb6HsjT/fFfsCDyztvZyjFBCNEhxMOHS2tc85g3vuQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 17 Mar 2024 00:46:24 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 2302 299 B
446 B 44ms
44ms Image
image/png 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&layout=button_count&locale=zh_TW&show_faces=true&width=95&action=like&font=verdana&colorscheme=light&height=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-rlafr: 0
x-fb-debug: hG7hVADXyYCHE/lBuPpkFuM9x9A7UMWWbOxfGCRsiQlhgb6HsjT/fFfsCDyztvZyjFBCNEhxMOHS2tc85g3vuQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 17 Mar 2024 00:46:24 GMT

GET
H2 200 Z698wnSXsDa.js Show response
static.xx.fbcdn.net/rsrc.php/v3iTSw4/yL/l/zh_CN/ Frame E4A4 523 KB
135 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iTSw4/yL/l/zh_CN/Z698wnSXsDa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc3a49b852878223368310e52f71ad1ffbd253ec20225177f8d8d76493bef70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +8DYXagj2i6V0z9EzrDeYw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 137847
x-fb-rlafr: 0
x-fb-debug: owWGX/RZSLn6d63gshejxuMIBibXKT5+4e1hwz7uXdx/e7uffQOJjMjuOwROXvb2Zc8rKHHhNaO13/k3mG/U2w==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 15 Mar 2024 21:18:37 GMT

GET
H2 200 Z698wnSXsDa.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUNC4/yx/l/zh_TW/ Frame 2302 523 KB
135 KB 428ms
273ms XHR
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUNC4/yx/l/zh_TW/Z698wnSXsDa.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

355b6de36ccda0ba31ac1adb79ae1b1f1af54f5bd0a2b9f5b4e4d6b1e34185d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Qa+CUxkUDmzVji+Gvw8tqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 137876
x-fb-rlafr: 0
x-fb-debug: npr3gtAIw4eNKsE2NmKNQyupKqHzFLh2qLfzWBQFgZWMn/k0m01JHTDdgns+yFGZgzNhEfiHN3jMzSmiuJ0urQ==
x-fb-trip-id: 548340344
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 15 Mar 2024 21:22:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
605 B 401ms
268ms Script
text/javascript 2404:6800:4003:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=szeman.nidbox.com&callback=_gfp_s_&client=ca-pub-3746614883199587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a724376b2c361abb057b6d094aa6a1bba955a0cf9f6e5deeea866bfc0eb8e19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 106ms
106ms Image
image/gif 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=toolbar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 81E6 10 KB
4 KB 798ms
797ms Document
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746614883199587&output=html&adk=1812271804&adf=3025194257&lmt=1679388937&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679388936745&bpp=3&bdt=619&idt=274&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7387296165490&frm=20&pv=2&ga_vid=1482589211.1679388937&ga_sid=1679388937&ga_hid=685667674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31073105%2C31071265%2C21065725&oid=2&pvsid=3095745194252614&tmod=388809782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbaa8d3a94619218ff40e2222a63d940f0f8a4cdabd16619717c7aa372a12366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4337
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:55:37 GMT
expires: Tue, 21 Mar 2023 08:55:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 72A4 436 B
411 B 368ms
367ms Document
text/html 2404:6800:4003:c11::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746614883199587&output=html&h=435&slotname=1946875055&adk=3183792155&adf=2039955730&pi=t.ma~as.1946875055&w=615&lmt=1679388937&rafmt=11&format=615x435&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679388936748&bpp=2&bdt=622&idt=307&shv=r20230315&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7387296165490&frm=20&pv=1&ga_vid=1482589211.1679388937&ga_sid=1679388937&ga_hid=685667674&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=328&ady=887&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C31073105%2C31071265%2C21065725&oid=2&pvsid=3095745194252614&tmod=388809782&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EtVanNqaU3&p=https%3A//szeman.nidbox.com&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d5940877e30ed1d7ed9b04eb776cff35c37aa59288d57b1d5310c3c6f86fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:55:37 GMT
expires: Tue, 21 Mar 2023 08:55:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2946.js Show response
go.trvdp.com/init/ 6 KB
6 KB 377ms
11ms Script
binary/octet-stream 52.84.251.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/2946.js?pid=2124
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=2946&playlist_id=2124&m=a&cb=7194583412577076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-112.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95878c62e9d3b6d916fe64df348752935ab62cdc8785bfe476daa692e051bf79

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 07:14:38 GMT
via: 1.1 2e5c8abdb85052408706556682f77e82.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:04:11 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 3634859
etag: "288aa29c10e582a360ec151653315e7c"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5844
x-amz-cf-id: 5Nqq7S78JUOVChEAKfqSLAtrf2636KE0E72NP-SS02gjmDVjxR9w3g==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 304ms
17ms Image
image/gif 2404:6800:4003:c05::68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20236009-1&cid=1482589211.1679388937&jid=2018427434&_u=YADAAUAAAAAAACAAI~&z=555418036

