sajuabc.com Open in urlscan Pro
143.198.80.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sajuabc.com/
Effective URL:
https://sajuabc.com/
Submission: On January 15 via api (January 15th 2024, 9:36:24 pm UTC) from US — Scanned from SG

Summary HTTP 183 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 17 domains to perform 183 HTTP transactions. The main IP is 143.198.80.28, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is sajuabc.com.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.

This is the only time sajuabc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	143.198.80.28 143.198.80.28	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4003:c03::61	15169 (GOOGLE) (GOOGLE)
32	2404:6800:400... 2404:6800:4003:c11::9b	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c1c::8b	15169 (GOOGLE) (GOOGLE)
1 1	211.249.220.43 211.249.220.43	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
1	2403:e800:e80... 2403:e800:e80b::2a63:8cbb	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	2620:1ec:bdf::59 2620:1ec:bdf::59	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2404:6800:400... 2404:6800:4003:c03::5e	15169 (GOOGLE) (GOOGLE)
1 21	2404:6800:400... 2404:6800:4003:c01::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c04::8b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
3	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2404:6800:400... 2404:6800:4003:c00::84	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c03::94	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
7 9	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
7 12	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2607:f8b0:402... 2607:f8b0:4023:1413::78	15169 (GOOGLE) (GOOGLE)
2	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
2 2	2404:6800:400... 2404:6800:4003:c02::66	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:19::6	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:11::7	15169 (GOOGLE) (GOOGLE)
1 4	74.125.200.149 74.125.200.149	15169 (GOOGLE) (GOOGLE)
1 2	20.205.115.81 20.205.115.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	142.251.175.154 142.251.175.154	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::67	15169 (GOOGLE) (GOOGLE)
183	30

37 143.198.80.28 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1038800.cloudwaysapps.com

sajuabc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c04::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2404:6800:4003:c11::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c1c::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.249.220.43 (Korea, Republic Of) 1 redirects

ASN7625 (DAUM-AS Kakao Corp, KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2403:e800:e80b::2a63:8cbb (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)

t1.kakaocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::59 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c03::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4003:c01::9a (Singapore, Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4003:c00::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::94 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c00::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.24.156 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.36.155 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.43.90.178 (Singapore, Singapore) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4023:1413::78 (Columbus, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::66 (Singapore, Singapore) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:19::6 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

r1---sn-npoe7ns7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:11::7 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

r2---sn-npoeenee.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.205.115.81 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f154.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::67 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	585 KB
38	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 ad.doubleclick.net — Cisco Umbrella Rank: 163 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	171 KB
37	sajuabc.com 1 redirects sajuabc.com	580 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2	130 KB
13	gstatic.com fonts.gstatic.com csi.gstatic.com	79 KB
12	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	8 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	7 KB
8	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 336 gcdn.2mdn.net — Cisco Umbrella Rank: 1402 r1---sn-npoe7ns7.c.2mdn.net — Cisco Umbrella Rank: 491962 r2---sn-npoeenee.c.2mdn.net — Cisco Umbrella Rank: 551948	3 MB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 imasdk.googleapis.com — Cisco Umbrella Rank: 485	274 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 t.clarity.ms — Cisco Umbrella Rank: 6984 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	764 B
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 13364	408 B
1	kakaocdn.net t1.kakaocdn.net — Cisco Umbrella Rank: 19491	36 KB
1	kakao.com 1 redirects developers.kakao.com — Cisco Umbrella Rank: 68989	139 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	93 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	661 B
183	17

	Domain	Requested by
37	sajuabc.com	1 redirects sajuabc.com
32	pagead2.googlesyndication.com	sajuabc.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net sajuabc.com tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
21	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com sajuabc.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	7 redirects googleads.g.doubleclick.net
12	fundingchoicesmessages.google.com	sajuabc.com pagead2.googlesyndication.com
10	csi.gstatic.com	imasdk.googleapis.com
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	1 redirects sajuabc.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	sajuabc.com googleads.g.doubleclick.net
3	ade.googlesyndication.com
3	t.clarity.ms	www.clarity.ms
3	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms	1 redirects
2	r2---sn-npoeenee.c.2mdn.net	sajuabc.com
2	r1---sn-npoe7ns7.c.2mdn.net	googleads.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	s0.2mdn.net	googleads.g.doubleclick.net sajuabc.com
2	www.googletagservices.com	sajuabc.com
2	analytics.google.com	www.googletagmanager.com
2	www.clarity.ms	sajuabc.com www.clarity.ms
1	www.google.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net
1	c.bing.com	1 redirects
1	www.google.com.sg	sajuabc.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	t1.kakaocdn.net	sajuabc.com
1	developers.kakao.com	1 redirects
1	www.googletagmanager.com	sajuabc.com
1	cdn.jsdelivr.net	sajuabc.com
183	33

This site contains links to these domains. Also see Links.

Domain
www.famethemes.com

Subject Issuer	Validity	Valid
sajuabc.com R3	`2023-12-28` - `2024-03-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://sajuabc.com/
Frame ID: B42CE14FE5490B654F5A19C2EB38888E
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 594A177BBDA9FF74B5771CA64E6F698D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&adk=1812271804&adf=3025194257&lmt=1705283876&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354577298&bpp=4&bdt=282&idt=130&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7547001556437&frm=20&pv=2&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=156
Frame ID: 9341D16633FC4A544FAE312CE766070A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1295672151&pi=t.aa~a.641524115~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=3&bdt=1034&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=5479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=33
Frame ID: 7ACE899498B394F5F01E71E5A6ED34F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=1295672151&pi=t.aa~a.1255263962~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250&nras=3&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1466&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=50
Frame ID: 5A36811E189E09BFC0D7B380E334A7C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1218124319&pi=t.aa~a.1255276126~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1034&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280&nras=4&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=54
Frame ID: 3DC73E5E50619C128D9881A7D0204C7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1677911661&pi=t.aa~a.1255250300~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250&nras=5&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=58
Frame ID: F4298BF8BF58522EA0C27D3C1E337DDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=390177109&pi=t.aa~a.641527297~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250&nras=6&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=63
Frame ID: FC56EB699C8A3C691F718B8CE0948203
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=1218124319&pi=t.aa~a.1255274092~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250%2C790x280&nras=7&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=67
Frame ID: BB36C88299CC50BA030AABD85888225E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C9DA21E4E1AA024830E331CD330B1D34
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 51FD3D337F16FA5D1F07DA18BC8E0F47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 547293DA03332426E4EA1DC08C8BC86F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E7F9C0E91209970F1A33DA8E2CB833E2
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNW1s_7aiZFqEGlO70MvendTLVWOVs36zlZcGJnvaurjgNUYnHJNvjjAqoG1zbjJOtPbfi-2mOfr5DfIwIVktYI3SbKkEj_ZcKBNgxl4mzLh8pRtDPw
Frame ID: 88BD602A22022CC44909C9A7A7F1040C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: 1C8AFB9DDAA4657B0E5F83EEBABF8782
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNWifKtGWbOl8KJfb7d7rQCaWjNWzbnamrU_vWh4qL2Z4D-qXGoK9OdeCSGQtZrNdps_ZdY2dJxa8Axt9Is4sT71UKqvvnH7DKi89ZIfmLwTeQOyKBY
Frame ID: 7A1AC5DE20195535213AB313AEEE9931
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/7780403976975614210
Frame ID: A73EF46ECD9AE7C663075E50966D075C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: 9071F75F7EBD4CD562B39F7C76EB9410
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5AABE41DBEB6DF02D5A399617AFAC148
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6C764FDC1F9F0FBA5D89DA2BB10D8BCF
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=390177109&pi=t.aa~a.641530370~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578035&bpp=1&bdt=1019&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3cd48eaaa099b63c%3AT%3D1705354578%3ART%3D1705354578%3AS%3DALNI_MYa3iIasiJn4mg_NPV2zUSqIXMdpw&gpic=UID%3D00000cdee00ce2f5%3AT%3D1705354578%3ART%3D1705354578%3AS%3DALNI_MY49QFcSAZe5dqcV1wRmvHlQu5u-Q&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250%2C790x280%2C790x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=12&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=10&fsb=1&dtd=671
Frame ID: 3A3AFAADAC7253DC1C71A98628F33559
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 33E11408D26570C6E2F09E062900D0FD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C34C080E67C7508E4E1C43720DDCC19A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 706378C2115047FD971F78340F65A3FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CCD8183B7C4303613FA3A879A3892F6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