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 300ms
14ms Image
image/gif 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-20236009-1&cid=1482589211.1679388937&jid=2018427434&_u=YADAAUAAAAAAACAAI~&z=555418036

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC00 0
0 13ms
13ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJE94iLgdwMeQ896LcPXSwFtdUnH1qcBgF0tmYSbrd-53KmU2jPBmApgD2Ex5XZCxUYayJ5qd3OBapi-uQH1rD2b7xkv6UaiFSgY2k9IPSR8YrRS-8_LKYc-5yMlk_Yov57rq1000UB8IrksqCNxVA9yf0yu2SzbUxjAUCvahB7D_Rtx9HQR5xXmFzwySexrRMjwWtuxqcUWmmUWJm4KWAf5OqbNSyxMxnjxU2cXqtoTXS6DaBu3SqTetsT9DwsyXZxd_k8Qqbje1hXAG5-Au4KsO9PDGX2Ec4g_4COi3-yYO2Pq-gum_GiplB6pCQMo9ZOpwq4A&sai=AMfl-YQpoLdL4GZk7inuyEpfuJ5cDUaYakXaRoKwv0o6k7YomNTVzw1Ls0oBdujwleAX_hTf6SVsZh5-KSSOQuUqLFbSTu7RW6lLM8M4521B5ISJlKmpUCecHNzTEk6E4VIC1YGZrE4Fxlr4fF4b3Wc&sig=Cg0ArKJSzC9MJeKbfBj5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Mar 2023 08:55:37 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ 76 KB
23 KB 51ms
6ms Script
application/javascript 54.192.150.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: szeman.nidbox.com
URL: https://szeman.nidbox.com/diary/read/10193351
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-68.sin2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3c86f230dc3d03bd32e9583d60c05b3d8381f2ac7c91c803c79c2c0dbf40a7ce

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:54:58 GMT
content-encoding: gzip
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
last-modified: Mon, 20 Mar 2023 03:48:05 GMT
server: nginx/1.12.1
x-amz-cf-pop: SIN2-C1
age: 40
etag: W/"6417d775-12f95"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-id: YNPRdLgzjm2xX2EBL14Xbpu1FnZppMZnClLM8REPLjTu5CHW2ZlmFw==
expires: Tue, 21 Mar 2023 09:09:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC00 158 KB
49 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Mar 2023 08:55:37 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC00 0
0 9ms
8ms Fetch
image/gif 2404:6800:4003:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXW4agYowJfQ3JsjRX325LhWqzt21H6wIHNXbcKUYlH2-lU2kBDdDyHByXfxOWR2uW2sSuX-bifng1acXReD-FJpPPgxvlXqprPxabi2x16L436Uya6BUyytaYd1tvqROhG5M-3MT2OAE0T_l9YfKYGrIkD9UIwIQFE_Su3q4SS5yPV9JxhZ-lW1U8uhetV8Ot499Bvispewn4JtLpAnqnmaEYwt7lW6WbM6EAkokZznkMBHbSkFCrJUhz6uDh1soQpxCcs645-_P9-njGCKCsM6bFqvpWS4ry4tzEUquHRY35w6I1doLtcIDwjqDo60hVwH7Orpfy&sai=AMfl-YRtwXwSPBJnDib3sMd2iBYYxZbYnypAjxjphFii6mQTQa4GpCiJO1stW8h75wj3ci4VRQFkhqcNea3e_4n238BtDInipXt2jd22qyTiwkykln8t527f_rGx9Ihltdhg7ARE8DMRzMay0yQ7uAw&sig=Cg0ArKJSzDFGgyIOQEw3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 21 Mar 2023 08:55:37 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
3 KB 226ms
226ms XHR
application/json 18.155.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=597&wid=2946&cb=7364.0559184283275&pid=2124&url=https%3A%2F%2Fszeman.nidbox.com%2Fdiary%2Fread%2F10193351
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/2946.js?pid=2124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-86.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: d0b935cae91e4b9c23bcf64fb8ce432b34da171a4c11fea72cd7441d38f59de4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: gzip
via: 1.1 0e0ce09b6e10a8fc07c3a94faa7d2626.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://szeman.nidbox.com
access-control-allow-credentials: true
x-amz-cf-id: BlFOxeSV8nzyXjYuCWTNC3z1PzP6MT-ThuBUDDCFheh3g0ayFJ8eMQ==

GET
H2 200 17495.json Show response
img.scupio.com/js/config/ 746 B
1 KB 174ms
162ms XHR
application/json 54.192.150.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17495.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-68.sin2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3bfd20ab5baa1a7d1b858d69e0cd4203d4f61e08483ba912e18c09e866d97978

Request headers

Accept: application/json, text/javascript, */*
Referer: https://szeman.nidbox.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
via: 1.1 3227fb8d08d4021d78aad88753ced298.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 02:20:53 GMT
server: nginx/1.12.1
x-amz-cf-pop: SIN2-C1
etag: "64191485-2ea"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 746
x-amz-cf-id: Df9LUqoa4POtPP-4XAhEG1Vpsv9wOlRTnmOVDpUdZcFNd3qkzpFmPA==
expires: Tue, 21 Mar 2023 11:55:37 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
720 B 591ms
117ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17495&cb=0.8914190439252785
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: https://szeman.nidbox.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 21 Mar 2023 08:55:37 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json
Access-Control-Allow-Origin: https://szeman.nidbox.com
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 0

GET
H2 200 mv.html Show response
img.scupio.com/html/ Frame 21B1 127 KB
38 KB 6ms
5ms Document
text/html 54.192.150.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/mv.html?v=1.0.143
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-68.sin2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9fd5ec7f5b99890f907f401505fa3dbfb2393bd9a7a66ea315a5e356bdf36985

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 1048
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 08:38:17 GMT
etag: W/"63071a85-1fc3b"
expires: Thu, 20 Apr 2023 08:38:09 GMT
last-modified: Thu, 25 Aug 2022 06:45:25 GMT
server: nginx/1.12.1
vary: Origin
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
x-amz-cf-id: tz8Gk0xLnbHOfIbK2OsknF5glf8mdOrD4BszSBx2gWLkyAeW9GEx5Q==
x-amz-cf-pop: SIN2-C1
x-cache: Hit from cloudfront

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 21B1 236 KB
83 KB 7ms
7ms Script
application/javascript 54.192.150.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.143
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-68.sin2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/html/mv.html?v=1.0.143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:53:52 GMT
content-encoding: gzip
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 05:54:43 GMT
server: nginx/1.12.1
x-amz-cf-pop: SIN2-C1
age: 108
etag: W/"62ba97a3-3b047"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: nyUMgzhhaaczvtCKlJ3Z_fDAnhXVQYgRQ_D9f3hIF4-uVL0Enr9MaQ==
expires: Thu, 20 Apr 2023 08:53:49 GMT

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 21B1 107 B
503 B 5ms
5ms XHR
application/json 54.192.150.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-68.sin2.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 34511c8c9b1145125b7ace359bd670d568d7e6ade811b9e2e1e60015ed857078

Request headers

Referer: https://img.scupio.com/html/mv.html?v=1.0.143
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Mar 2023 08:52:32 GMT
via: 1.1 41fd6d5d31b98dbe4a4504a337ab4b96.cloudfront.net (CloudFront)
last-modified: Mon, 20 Mar 2023 19:15:04 GMT
server: nginx/1.12.1
x-amz-cf-pop: SIN2-C1
age: 185
etag: "6418b0b8-6b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 107
x-amz-cf-id: 5xSa8M2-20WAn1Y-5rBuDlrniou6z2lRQNhtiIqK0Rzqb6kmRLM4iw==
expires: Tue, 21 Mar 2023 11:52:32 GMT

POST
H/1.1 200
OK videoad.aspx Show response
bw.scupio.com/adpinline/ Frame 21B1 74 B
958 B 662ms
309ms XHR
text/xml 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/videoad.aspx?cb=0.8588399776660376
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/mv.html?v=1.0.143
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 21 Mar 2023 08:55:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Content-Type: text/xml; charset=utf-8
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Length: 185

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 21B1
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=9ctCSgGhDpKVn4UUCXEZZA

2 B
169 B

57ms
56ms

XHR
application/json

34.96.119.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=9ctCSgGhDpKVn4UUCXEZZA
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Tue, 21 Mar 2023 08:55:37 GMT
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=9ctCSgGhDpKVn4UUCXEZZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 21B1 0
216 B 23ms
13ms XHR
text/plain 2406:2600:7:100::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=23880291795