현대인의 사주산책 -

Page URL History Show full URLs

http://sajuabc.com/ HTTP 301
https://sajuabc.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

183
Requests

92 %
HTTPS

69 %
IPv6

17
Domains

33
Subdomains

30
IPs

5
Countries

5051 kB
Transfer

9867 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.famethemes.com/themes/onepress
Title: OnePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sajuabc.com/ HTTP 301
https://sajuabc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://developers.kakao.com/sdk/js/kakao.min.js HTTP 301
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0&C=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFP0XkwLWYchNj1mXI7D6SI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0&C=1

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFP0XkwLWYchNj1mXI7D6SI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

Request Chain 104

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

Request Chain 130

https://gcdn.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4DBCCF2B6A7C5D6094F5305906AB54D1DA93D574.67816506FC05D874600366BDF2B617361557DB44/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CA8A7D5702DB7ED9351E31BC286681DED7B7859.314F59DE33DCFA382DF593B2FCE6EA18DBB3C6D6/key/cms1/cms_redirect/yes/mh/Jv/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoe7ns7/ms/onc/mt/1705354127/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 135

https://gcdn.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1CA39A18A30F87BBD7C121F21D3C57106B12EDE5.92E1A471ECC2013B032F006B566CD0D327776DCB/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/04B8B225B393CE7FB92B944397FF583978A869AD.6214C373462A832411DF936F64521C7BCFB1B694/key/cms1/cms_redirect/yes/mh/ea/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoeenee/ms/onc/mt/1705354127/mv/m/mvi/2/pl/48/file/file.mp4

Request Chain 153

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&RedC=c.clarity.ms&MXFR=37925AE6A0F36AC22B054EE1A4F3646A HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&MUID=17504DCE1ED06792011A59C91FD16675

Request Chain 157

https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_pre=CP7Doe-s4IMDFU_wcwEdoX0CzQ;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 158

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDo98qiBRi5672CAiABMAE&v=APEucNW_NvXPsdDaoRO_XE1eWQMQZKGPgmpIYalfOTdX5pt3W0_39PZt2Wkmx7z3zPPY8O4bpdM29zCDS5R_TbbpThXqVfUPFNB2o2Mc3zrxrZwJcREW_90 HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
sajuabc.com/
Redirect Chain

http://sajuabc.com/
https://sajuabc.com/

150 KB
46 KB

16ms
6ms

Document
text/html

143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 2beaac1dcd7aaf842814d6d2862a3ac7755e7d0fc0fa8cc7f9ab66beeb7e569b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 10971
cache-provider: CLOUDWAYS-CACHE-DE
content-encoding: gzip
content-length: 47154
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Mon, 15 Jan 2024 01:57:56 GMT
server: nginx
vary: Accept-Encoding
x-cache: HIT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 15 Jan 2024 21:36:16 GMT
Location: https://sajuabc.com/
Server: nginx

GET
H2 200 korea_sns.css
sajuabc.com/wp-content/plugins/korea-sns/ 472 B
406 B 9ms
3ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/korea-sns/korea_sns.css?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: ffdac0355f7f2effad14214492d2a2de5d10771c18143889a506612cd2c71881

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 08:58:05 GMT
server: nginx
etag: W/"6582ac9d-1d8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.css
sajuabc.com/wp-content/plugins/wp-dark-mode/assets/css/ 29 KB
4 KB 9ms
4ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/wp-dark-mode/assets/css/frontend.min.css?ver=4.2.8
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 316a308f7f072efd9044e2bad379035a4e5f1d27ff9fece18bf829162aea0e50

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Mon, 01 Jan 2024 23:02:42 GMT
server: nginx
etag: W/"65934492-731d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
sajuabc.com/wp-includes/css/dist/block-library/ 107 KB
14 KB 12ms
6ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 23:02:49 GMT
server: nginx
etag: W/"654ac219-1add3"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 46 KB
3 KB 28ms
10ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap&ver=2.3.6

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5bc9e669b9bc6631d7c12bf04e76e30b8d9c772fccf54c045cd3ef25d9c4cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 21:36:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H2 200 animate.min.css
sajuabc.com/wp-content/themes/onepress/assets/css/ 54 KB
4 KB 12ms
7ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/css/animate.min.css?ver=2.3.6
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 1f63f05c15f02b517aeb7bad8bcbda596a499e03ef3a1b47d6ebdb76b2dc7cc5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-d815"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 all.min.css
sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/ 100 KB
22 KB 16ms
11ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/all.min.css?ver=6.5.1
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-190f1"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 v4-shims.min.css
sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/ 27 KB
4 KB 17ms
12ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/v4-shims.min.css?ver=6.5.1
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 0036d889c30c3d3481a745c71fc23d3e8f867743f2217118df3f4d0951252866

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-6bc9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 bootstrap.min.css
sajuabc.com/wp-content/themes/onepress/assets/css/ 126 KB
19 KB 19ms
14ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/css/bootstrap.min.css?ver=2.3.6
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 9f58b2c2ce7858f4254c5edd6e3c747bc139248f25ccdf6bcb6c0053cd199538

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-1f915"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
sajuabc.com/wp-content/themes/onepress/ 98 KB
17 KB 21ms
17ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/style.css?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: aa8ca579d4346c4e362a490ef8563b9564989cfa38a2b3420c327caa7a54df16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-188f5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 lightgallery.css
sajuabc.com/wp-content/themes/onepress/assets/css/ 22 KB
4 KB 22ms
18ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/css/lightgallery.css?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 7bb167b25d3bbae5246019df9d374fc0663a67a7adf5f74cb9a62c85d6b1493d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-5970"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 nanumbarungothicweb.css
cdn.jsdelivr.net/font-nanumlight/1.0/ 961 B
661 B 134ms
40ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/font-nanumlight/1.0/nanumbarungothicweb.css?ver=6.4.2