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 21B1 0
177 B 21ms
9ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 21 Mar 2023 08:55:37 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 21B1 0
176 B 97ms
28ms XHR
text/plain 209.58.168.56
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A2A399A76969D64F3AED8476BAE28B&tdid=&schain=1.0%2C1!scupio.com%2C3424%2C1%2C%2C%2C&eids=&pubcid=d5ebc5e6-7b9c-47c4-b75c-7143387eaf35&u=https%3A%2F%2Fimg.scupio.com&host=img.scupio.com&xr=0&ao=https%3A%2F%2Fszeman.nidbox.com&ucfUid=82b46cd2-ab86-434b-82d5-d5d7b42818f4&w=336&h=280
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.58.168.56 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Tue, 21 Mar 2023 08:55:37 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 21B1 0
219 B 297ms
94ms XHR
text/html 13.115.84.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1679388937608&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.115.84.134 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-115-84-134.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 21 Mar 2023 08:55:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 21B1 0
285 B 352ms
93ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5940466340886235
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.181 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 21 Mar 2023 08:55:37 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 21B1 262 B
821 B 1391ms
264ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=235484&zone_id=1745766&size_id=16&alt_size_ids=232&rp_schain=1.0,1!scupio.com,3424,1,,,&eid_pubcid.org=d5ebc5e6-7b9c-47c4-b75c-7143387eaf35%5E1&rf=https%3A%2F%2Fszeman.nidbox.com%2F&tk_flint=pbjs_lite_v6.21.0-pre&x_source.tid=12c4031c-66d7-4391-9474-5abb1da83a61&l_pb_bid_id=14fdebf18a53a5c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08173485932185032
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9213b2d52bf5adf7c35fda6d01ddbff041ec795d2d62b2b7fb5f364b40726501

Request headers

Referer: https://img.scupio.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://img.scupio.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 262
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.802/ 476 KB
130 KB 27ms
6ms Script
application/javascript 13.33.88.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.802/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/2946.js?pid=2124
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-41.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:14:08 GMT
content-encoding: br
via: 1.1 09c63a510feb1b96fe87d2cfe41d34ae.cloudfront.net (CloudFront)
last-modified: Mon, 13 Feb 2023 13:09:34 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 3001289
etag: W/"af85b8e97ffce21514cfccbb7a8c96a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: EP20EH-pV_7sd6kGgWHYekbCECKfa27dJHUgQpd-KpO2jbQ_i8eJSw==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
726 B 972ms
254ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=szeman.nidbox.com&l1=2946&l2=nidbox.com&l3=SG&l4=desktop&l5=5.802&cb=0.979457971338636
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Mar 2023 08:55:38 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://szeman.nidbox.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 12ms
11ms XHR
application/json 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd7a76d888b266adb7b48cfe44a79b26a2f30afae860a3b241fc11c28b87ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11208
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 124ms
111ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 08:55:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC4F 13 KB
5 KB 13ms
11ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 301544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 21:09:54 GMT
expires: Sat, 16 Mar 2024 21:09:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E881 783 B
967 B 16ms
15ms Document
text/html 2404:6800:4003:c05::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3b8aa5082e37697c42711fbcf8e9b95bdfc9c87b6d665dc165d98fa81d19b31

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kmDZo_Ya4WFn0lhS1p8dOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-kmDZo_Ya4WFn0lhS1p8dOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:55:38 GMT
expires: Tue, 21 Mar 2023 08:55:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E881 0
0 11ms
11ms Image
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031601&jk=3095745194252614&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame BC4F 36 KB
14 KB 14ms
13ms Script
text/javascript 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 18:03:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC4F 0
10 B 7ms
7ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Cynx-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 10ms
10ms Image
text/html 2404:6800:4003:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=3095745194252614&bg=!cnGlcSXNAAZEjmHWZI47ADkAdvg8Wj2vgvxQIQ-MkrNjp_daCmaAvDGAFekKzDC54mlJgMFXqzl8Kb7TDU7LX1VAObDPPDtdDYQCAAAAWVIAAAABaAEHCgAHQss202ro0ZkCowIOvRFSCyiwhzI2ERX5OSSSUJyyfrWDthOkBOaHE5pME5nfk_QCUqfFdkk1lg0G-oSLbwWCNZV7HnsThlSuzzRmdvciLPsuOdE2dDOHmPJr3FSG93Ff0UlKIkzynVizYxiQc9X5j_Cy5nraOocJnpHmDEKnqYQ4ehOxE3iy6nfzLJLSKdusMLJ9tk7FFkb8T3G8kSTdOFkdYJXqEQZb8pb_ePkpF7ySmccfTFqt3JiVQ_wIWPsIM7S8g37Sq39cdq05IqjQcEqZlJ_6ZUP5lWC1cEFsKXTIMztlninneB5ziCSQzPqytr0jf620SfbvZNoQxKyZhwobmg2RvV4rtyRxIZ6LO-vlJOpz3LzYOexMizIH91VaLrho_G1D14qWaZ2ZDzglZvLwjLhQFUMmE0R-_FgKO2mjwR8sKRnNYrZT_QqV5Dl4-n-c4z9NpZbbfPS32WbSfHKIKLOTC44zmCf-aPX13gEGRQmDazMvU9FK2bXdofC1FVs4rDOXn1RT9blu8tx0XTFQhGFyhFZh9VCsclmVJ77i2qpo2HX-BCZQ1fWU1r2lmL_Lad3bdWs47t45thwGO_RDOarIj132qupHshUOOtbkVdmANmHbHyqhANmkFny9xF_bVS1M6gUT-m8Frys-MuSupzPxxjU1avNRF9QeQGZ5zLQ10uKqKEUZMBhl6jftFCEuug8nf4_M1YZxkmStbVjeJUT3LJ88rFZrchDA-UzVJjegTNupN6n4yYdYG1llZ5ix80WMK_bB0Zws-uAtABM1LNISL6J_VVHaE1umAKSfXv6LHkQCzHMl6iMTZJxhVsPg4NY0agJRJTdEp0z7v9jtC2dWLuU_6Gm9ELdYi9wlZ6zZR3Lhs8dHOGAx16mJOjXhzPMBhztKz3sOgQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://szeman.nidbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.802/ Frame EF65 0
326 B 228ms
228ms Document
text/html 18.155.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.802/prtct.php?val=f&geo=SG&timestamp=1679388939&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.802/ins.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-86.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://szeman.nidbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 08:55:38 GMT
server: nginx
via: 1.1 0e0ce09b6e10a8fc07c3a94faa7d2626.cloudfront.net (CloudFront)
x-amz-cf-id: 2lo01U5ypEHk1h4JvSfjxDGG2kVHdra-cgr-HiDcpDz38qNFT25qMw==
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 21B1 87 KB
28 KB 26ms
8ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Mar 2023 08:55:39 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D32 15 KB
6 KB 33ms
15ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=szeman.nidbox.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:55:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 481502
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 21B1 89 KB
29 KB 300ms
153ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 22 Mar 2023 08:55:39 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D32
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=szeman.nidbox.com&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=aQaw43xXUnQvbjdMVGY3ZWp0eHduWitqRjNlUTlhWk9FK0RoNi82ZVFhRno4R2M0UWlkNmVIOGJ0MVJLdVByYTFaVDlCdlZtMHdGRlR3ZXhzSFMrcVI0NDdWZzhKQTNaSktxWGUxUUQ3MzkyRlBzRVdzZTk0RzNqVXpwNz...

441 B
656 B

37ms
8ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aQaw43xXUnQvbjdMVGY3ZWp0eHduWitqRjNlUTlhWk9FK0RoNi82ZVFhRno4R2M0UWlkNmVIOGJ0MVJLdVByYTFaVDlCdlZtMHdGRlR3ZXhzSFMrcVI0NDdWZzhKQTNaSktxWGUxUUQ3MzkyRlBzRVdzZTk0RzNqVXpwNzA0bEZrQ0VtNkxudllkd0Rud0t4dzNBWE1QQmQ2emxpS0RUdDBDemozVFVVSG01OUhxREkxMFBXNUl2bjBrWXlSUDlvdFNLN00yVGtuNVkya1ovOGs4cTJheVB5Wm8zWnJqcElxTWpEUCt5K3l1d0RxVWQwL3JBWGVpcERIK09mSGd6SkhIVkF1SHdUdGdKZCtwQTFXeVdrNkVEa25GVm0zRW1ZRzZWd1llMXFPekZoU0lQVT18&cppv=2

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

744a6b28c196ecac31132e9247972653ac6d14ee36f34ebe00af70e50b2bf517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3443765
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=aQaw43xXUnQvbjdMVGY3ZWp0eHduWitqRjNlUTlhWk9FK0RoNi82ZVFhRno4R2M0UWlkNmVIOGJ0MVJLdVByYTFaVDlCdlZtMHdGRlR3ZXhzSFMrcVI0NDdWZzhKQTNaSktxWGUxUUQ3MzkyRlBzRVdzZTk0RzNqVXpwNzA0bEZrQ0VtNkxudllkd0Rud0t4dzNBWE1QQmQ2emxpS0RUdDBDemozVFVVSG01OUhxREkxMFBXNUl2bjBrWXlSUDlvdFNLN00yVGtuNVkya1ovOGs4cTJheVB5Wm8zWnJqcElxTWpEUCt5K3l1d0RxVWQwL3JBWGVpcERIK09mSGd6SkhIVkF1SHdUdGdKZCtwQTFXeVdrNkVEa25GVm0zRW1ZRzZWd1llMXFPekZoU0lQVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 350678
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 226ms
75ms Preflight
application/json 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fszeman.nidbox.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://img.scupio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 21 Mar 2023 08:55:41 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 461449
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 21B1
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fszeman.nidbox.com%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=Ew7UyHxZcmpRQUJVeEVCaDZYUHJjbllnTGNTUW1lQ3VnSmtaTmtUNDd3S1pCbVQrbnRNNnNOb0JxbmltRHN2QnBwZk9DeWJmb1FjWVVXWitONkpmUTdWOE5qR2VBbHprNXVMdUdxWWpJb3k1RmdkdVQ1SWMvVWNFUXZJUn...