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ec83c373e4e938aaf42cc2807f7c5717cadde2be70e09adda5de6034011d0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 15 Jan 2024 21:36:17 GMT
age: 1024397
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 238
x-served-by: cache-fra-eddf8230054-FRA, cache-hkg17928-HKG
etag: W/"3c1-K2ImDALtU+5LLswvA9dRT7sunjE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sajuabc-com_rocketfont.min.css
sajuabc.com/wp-content/plugins/rocket-font/assets/css/ 713 B
349 B 22ms
19ms Stylesheet
text/css 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/rocket-font/assets/css/sajuabc-com_rocketfont.min.css?ver=1691751890
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: d09d4b80d32307d116e694b0e2ab0f212b139143a90957cb12d4216a3b525a8d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 11:04:50 GMT
server: nginx
etag: W/"64d615d2-2c9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
sajuabc.com/wp-includes/js/jquery/ 86 KB
30 KB 25ms
22ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 23:02:49 GMT
server: nginx
etag: W/"654ac219-15601"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
sajuabc.com/wp-includes/js/jquery/ 13 KB
5 KB 27ms
24ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Tue, 08 Aug 2023 23:20:45 GMT
server: nginx
etag: W/"64d2cdcd-3509"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 dark-mode.min.js Show response
sajuabc.com/wp-content/plugins/wp-dark-mode/assets/js/ 60 KB
19 KB 28ms
25ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/wp-dark-mode/assets/js/dark-mode.min.js?ver=4.2.8
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Mon, 01 Jan 2024 23:02:42 GMT
server: nginx
etag: W/"65934492-ee60"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 frontend.min.js Show response
sajuabc.com/wp-content/plugins/wp-dark-mode/assets/js/ 5 KB
2 KB 28ms
26ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/wp-dark-mode/assets/js/frontend.min.js?ver=4.2.8
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 95c212910ebf54b89de652fda2a870facc0e7c9b0b9bc0975fe399df1d1087de

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Mon, 01 Jan 2024 23:02:42 GMT
server: nginx
etag: W/"65934492-137d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 28ms
15ms Script
application/javascript 2404:6800:4003:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-5RFW3K6

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce3f6b5a53bb393a5322c5537ade06aab808ee2dc2f340502032991c2e74e809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 30ms
14ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6202023911755661

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3471bf6feba005d8eb35fefbf71a7be7e23ab60ea9a0a8462cc9cc63f4667d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Origin: https://sajuabc.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51661
x-xss-protection: 0
server: cafe
etag: 6707070081734758603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H2 200 pub-6202023911755661 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 44ms
28ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-6202023911755661?ers=1

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80161febafb6794177b5fce09a4201195e2b2e85400bd3117a05c2f2d003e008

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hfF9mIMryaVjIeJkrTJQYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-hfF9mIMryaVjIeJkrTJQYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
51 KB 34ms
19ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6202023911755661&host=ca-host-pub-2644536267352236

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ffd8fbd85fcb3c0656756330cf4ea21f08b0eab4221a5e4a0e7909579e902f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Origin: https://sajuabc.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51661
x-xss-protection: 0
server: cafe
etag: 8918821039929574898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H2 200 %EA%B2%A9%EA%B0%81%EC%82%B4-%EC%8D%B8%EB%84%A4%EC%9D%BC-antlers-1866537_640_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/12/ 20 KB
21 KB 31ms
28ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/12/%EA%B2%A9%EA%B0%81%EC%82%B4-%EC%8D%B8%EB%84%A4%EC%9D%BC-antlers-1866537_640_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 19ac25e7b5e9e49a5831fbc65d64fa08359878472089c23521f1e3f43a246df8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Fri, 29 Dec 2023 15:40:28 GMT
server: nginx
age: 0
etag: "51f4-60da7da052476"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 20980

GET
H2 200 %EC%A7%84%EC%88%A0%EC%B6%A9-%EC%8D%B8%EB%84%A4%EC%9D%BC-emergency-4314552_640_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 33ms
31ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%A7%84%EC%88%A0%EC%B6%A9-%EC%8D%B8%EB%84%A4%EC%9D%BC-emergency-4314552_640_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 7c4bf30ebbfcfa968fe8a0744f75803ef68f89b16f92b112327e7de6773a4f70

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Sat, 25 Nov 2023 03:17:56 GMT
server: nginx
age: 0
etag: "3438-60af183e76189"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 13368

GET
H2 200 %EB%AC%BC%EA%B3%BC-%EB%B6%88-%EC%8D%B8%EB%84%A4%EC%9D%BCfire-and-water-2354583_640_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 4ms
4ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EB%AC%BC%EA%B3%BC-%EB%B6%88-%EC%8D%B8%EB%84%A4%EC%9D%BCfire-and-water-2354583_640_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 131f6803fd486c7ea8815f441228a49b18c600d8b33e2e915d456e8a3d58b8d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Fri, 24 Nov 2023 11:41:41 GMT
server: nginx
age: 0
etag: "34b2-60ae46f93e9ff"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 13490

GET
H2 200 light.png
sajuabc.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/ 736 B
886 B 3ms
3ms Image
image/png 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/light.png
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 29a9023ef7170c1fdf28a69719b1f9141507983f19443d6d82e4dfb5b05704fb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Mon, 01 Jan 2024 23:02:42 GMT
server: nginx
etag: "65934492-2e0"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 736

GET
H2 200 dark.png
sajuabc.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/ 675 B
826 B 3ms
3ms Image
image/png 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 3a8f59340ce472660db410161f3e7fc7ade175053930bb1ef074df92bb58847a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Mon, 01 Jan 2024 23:02:42 GMT
server: nginx
etag: "65934492-2a3"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 675

GET
H2

200

kakao.min.js Show response
t1.kakaocdn.net/kakao_js_sdk/v1/
Redirect Chain

https://developers.kakao.com/sdk/js/kakao.min.js
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js

111 KB
36 KB

81ms
4ms

Script
application/javascript

2403:e800:e80b::2a63:8cbb
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Server: 2403:e800:e80b::2a63:8cbb , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
Software: openresty /
Resource Hash: 50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
last-modified: Wed, 14 Dec 2022 06:58:54 GMT
server: openresty
vary: Accept-Encoding
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2128
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzA6MDpjaHR0cDoxMQ==
accept-ranges: bytes
content-length: 36802
expires: Mon, 15 Jan 2024 22:11:45 GMT

Redirect headers

location: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
date: Mon, 15 Jan 2024 21:36:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 162
content-type: text/html

GET
H2 200 korea_sns.js Show response
sajuabc.com/wp-content/plugins/korea-sns/ 3 KB
1 KB 3ms
3ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/plugins/korea-sns/korea_sns.js?ver=1.0.9
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: b90ef4c8174e6bd3ee3aebaa0826006dba18576c598cb84d4f64db78ea395af3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Wed, 20 Dec 2023 08:58:05 GMT
server: nginx
etag: W/"6582ac9d-d33"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 theme-all.min.js Show response
sajuabc.com/wp-content/themes/onepress/assets/js/ 153 KB
42 KB 7ms
7ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/js/theme-all.min.js?ver=2.3.6
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 998ee801593bda96deb363ae0e760aae04f26f1f6dafd0b5f7d4debbd804f4c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: W/"658628d5-26476"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
sajuabc.com/wp-includes/js/ 1 KB
864 B 3ms
3ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-includes/js/wp-embed.min.js?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Tue, 07 Nov 2023 23:02:49 GMT
server: nginx
etag: W/"654ac219-4e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
BLOB 200
OK 29f7e167-f78a-4748-a7cb-eb4bb21b026c
https://sajuabc.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sajuabc.com/29f7e167-f78a-4748-a7cb-eb4bb21b026c
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 jbydgmkffr Show response
www.clarity.ms/tag/ 699 B
1 KB 499ms
443ms Script
application/x-javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jbydgmkffr
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fefece962d493d47f03a28e1e75cca738bb078d8109ebc305410a814c7fee8ed

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: -1
date: Mon, 15 Jan 2024 21:36:17 GMT
x-azure-ref: 20240115T213617Z-c8nn790rnx71z66txtfsv3s5ww00000000tg000000006m0t
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 699
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 fa-solid-900.woff2
sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/webfonts/ 153 KB
153 KB 4ms
4ms Font
application/font-woff2 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/webfonts/fa-solid-900.woff2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/all.min.css?ver=6.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Request headers

Referer: https://sajuabc.com/wp-content/themes/onepress/assets/fontawesome-v6/css/all.min.css?ver=6.5.1
Origin: https://sajuabc.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Sat, 23 Dec 2023 00:24:53 GMT
server: nginx
etag: "658628d5-26350"
content-type: application/font-woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 156496

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 16ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic&subset=latin%2Clatin-ext&display=swap&ver=2.3.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sajuabc.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 18:44:12 GMT
x-content-type-options: nosniff
age: 96725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jan 2025 18:44:12 GMT

GET
H2 200 %EA%B3%84%EB%AF%B8%EC%9D%BC%EC%A3%BCmichael-herren-7sxtEMZ5z_M-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 8 KB
8 KB 10ms
7ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%EB%AF%B8%EC%9D%BC%EC%A3%BCmichael-herren-7sxtEMZ5z_M-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: f1a3808d9705b05b6e8b5a8fcff9b012ed8447d8555aad3ee47df6f4e750aae8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Wed, 22 Nov 2023 04:30:42 GMT
server: nginx
age: 0
etag: "1ec6-60ab62ea1fbdf"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 7878

GET
H2 200 %EA%B3%84%EC%82%AC%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-pepsi-5xonH9LfX-0-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 9 KB
9 KB 21ms
18ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%EC%82%AC%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-pepsi-5xonH9LfX-0-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: c41fed115e2944d45e362f3f2181ffe3df1f5901a01fe849e136165741515a62

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Tue, 21 Nov 2023 03:55:08 GMT
server: nginx
age: 0
etag: "23ac-60aa191984702"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 9132

GET
H2 200 %EA%B3%84%EB%AC%98%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 22ms
19ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%EB%AC%98%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: b4b4dbf1c8cca69c79a497e8a74f52cf7c2357156d4593bca2f0e86c60775dcb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Mon, 20 Nov 2023 03:03:27 GMT
server: nginx
age: 0
etag: "336a-60a8cbae6b63a"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 13162

GET
H2 200 %EA%B3%84%EC%B6%95%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-ian-schneider-gwF2mDy5lFQ-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 22ms
20ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%EC%B6%95%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-ian-schneider-gwF2mDy5lFQ-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 4394d080cb0a0f2772bd10728654ffad6d228aad6c64fc54ca17a391a6f33646

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Sun, 19 Nov 2023 07:39:56 GMT
server: nginx
age: 0
etag: "325c-60a7c79d83ee8"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 12892

GET
H2 200 %EA%B3%84%ED%95%B4%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 11 KB
11 KB 23ms
21ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%ED%95%B4%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: c1f51853307b262db7adca1f4ba0f87b9073a4a063d49903a528f0d87ca6ff8f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Fri, 17 Nov 2023 08:45:30 GMT
server: nginx
age: 0
etag: "2c5e-60a5528a282cd"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 11358

GET
H2 200 %EC%9D%8C%EC%9B%90-%EC%8A%A4%ED%8A%B8%EB%A6%AC%EB%B0%8D-%EC%82%AC%EC%A3%BC-1_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 12 KB
12 KB 24ms
22ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%9D%8C%EC%9B%90-%EC%8A%A4%ED%8A%B8%EB%A6%AC%EB%B0%8D-%EC%82%AC%EC%A3%BC-1_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: c0d16a8f2f1ffe17309a510eab5344b354e349cc62c7ad0a032e0b8cf5a954d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Thu, 16 Nov 2023 12:51:38 GMT
server: nginx
age: 0
etag: "2e86-60a447b0d2599"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 11910

GET
H2 200 %EA%B3%84%EC%9C%A0%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-jan-kronies-FCHie1RnNdQ-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 25ms
23ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EA%B3%84%EC%9C%A0%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-jan-kronies-FCHie1RnNdQ-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: b65df3f41ee84e2a41b65f5c90492f2df595bd934bdd7556bf45789d6511412b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Thu, 16 Nov 2023 04:26:01 GMT
server: nginx
age: 0
etag: "345a-60a3d6ad600d3"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 13402

GET
H2 200 %EC%9E%84%EC%98%A4%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BCmichael-tiqxUvpVeCA-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 13 KB
13 KB 25ms
24ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%9E%84%EC%98%A4%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BCmichael-tiqxUvpVeCA-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 2a44989ce72423c80fcaae8d88a48969f7c72808c44ff790a76f1cbc8e30ac4f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Wed, 15 Nov 2023 07:56:02 GMT
server: nginx
age: 0
etag: "321a-60a2c3c0ee190"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 12826

GET
H2 200 %EC%9E%84%EC%A7%84%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-david-banning-IyVQu9zI2nU-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 21 KB
21 KB 26ms
25ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%9E%84%EC%A7%84%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-david-banning-IyVQu9zI2nU-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: b10c1e3029a1a4a29fb4f5d31defb87f22b2e374b4d3ee7fc00ad325c31e2e52

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Tue, 14 Nov 2023 05:12:54 GMT
server: nginx
age: 0
etag: "54aa-60a15d6c85d07"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 21674

GET
H2 200 %EC%9E%84%EC%9D%B8%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-araxa-1106427_640_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 16 KB
16 KB 28ms
27ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%9E%84%EC%9D%B8%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-araxa-1106427_640_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 30f64202939d97857128c1288d0c7ed3c1533e773437fcc9730ba22e20e30f39

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Mon, 13 Nov 2023 05:10:12 GMT
server: nginx
age: 0
etag: "4072-60a01af46fd3a"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 16498

GET
H2 200 %EC%9E%84%EC%9E%90%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-abigail-lynn-9JrBiphz0e0-unsplash_-300x150-optimized.webp
sajuabc.com/wp-content/uploads/2023/11/ 7 KB
8 KB 28ms
27ms Image
image/webp 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sajuabc.com/wp-content/uploads/2023/11/%EC%9E%84%EC%9E%90%EC%9D%BC%EC%A3%BC-%EC%8D%B8%EB%84%A4%EC%9D%BC-abigail-lynn-9JrBiphz0e0-unsplash_-300x150-optimized.webp
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: ee1e6d716ba3c2719ccbf5cda46986e775d4c371ddf6c5003d69463ff3255669

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
last-modified: Sun, 12 Nov 2023 02:36:40 GMT
server: nginx
age: 0
etag: "1d9e-609eb6c5fd18b"
vary: Accept
x-cache: MISS
cache-control: private
accept-ranges: bytes
content-length: 7582

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
137 KB 34ms
26ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6202023911755661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64fe78a2aa7c0463bb0f148c6cbd9c953da07b2e3986ba23ca8b0e54e16a352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139364
x-xss-protection: 0
server: cafe
etag: 11775875005227197806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 594A 9 KB
4 KB 15ms
3ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6202023911755661