426 B
697 B

12ms
11ms

XHR
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ew7UyHxZcmpRQUJVeEVCaDZYUHJjbllnTGNTUW1lQ3VnSmtaTmtUNDd3S1pCbVQrbnRNNnNOb0JxbmltRHN2QnBwZk9DeWJmb1FjWVVXWitONkpmUTdWOE5qR2VBbHprNXVMdUdxWWpJb3k1RmdkdVQ1SWMvVWNFUXZJUnpYY3lRTnhRTFZ6MEJrZGVkNXNFbmtvY2NrU3pCRmhZY2RMbGVpYmZ6L3A3akhXVkdCdVRjeUJjZkdLN0crNjFFejF6YU05RlZBYWY5T2NlZCtmeG9QYWNnQ2h3cjdia2tKYlFmd0lnYzF1S3UzN2U4TzdubDR4ZS8wbUVxSHdTbkZrOUJKcVVrMU5jdkVaVFovdHdxM3VESXArOHkxbmpsVVFGRXp6L0JNR3ZYL1RTVTdCbz18&cppv=2

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4ec6e56d0179f3ae2ea779952f6e171eaed2563032029a683480004dd7561b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2189064
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=Ew7UyHxZcmpRQUJVeEVCaDZYUHJjbllnTGNTUW1lQ3VnSmtaTmtUNDd3S1pCbVQrbnRNNnNOb0JxbmltRHN2QnBwZk9DeWJmb1FjWVVXWitONkpmUTdWOE5qR2VBbHprNXVMdUdxWWpJb3k1RmdkdVQ1SWMvVWNFUXZJUnpYY3lRTnhRTFZ6MEJrZGVkNXNFbmtvY2NrU3pCRmhZY2RMbGVpYmZ6L3A3akhXVkdCdVRjeUJjZkdLN0crNjFFejF6YU05RlZBYWY5T2NlZCtmeG9QYWNnQ2h3cjdia2tKYlFmd0lnYzF1S3UzN2U4TzdubDR4ZS8wbUVxSHdTbkZrOUJKcVVrMU5jdkVaVFovdHdxM3VESXArOHkxbmpsVVFGRXp6L0JNR3ZYL1RTVTdCbz18&cppv=2
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 360566
content-length: 0
expires: 0

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame 21B1
Redirect Chain

https://sync.aralego.com/idSync
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=Y2I0YWJkZWMtNTU0YS0zOTQ1LTg4MmItNTk0Yzc0ODVlYzVh&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
655 B

29ms
12ms

Image
image/png

2606:4700:20::681a:567

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Server: 2606:4700:20::681a:567 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:55:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13398
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
cf-bgj: imgq:85,h2pri
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSFh1KSlQAvc21JWE2nMgnlQeqOcwOyCRCVnLoVxBVZYxcBTAVrAawAUhEas6fbOmS6nPTQQfwxIE1lm8vhoxAwURh2oPV4O%2Bf4A4lZ8YcjTQ9iSFKH45DpjIi25HSvoDCOBrGUEwswbBsQMhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ab4fa3919743fe5-SIN

Redirect headers

pragma: no-cache
date: Tue, 21 Mar 2023 08:55:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cdn.aralego.net/img/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

cm
c.holmesmind.com/ Frame 21B1
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 10ms
4ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 21 Mar 2023 08:55:42 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 237835
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.holmesmind.com
URL: https://c.holmesmind.com/cm?tc=getIn&