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 54830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 06:22:27 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 06:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 20ms
4ms Ping
text/plain 2404:6800:4003:c04::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D1W2CMFHSN&gtm=45Pe41a0v9132932958&_p=1705354577170&_gaz=1&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1025955206.1705354577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705354577&sct=1&seg=0&dl=https%3A%2F%2Fsajuabc.com%2F&dt=%ED%98%84%EB%8C%80%EC%9D%B8%EC%9D%98%20%EC%82%AC%EC%A3%BC%EC%82%B0%EC%B1%85%20-&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=576
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5RFW3K6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sajuabc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 16ms
4ms Ping
text/plain 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D1W2CMFHSN&cid=1025955206.1705354577&gtm=45Pe41a0v9132932958&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5RFW3K6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sajuabc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 21ms
9ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D1W2CMFHSN&cid=1025955206.1705354577&gtm=45Pe41a0v9132932958&aip=1&dma=0&gcd=11l1l1l1l1&z=281455569

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW7lJ-DuvexJl95-ouCJMwFUYFIs16z2FEUW8x3GLabwVkK9sWu60Rfq1rDfHvMZ4Trfn_eItuK2VT-LqfCnsc62SqYfA74E99cdvFsU-na-OVjwJ-SG8pw83rPWmMkzv_GRNhGGQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 36ms
36ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW7lJ-DuvexJl95-ouCJMwFUYFIs16z2FEUW8x3GLabwVkK9sWu60Rfq1rDfHvMZ4Trfn_eItuK2VT-LqfCnsc62SqYfA74E99cdvFsU-na-OVjwJ-SG8pw83rPWmMkzv_GRNhGGQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MzU0NTc3LDQwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zYWp1YWJjLmNvbS8iLG51bGwsW1s4LCIxNW1McHpyd0xyQSJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.15mLpzrwLrA.es5.O/am=wA/d=1/rs=AJlcJMz9YECfltM57txVD5Zoump5DmvPZQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3365ddd2c4a082f0a3af0dba77f7d477185abacd4b3e38419b1aa97a71bba3d9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hIi5WDQyGnxgKFip2Efjdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hIi5WDQyGnxgKFip2Efjdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9341 500 KB
109 KB 456ms
455ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&adk=1812271804&adf=3025194257&lmt=1705283876&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C236x675_r&format=0x0&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354577298&bpp=4&bdt=282&idt=130&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7547001556437&frm=20&pv=2&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0fbbf476cf9973df1b5e80e19ed479c6b57e8f38764d5de91d652861ab68fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 111382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:17 GMT
expires: Mon, 15 Jan 2024 21:36:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 5ms
5ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=wp-dark-mode-switcher%20wp-dark-mode-ignore%20style-1%20%20floating%20right_bottom&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
sajuabc.com/wp-includes/js/ 18 KB
5 KB 4ms
4ms Script
application/javascript 143.198.80.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sajuabc.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: sajuabc.com
URL: https://sajuabc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.80.28 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 1038800.cloudwaysapps.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: gzip
last-modified: Wed, 28 Jun 2023 11:01:56 GMT
server: nginx
etag: W/"649c1324-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 6ms
6ms Script
application/javascript 2620:1ec:bdf::59
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jbydgmkffr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
last-modified: Mon, 15 Jan 2024 09:28:11 GMT
etag: W/"0x8DC15AC4AC3CD45"
vary: Accept-Encoding
x-azure-ref: 20240115T213617Z-c8nn790rnx71z66txtfsv3s5ww00000000tg000000006m18
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9bd012b4-301e-003f-46a8-47e678000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 1010ms
511ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sajuabc.com
Date: Mon, 15 Jan 2024 21:36:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 14ms
14ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e768eab2d01300774dc4b1e457a0259551ae91f345ca49dfaa557009ab1bba0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56407
x-xss-protection: 0
server: cafe
etag: 6820055394360324713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:17 GMT

GET
H3 200 ca-pub-6202023911755661 Show response
fundingchoicesmessages.google.com/i/ 182 KB
60 KB 26ms
25ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6202023911755661?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbb11d51e2e319ae50b15abb7346ff0baf155282b483c8fb2b21e7f2c11049f6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hU_ew6js2pK7uycFeeEP6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-hU_ew6js2pK7uycFeeEP6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7ACE 718 B
381 B 147ms
147ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1295672151&pi=t.aa~a.641524115~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=3&bdt=1034&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=5479&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e8b4b660dca10e31dc82923cfbd88ad87ed8e014b38686b80118fc32a6e8a2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A36 718 B
380 B 249ms
249ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=1295672151&pi=t.aa~a.1255263962~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250&nras=3&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1466&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7598552b1f42bc21e19e17e78ace86e01ab4e596c8575527631c299a3f9a2c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DC7 718 B
382 B 273ms
272ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1218124319&pi=t.aa~a.1255276126~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1034&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280&nras=4&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=54

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbc5018849109232d15ee8ad6885f3356b026fa59cb4fb7719b8d5bb378021e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F429 718 B
383 B 251ms
251ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=1677911661&pi=t.aa~a.1255250300~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250&nras=5&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adea7bf6b6f056a33e3f74c28cd1302caacf3838446e48f6c0fbaadf5c217d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC56 718 B
380 B 203ms
203ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=390177109&pi=t.aa~a.641527297~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250&nras=6&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4623&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=63

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70bdcf5f9a160d0b0e2b7f1528a0d73202c746a14a9553eb550df8a2bfb0a983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB36 718 B
380 B 238ms
238ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=280&adk=1180347044&adf=1218124319&pi=t.aa~a.1255274092~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x280&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578050&bpp=1&bdt=1035&idt=0&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250%2C790x280&nras=7&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=2357&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=67

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

957b4c2a8b7f12de088bea742c62818641afcedaa6e46bc83ad9d4e271453852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 5ms
5ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&hl=ko&pvc=1858084845498572

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame C9DA 9 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 54829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 06:22:29 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 06:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 51FD 9 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 54829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 06:22:29 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 06:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 5472 9 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 54829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 06:22:29 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 06:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame E7F9 9 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 54829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 06:22:29 GMT
etag: 9219409622527106327
expires: Mon, 29 Jan 2024 06:22:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C9DA 4 KB
767 B 7ms
6ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 20:59:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 21:36:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame C9DA 16 KB
7 KB 18ms
3ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:25 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame C9DA 22 KB
9 KB 19ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 88BD 645 B
257 B 10ms
9ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNW1s_7aiZFqEGlO70MvendTLVWOVs36zlZcGJnvaurjgNUYnHJNvjjAqoG1zbjJOtPbfi-2mOfr5DfIwIVktYI3SbKkEj_ZcKBNgxl4mzLh8pRtDPw

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 1C8A 23 KB
9 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:56:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 1C8A 7 KB
3 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:22:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:22:01 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C8A 41 KB
14 KB 9ms
3ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 06:53:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1C8A 3 KB
1 KB 10ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:44:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 1C8A 20 KB
8 KB 10ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C8A 205 KB
65 KB 21ms
6ms Script
text/javascript 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C8A 42 B
63 B 11ms
8ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNu3PGu7ikNtGhH2b7YVtGioY9q0Nj1AbyOH9eLSoWUB-rJigNLSk8c8y-OlIlzz_fT0Ww2R_zOX1v5wuiKUeowKd2zcckXlBsezwoXhAOwcdv3cQ

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7780403976975614210
s0.2mdn.net/simgad/ Frame 1C8A 80 KB
80 KB 18ms
3ms Image
image/gif 2404:6800:4003:c03::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7780403976975614210

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::94 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585357c44a17f93656c7e1e583a514359d37521046af5a2f59cfecd18e7dd271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 10 Jan 2025 01:19:00 GMT
date: Thu, 11 Jan 2024 01:19:00 GMT
x-content-type-options: nosniff
age: 418638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81751
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:06:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7A1A 645 B
254 B 16ms
15ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNWifKtGWbOl8KJfb7d7rQCaWjNWzbnamrU_vWh4qL2Z4D-qXGoK9OdeCSGQtZrNdps_ZdY2dJxa8Axt9Is4sT71UKqvvnH7DKi89ZIfmLwTeQOyKBY

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7780403976975614210
s0.2mdn.net/simgad/ Frame A73E 80 KB
80 KB 4ms
3ms Image
image/gif 2404:6800:4003:c03::94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7780403976975614210

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::94 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585357c44a17f93656c7e1e583a514359d37521046af5a2f59cfecd18e7dd271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 10 Jan 2025 01:19:00 GMT
date: Thu, 11 Jan 2024 01:19:00 GMT
x-content-type-options: nosniff
age: 418638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81751
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 09:06:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame A73E 23 KB
9 KB 8ms
8ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 11:56:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 11:56:52 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame A73E 7 KB
3 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:22:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:22:01 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A73E 41 KB
14 KB 10ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 484992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 06:53:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A73E 3 KB
1 KB 11ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 07:44:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 07:44:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame A73E 20 KB
8 KB 11ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A73E 205 KB
65 KB 12ms
3ms Script
text/javascript 2404:6800:4003:c1c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 21:36:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A73E 42 B
63 B 13ms
9ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWYjE5beu4GaorROE_Ke9XpQJJX4tMx934NBgt8p9iMESXtStZ9dzbHFjPQ1qNhPpOBO7Oo6_S2_eGLkEoGI3_XCZqZmx0ROgTc-To22-YqgSg5Fk

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame E7F9 23 KB
9 KB 11ms
6ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E7F9 8 KB
750 B 12ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 20:59:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 21:36:18 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame E7F9 15 KB
3 KB 25ms
5ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 07:19:07 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame E7F9 378 KB
131 KB 26ms
7ms Script
text/javascript 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134337
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:26:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E7F9 20 KB
8 KB 12ms
7ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H3 200 advert-_right_ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVqpMoij2NDeRyc14sQhcaLtSwaz3i2TKNWIsJcAzZJ5o_v1cBWFN7VOWW3XdhzDWVUUGczKrtsluRYFGXKe-ziMBWMV1YFgOuSmBM2h4kckeJpAjwhbhISLq8KgEgHVN9DexbCgzqEpjm0xW6TIfRMu01Zh... 54 B
108 B 13ms
13ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVqpMoij2NDeRyc14sQhcaLtSwaz3i2TKNWIsJcAzZJ5o_v1cBWFN7VOWW3XdhzDWVUUGczKrtsluRYFGXKe-ziMBWMV1YFgOuSmBM2h4kckeJpAjwhbhISLq8KgEgHVN9DexbCgzqEpjm0xW6TIfRMu01Zh5BWcOUbiWFPqIlPLcJ1qP6sYv0_a4ab/_/ad300./adperfdemo./video.ads./advert-_right_ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.15mLpzrwLrA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz968-qtJ15aZmerb0KYIAxMHx1HQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80f877b7b25275582efa9e7dd691314d9a9879e5698bee1add2357950495aa54

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d3CZgSyD7K0N6pTHS9L-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-d3CZgSyD7K0N6pTHS9L-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 22:30:48 GMT

POST
H3 204 AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 27ms
15ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DiQ3k8obAiJtU0Ji8qhZdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DiQ3k8obAiJtU0Ji8qhZdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sajuabc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 88BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0&C=1

43 B
737 B

18ms
16ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNW1s_7aiZFqEGlO70MvendTLVWOVs36zlZcGJnvaurjgNUYnHJNvjjAqoG1zbjJOtPbfi-2mOfr5DfIwIVktYI3SbKkEj_ZcKBNgxl4mzLh8pRtDPw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvVuldpcpGnwvxoadCsRdVNOSiIPB%2B%2FT0YpC0Mx8ZObcBA9l7sMDh6NdOO1nanwFmz5%2B%2B1Z5Bdytci5KgZmkZH%2BGtu2YqeI5Vr8pBmPVw8DyfX6kl5z3gJBGStaqZjPjRv117YvOpmxWyg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 846140e34bc34024-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeOfuIlMe%2BR0dqbORbtf1IGm4JKnu8eTQYbYJVQs7mWO6h91h%2FJwtyZA0AMLwLOEZ8wcPHw5JXZePGPUvc3bBd2KDVU%2FcgqNWLqzIjXuKzs7WXBNM5krpm7JyhD2EhiRRzJbREaAB9Muow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEA1IFeKlMMUTWXwIefoYmzM&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 846140e3193c4d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 88BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

43 B
730 B

36ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNW1s_7aiZFqEGlO70MvendTLVWOVs36zlZcGJnvaurjgNUYnHJNvjjAqoG1zbjJOtPbfi-2mOfr5DfIwIVktYI3SbKkEj_ZcKBNgxl4mzLh8pRtDPw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9OFkssvMCjIgEkUldJ61uNuvmz1cP%2FtIpzEhIFio6MhtR80SynAyofRoK4eaC9mB6QFZPvfSWOtJDPg5H8mooA3XuhbkSMCmlxCsX9HuzDu2I24hi6kfrFNyzEuRdHnI6kbOTp6GpcoNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 846140e37bfd4024-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 88BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFP0XkwLWYchNj1mXI7D6SI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

43 B
1 KB

4ms
3ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNW1s_7aiZFqEGlO70MvendTLVWOVs36zlZcGJnvaurjgNUYnHJNvjjAqoG1zbjJOtPbfi-2mOfr5DfIwIVktYI3SbKkEj_ZcKBNgxl4mzLh8pRtDPw

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: 2f8ad41e-560b-4ea9-85e1-2824816e2907
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: 7144543c-13c0-4020-84c1-c71509f84997
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 88BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

170 B
188 B

11ms
10ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

Requested by

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: ef5320f9-b1ae-43f7-a80a-0d22fea41db0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7A1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0&C=1

43 B
770 B

21ms
20ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNWifKtGWbOl8KJfb7d7rQCaWjNWzbnamrU_vWh4qL2Z4D-qXGoK9OdeCSGQtZrNdps_ZdY2dJxa8Axt9Is4sT71UKqvvnH7DKi89ZIfmLwTeQOyKBY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awgWhViPLw1Q5Z54csBgApI4ywoP3ettQj%2FLHZfyidENJwFjjo%2Bu8gNGKg48EiXUZXq1sJlYY5ApraDAWnWvj6dowJ8ICOgUxi1i78HCXxSywiSZ%2BpMXvmT9ZBSEMOlAmbQBA8vvTNKzZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 846140e33bbb4024-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBuVig00sj6yelikw5k8njaH55qWQFzgAm1gzA%2BkiNWhMGi2ENueNOQF77Pq9xCVFxvjkz0x17TlvOChUZtTFXW1tujA1GuPTm3WhS7VBoHt5G9Ftb4hT7T7AI1CqbAex7%2BN%2B639pGXldw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&gdpr=0&C=1
cache-control: no-cache
cf-ray: 846140e3193e4d9f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7A1A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