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nidbox.com/	1969-12-31 23:59:59	Name: csrf Value: 001f8d336cfa873a929e012ce9b486f8
.nidbox.com/	1970-01-20 12:53:48	Name: IID Value: 8g627xc997
.nidbox.com/	1969-12-31 23:59:59	Name: rid Value: 18ab295
.nidbox.com/	1970-01-20 10:31:15	Name: cad Value: 1
.nidbox.com/	1970-01-20 10:44:12	Name: lsec Value: 370588935
.nidbox.com/	1969-12-31 23:59:59	Name: session Value: gT5OtQ7bvOLb_n4e_gOhBJXoxc4gUmUTynC.9hWsBRJo4-evONbf_F0GcOtXgDPTK43aI9FMa6CKAiHE.2eCzpLbTsRpa6rKVU5PgKZAxQwMIo2bUrJrcMtV9Af84UWFvY_EyGrj_uThjCegCUPDuoPDaCBCChEt.Keo_0RpIZ-xAIhG3J5wKfFAKWsXIkzzcRC8CTxn.lGP0p7yVZyccRCWV5ThgWZVtsC4ElpbwNTMCxMqPAa8-W_PE-Gv6Dih
.nidbox.com/	1970-01-20 20:05:48	Name: _ga_20TG1B1HKH Value: GS1.1.1679388936.1.0.1679388936.0.0.0
.nidbox.com/	1970-01-20 20:05:48	Name: _ga Value: GA1.2.1482589211.1679388937
.nidbox.com/	1970-01-20 10:31:15	Name: _gid Value: GA1.2.1670388696.1679388937
.nidbox.com/	1970-01-20 10:29:48	Name: _gat_gtag_UA_20236009_1 Value: 1
.nidbox.com/	1970-01-20 19:51:24	Name: __gads Value: ID=3d684d3597d27d33:T=1679388937:S=ALNI_MYtpCQzjxNvuZHcHa6e0Zdds42Wqw
.nidbox.com/	1970-01-20 19:51:24	Name: __gpi Value: UID=00000bdc9dec5e54:T=1679388937:RT=1679388937:S=ALNI_MZT2eX9WRJksU-GbgtfgXPI1oS7dw
.doubleclick.net/	1970-01-20 20:05:48	Name: IDE Value: AHWqTUmoI1p87JOJFNMPYGYPzLEzPcCtaVmVneBFwGatjfJ6K6xRrB8Nq7yoDuCGmyQ
.doubleclick.net/	1970-01-20 10:29:49	Name: test_cookie Value: CheckForPermission
.c.appier.net/	1970-01-20 19:15:24	Name: _auid Value: 9ctCSgGhDpKVn4UUCXEZZA
.scupio.com/	1970-01-20 20:05:48	Name: OrgKeyValue Value: CFA20230321165538749384
rt.ad-score.com/	1970-01-20 20:05:48	Name: token Value: fuWbCAKsmmCMG-w7n4-FjSkWYTesFLFp
.nidbox.com/	1970-01-20 11:56:12	Name: truvid_protected Value: {"val":"f","level":0,"geo":"SG","timestamp":1679388939}
.rubiconproject.com/	1970-01-20 19:15:24	Name: khaos Value: LFI0TAOZ-24-JD53
.rubiconproject.com/	1970-01-20 19:15:24	Name: audit Value: 1\|WD0cx+9RTMJkDFCCI6bANmHpDPrT40mPuNe9KgcK9NSs4TSv0kZpST3pp0stGFZYeEUsA+feLr/sNdn5YLalgeBxGCOXoSK1VxqRu6tNXkvc6UO785F0Pw==
.criteo.com/	1970-01-20 19:51:24	Name: uid Value: 72e82be4-c65d-4622-9e19-a01a5d369bd3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3402fcfb603a3394675dc68fd11e04a2.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
adservice.google.com
adservice.google.com.sg
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.aralego.net
cm.g.doubleclick.net
connect.facebook.net
fastlane.rubiconproject.com
go.trvdp.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
img.scupio.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pica.nidbox.net
prebid-asia.creativecdn.com
prebid.scupio.com
rt.ad-score.com
s.trvdp.com
securepubads.g.doubleclick.net
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync.aralego.com
szeman.nidbox.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
c.holmesmind.com
103.132.192.30
107.167.188.58
13.115.84.134
13.33.88.41
139.162.123.98
139.162.38.30
18.155.68.86
182.161.73.136
2001:4860:4802:32::178
209.58.168.56
209.58.171.197
210.59.219.180
210.59.219.181
2404:6800:4003:c00::5e
2404:6800:4003:c01::9c
2404:6800:4003:c02::9c
2404:6800:4003:c02::9d
2404:6800:4003:c03::84
2404:6800:4003:c03::9c
2404:6800:4003:c04::61
2404:6800:4003:c04::9c
2404:6800:4003:c05::68
2404:6800:4003:c05::9b
2404:6800:4003:c11::84
2404:6800:4003:c11::9c
2406:2600:7:100::1
2406:2600:7:100::12
2406:2600:7:100::9
2602:803:c006:158::65
2606:4700:20::681a:567
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
34.96.119.68
35.208.216.174
52.84.251.112
54.192.150.68
74.125.24.154
0190265d315003af2f3edae0854901d772b16b2852353d7e1001432f7bd7c45e
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
17bd1c297a7fd1221272d080053f887bb97c03bfc16d6f96bdd7f08bf87dbbd5
1d485e4194cd043509c4fd4b24c7a2ef9b058c3cce00a3da1dcc34598450fa28
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2deab63b2d384d2e9fb1d80dfc54557cc7fd23289f9ee5eb514b43b613245255
2fdbb7173df58151a3b9cee1ad593e7ad40b39584dc4599357d62d565fa90e6e
302fee34d24c0da60697bd85fed29ac4a84527cbd4b7227b01736e3469eedf2e
32bef405edc80eb23a5640fad152387651b0a61b1e5248e968f05d2a659f19f5
34511c8c9b1145125b7ace359bd670d568d7e6ade811b9e2e1e60015ed857078
355b6de36ccda0ba31ac1adb79ae1b1f1af54f5bd0a2b9f5b4e4d6b1e34185d1
3bfd20ab5baa1a7d1b858d69e0cd4203d4f61e08483ba912e18c09e866d97978
3c86f230dc3d03bd32e9583d60c05b3d8381f2ac7c91c803c79c2c0dbf40a7ce
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a4b7be7c2216ce39ad8979e502166b1feac2ddaec31940d9484f3da82a540cd
4dd9ead7bfe8c849fb05178c33077cc3bc739aaba9bd245d19cfb24c0de7eeb6
4ec6e56d0179f3ae2ea779952f6e171eaed2563032029a683480004dd7561b60
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
552af20ec21555b9ae0f8bc676b6bc1ca19848068e55d0e187cd4a7b1eddacc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59da4a71d82230fb1281af82cfe824c6b459bafa0739ab1f6ec9c7be76036364
5e107ea83c19407d699434214825aec73ce66a629252e132abc82fbcac3f59cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63148b7c0392b5c16c4e3f81f3dd5f834ee6f11de2a590cef9aeaf6da205da7a
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6465192137e3e28ff31ee26d0f24f8593f2bfb8130af74f6d0db92275b60e1cd
6bc4faadac92d5e492f77905814d8faa4ec9c8b6c1230dbce19472bdab0d92a8
70b988c5d868897603321ac8dfa5118d0c88f6c5270094590099645481272e54
7213264d5b7cf1602cf91a951a978c9132ed5a5f5c8182083368229984242db8
744a6b28c196ecac31132e9247972653ac6d14ee36f34ebe00af70e50b2bf517
7fd7a76d888b266adb7b48cfe44a79b26a2f30afae860a3b241fc11c28b87ab1
81b6cab5ff0f7f04d40c1c319ecb39b67b77a10f6bd82ae93ed4be077600aed6
8d233f9e095fe803ad6af7d849d60e71cb136b4da1620570f5a19d0728be0c1d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9213b2d52bf5adf7c35fda6d01ddbff041ec795d2d62b2b7fb5f364b40726501
938a4ea6e586e05ca77c77f91ae7bc52f0b07e2978c28a8ff1128f0a630f0e8d
95878c62e9d3b6d916fe64df348752935ab62cdc8785bfe476daa692e051bf79
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
9fd5ec7f5b99890f907f401505fa3dbfb2393bd9a7a66ea315a5e356bdf36985
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a6211092546e8172d4a9dab28a9100f33a7a43ccf5240a19893c977fe64470
a724376b2c361abb057b6d094aa6a1bba955a0cf9f6e5deeea866bfc0eb8e19f
ae2d99379f39bc0073a4dfbf57fe91d4146867dd9201b69a580dc8d24eaff966
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b7e2567e7967d1f0f3cef5c26006c8fbfa7f388e938c210d29104c26f057f9bd
b8d5940877e30ed1d7ed9b04eb776cff35c37aa59288d57b1d5310c3c6f86fc2
bd4e12cc0920804d1957b76c746685b616f6f11a74640bbf80d5746b17c86ae9
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbaa8d3a94619218ff40e2222a63d940f0f8a4cdabd16619717c7aa372a12366
ccf764b9e3b96507a1b66d1b32d826612c1223f3b73fa68fc0f6524375e30b0a
d0b935cae91e4b9c23bcf64fb8ce432b34da171a4c11fea72cd7441d38f59de4
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d720884cc342625fc7104a0b1fffc9c2f180155886a044fa128a235a71443fce
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe6aa52c4c87f9a9ced6fc3cd0000a6a9056cd2b9536cb84e23e913f0061e4
ec9f5d6d5442ac4f7057c161b519eb7b71e1688fda925f7aea6c321bc36b7d75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f339b2e7dd069a534f88fd4911623dbf2d3feced706c63db731dc9a67673c5ca
f3b8aa5082e37697c42711fbcf8e9b95bdfc9c87b6d665dc165d98fa81d19b31
fc3a49b852878223368310e52f71ad1ffbd253ec20225177f8d8d76493bef70b
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

szeman.nidbox.com Open in urlscan Pro 107.167.188.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

94 %HTTPS

54 %IPv6

25 Domains

40 Subdomains

35 IPs

4 Countries

1678 kBTransfer

4894 kBSize

21 Cookies

10 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

szeman.nidbox.com Open in urlscan Pro
107.167.188.58 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

94 %
HTTPS

54 %
IPv6

25
Domains

40
Subdomains

35
IPs

4
Countries

1678 kB
Transfer

4894 kB
Size

21
Cookies

85 HTTP transactions
0 data transactions