43 B
737 B

20ms
19ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNWifKtGWbOl8KJfb7d7rQCaWjNWzbnamrU_vWh4qL2Z4D-qXGoK9OdeCSGQtZrNdps_ZdY2dJxa8Axt9Is4sT71UKqvvnH7DKi89ZIfmLwTeQOyKBY
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFMeBV4%2B5ghAO7psCsVnAiAxhj6uW7IwJm1Io2cLdQByVxpk3BLoqqwA%2FjNqLn7DycEfw6qagxPTBLwOA3MrXTgBcYH84O8f6%2BnwkggHENRD7YsQQ2%2FmaRUGY735k%2FrAjiqJ97q8oZBDJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 846140e37bfa4024-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 7A1A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEFP0XkwLWYchNj1mXI7D6SI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

43 B
1 KB

7ms
4ms

Image
image/gif

103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDn1ubMBBjayIOCAjAB&v=APEucNWifKtGWbOl8KJfb7d7rQCaWjNWzbnamrU_vWh4qL2Z4D-qXGoK9OdeCSGQtZrNdps_ZdY2dJxa8Axt9Is4sT71UKqvvnH7DKi89ZIfmLwTeQOyKBY

Protocol

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: 1aac8d11-f6ee-4c30-aa88-c0f42700c24e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: a3a8626b-37a1-4950-bb6b-324c1b0873b6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEFP0XkwLWYchNj1mXI7D6SI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A1A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

170 B
188 B

12ms
10ms

Image
image/png

74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D

Requested by

Protocol

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
an-x-request-uuid: 3d9ed73a-68cf-4983-9637-3267693907d5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU5NDgxNTU0OTI0MTY2MjM2MQ%3D%3D
x-proxy-origin: 103.254.153.207; 103.254.153.207; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 9071 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9071 8 KB
750 B 12ms
12ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 21:03:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jan 2024 21:36:18 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 9071 15 KB
3 KB 7ms
3ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 07:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 483431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 07:19:07 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 9071 378 KB
131 KB 7ms
4ms Script
text/javascript 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 01:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134337
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 21:46:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 01:26:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 9071 20 KB
8 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 06:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 06:48:26 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5AAB 38 KB
13 KB 8ms
7ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 483431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:19:07 GMT
expires: Thu, 09 Jan 2025 07:19:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 11ms
10ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eSwfmGYmQP-YOCLUjLPtVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eSwfmGYmQP-YOCLUjLPtVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sajuabc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C76 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 483431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 07:19:07 GMT
expires: Thu, 09 Jan 2025 07:19:07 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
234 B 657ms
224ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrfg32c4&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E7F9 15 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 01:18:43 GMT
x-content-type-options: nosniff
age: 418655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 01:18:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E7F9 15 KB
15 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 13:11:28 GMT
x-content-type-options: nosniff
age: 203090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 13:11:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7F9 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1705354578627&ai=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
45 B 625ms
227ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrfg32dh&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.xh&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E7F9 32 KB
18 KB 48ms
36ms XHR
text/xml 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BZ-ZffRxsho9r_EUqn_whyx76lvVnb1gzIdeOotk48EHOCFUj7dB6CTrC1-nN6nuQS1wTpSbXH0iBPV9qDGdrzaqsTBQ&cry=1&dbm_d=AKAmf-AYXpstfnVr3kJUFImi4qXv8ItE4_yopoQGkRKHRTRlPvVYhs4O2HFdRCPggqZdmoCv1J-Ztw6PVjijYLFByOLNJm8UBdf0OcLleOy9w9RFy9q0pbvJMxCa5lLr2je9YYv_aGxH0Moqqy_fO3jzlHM1t_rH3M9DefrawL-hJ3UUCMEiDFbvOTQg26W96JE7eAoJ9nMd_ksO9VFQ0UItjOjDgAIjgIa97fCLmyy97D186nMbiO1fWKHIvNDu2it6Lxr9gJgk52JoIhv9C2_6ECV5G8-Zu12i1QAJeeOAqYxXNbccc3kj2yYCbdAplOzMVTYRg8Mc2qpMZ7sa1PXbR7j35SkSGt6pAjyFlT87rJOT0p9DRMouUJPQjsb30tgrtovMITwsmAk_hrfqWSm-ukdlYJjokBJFVvboY0hukpRTe4RUaZDq_8f37E0zjpuZoofVjFODyMKGzQ-yBlB4jyzGQmP8RHdoShyl4ejYkoobfyQsIkTWvxWj5nhoS2UR45XdZ4IgoKJ67epzVu5vR5qo6owZNjnEVfahZwoeEHtQZVcn-hvjucMfHuYfaYoymkNSS-EEtSX7tdXbs7vRwcDeMiKqkVIPqAVwWH8dpfjCZbB6X4K-CeSDRzMj3iz9dlWDEdeSK7WfvmgXoFVIHImfxtQKklp1mBeed54LiEAB0zqLSjh6pSeVWBTQOgFmf8g3BZoZ49s8qO6hnFOFQbUP6RABPDhfgFNwl1UVT2DNoJNwixCb5YBOecBOY3N9BQNBB7vZXUmxraLg6cmzcIrPjzCod61OBGSASryYE2Km3nHXAjVe7bjUuynpObozGiY_MVUp_AZrC1mEu77-8A3C64KhunKfNDe0B1iz06Pdy82DySadbsYHRKLRAr4Blt5t4mwShYMDSt3FrGBvdaDYw4Wy8LyJxS9UV3j3yQJh92JMcSwkoKoaNekc4T832SJ8YaXaVY2cp9sB_B-4ktauQ3vpWUFcObIq1_FZhU97jN6UiiTNwCA3_baym-j5lRStpkJF5GbdupRiE9P5iBSSnwd1Zk1qnWu4ShwOmFRgYN4gAQ_UtaqNA38i0jlTvdBTkPouIjTEheYLFbYQ1ezhGRwzgPqIsxRBdhNHH5oNP8PW4mSlhu4CV-D1jzW1hCH5ZMTxAneurwGLRNhjw8F23uxt9kIPrp4oD-PWQbGfGSTxfKyAVnVCKUzEDpg34PFB0ma2aFDxm9_P5jJNFqy8yWNA_E2sKUDEVkOS5RmBr-7liWD_43ZfHFKu9QOdVjhZY3WV4AWsVoYBijB-KC20dTfzGLRjkuDRQrTuNLJFT5ngS2kavnT9zRVfH1Kju9WJNlnQ2X5U4ulAH1gra1DSdlCSYrEnzr-wdLmMMpYWmP3GNGMPr3R2MJctZBg0wpP0d7XfMUM8fFWa3lo2wEB0U2vmzVPEvXSPxZIVAuU8JRpAIIsyfArwa6ICH2HE88vF_4u0HVTLxbUEjnUjMaydpEXouEkiAAxN3ziyVGgfTUionRM-4ZfMn8gnCcvmdcgmf3qk5hwvntY9IiiRxc8QSyXNLHiAUrCNOP4rk8uUe4hpzlyYBpVe7w9IH8WzcBzfh-JNx9Xy8wIlBYbV89vljwDg3cPPG-bQXZeE91HnUbs_Ftu4hYUNTjbNEUUWotcVnLYUdhXcXx4MEgmeXTNiKONC5VAxiGfGKWuo9us1oYgFYWonTybJEBOscgObW-w64pRLLxhNDYNaJT-S4SSE50inLigZDDWEc213_NjYL8e7XtWEq03sMvP2dWsDZYkxZA3anX5sH4IQBoBRjMNbB3wGaDlBzbC3Jl_gZMufdKyYbdeTQPOpAJJIWHk1XSspmlMLa7rv0ZKADWzMrJl1sZuCngp9mGYG4mkhnEwJ65X37ikzm70s8gJ5n0z8W_m5ni2Bzb-vza6o0V6LORti4B7NmqJP4P7QeNDFF0B2BS70BWE40zayQTFSOkGa2U-g0V7AqR6m1TyQPQKzCguv9sIODOfTk7-KnOZMrAKJWLpcEhEwQvEbrCFsvuncWFO9rQdTKsHiSvUkN6x5sSnTT18cxnyF-OVf_w44wc34SnAmdQki-H6_WhytWJCIB-HM_kSQeJsVW5Cs6KEQKTgdR-oiZ9SBDLFJ9m6smje6GTiBu6F07ZoqabV27iJTGSYQ06zofvM6Ywj-nGtd-10sdgsJ4TrgQA4Iy4bIcNStp5wfUT19Jug3i6iqEBUMwtdCl8ZUgyDD3mirPEA3lDS6j_xh6chqRAc7kVmlWtpjAAPSBKgu_0IBvD4spRI6LcYwpqKvMDo5ItC-BSVrTNN0rfJ0NyxxEL1iMmIGJDRcPYrxnLMUEDiEDVQbJmQoIw_ILFTHaTRoTW8qKO3EEx9RWZPKo9t7QT1xhqzCrxGDRPc_70emfjrCs_8cRNzPRNvXDIFYPZ1lE56Gpbye9A7K7wJunhf2i_Iwlzkpid4qEFOPr2IT0RKEKFn7q1Sr6t5zj4FCsdXtRhtwKDQ9T3xtiizJW1DK6GCyZO3sJFfbrtWIC9p3ObURKMiO6BNuynIsZm4eB2lrvHvCzEbTgli7coS0t4kN4AnIJohgZL1SDOUJ8L7EL-N9uEyhlrM8CJDwVDhT9kl9nQEgIcad_RQlr0_J_NPC6vf3UP9oKk-ZGEgefnKlM7nRg9-W41T13Ic_PlBXKsGSU3DkuiCo0lIjWG4T0PVYrd-ufi6Gf0S4FXF0ovge3oY1eMN3hSa8N4bIkHDiQzyZ3cXdT0D6U0AwqY2eiVSKfaRIszG-mcsnR_r8FXVZGd78tOJr-xVHy7pI27qjeIYFWKUvJ8VjYVNsSbBy3Ei32CJ47jTVLUk634OCDYFK-3L3irrGtvTMVsybbmqhmmVGQkRuiTafGFAsHS3yJ7a4rAqlcBKW9LTknZvyxGeucfOj4yc1k3LCSxM7xsgNdBB0R11XXAtqG87-7eMx27P6ACcb9GswH_9jl-z2UHY1UT5iF_fuvSX910QNHLTgTL-fzpOgUpu3k4ard1lRLy4p32Mj-Yv7xx8kBv22L3YrsJWcgnI5U0wwvWnxR8P5NygEJUO0jEep4x4OqMLI1SuAIvALkq7F-_pHvDgbEM3vybqG77LCtHX4h4ngQ_WccMonZ8N_wM8WIB0NE14i4RX6xdfHcb1LK3HMtOwwtsl2Qk2l39_Av4HxgjuhO4cIRWEg6K_xVHQLliKbcNSMrXCz2Yky9RhyLUm8kxWcKeAvbnA_kiOkawNrbMp9vTfk1ERFt-0FUyp5d-YSvsHXuNEUP4fcJKOEU3QSgq8vtFFh_Ykwh2kVHi3B-oMJeak9xJGn6zGOp7kBAj2Df4Fmhz-G5It-U-oIk2Nw0sScya6Xlbk8lZRYJ71GzSSgvSExO5fPB7C-O_DvXYjEkEwlwu2pdBABqMw9kl2xptv_VxUYB5v3rI-IvDIyq2x3VGzozj852JZqzKeSWal2_Xpkg6zg-uJB2V_eL9spRNBDwBCk2zjopZv_2icg8iU1UZyzR7utwYpRQa49PPh94xY7k1Cu11YFz1OvodRDrhNIdE3V-e5ABbxbTPsCmdqTiCO6Ze2ADDJg6dVp9vF9I9iR14HPj2lsha-ddPL1tz5rhNSlLENcjPrH5l-tSPMvXjzVKx08hIJPGVgLG_U2HPmj8fXypmzwyxdim5oPH1d8b-BfKnHbcIGWm0Z8cK92e7WzOo6V2_5nc-yKjVOhEIBWGw&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

2b9ac115a742827fa7b9cad2ef4d2d932ff1b8d7f6ac5db98177efaa41bb41c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17887
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
11ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mI8SHXZT3wlnMOSoGPTa-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-mI8SHXZT3wlnMOSoGPTa-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sajuabc.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
15ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QU9DPfYE71ZuFvEyB5TXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-QU9DPfYE71ZuFvEyB5TXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sajuabc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVPGSSfADySqBp-KhibEQm7FkK7cOWPtLk7YAqJHx9kChdakX1Fk_3DHXEH70wmOHnP6hFRG2ny-Qzu38QC3alzI3ojIVWqohBxNZgR2zDaSmYHaFe8wFWl2mwG6SY_3mgH5zkqrg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 28ms
28ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVPGSSfADySqBp-KhibEQm7FkK7cOWPtLk7YAqJHx9kChdakX1Fk_3DHXEH70wmOHnP6hFRG2ny-Qzu38QC3alzI3ojIVWqohBxNZgR2zDaSmYHaFe8wFWl2mwG6SY_3mgH5zkqrg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MzU0NTc4LDY3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vc2FqdWFiYy5jb20vIixudWxsLFtbOCwiMTVtTHB6cndMckEiXSxbOSwiemgtQ04iXSxbMTksIjIiXSxbMTcsIlswXSJdLFsxOCwiW1tbMF1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1480f8a0c1e20a42db1a5abf7b775b6fec09cfc1e406520877c4a273e72fabb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7rMov25OeTPExwP9fJl1mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-7rMov25OeTPExwP9fJl1mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A3A 436 B
234 B 153ms
153ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-6202023911755661&output=html&h=250&adk=4070059106&adf=390177109&pi=t.aa~a.641530370~rp.4&daaos=1705288355755&w=790&fwrn=1&fwrnh=100&lmt=1705283876&rafmt=1&to=qs&pwprc=9568589617&format=790x250&url=https%3A%2F%2Fsajuabc.com%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705354578035&bpp=1&bdt=1019&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3cd48eaaa099b63c%3AT%3D1705354578%3ART%3D1705354578%3AS%3DALNI_MYa3iIasiJn4mg_NPV2zUSqIXMdpw&gpic=UID%3D00000cdee00ce2f5%3AT%3D1705354578%3ART%3D1705354578%3AS%3DALNI_MY49QFcSAZe5dqcV1wRmvHlQu5u-Q&prev_fmts=0x0%2C790x250%2C790x280%2C790x250%2C790x250%2C790x280%2C790x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=12&correlator=7547001556437&frm=20&pv=1&ga_vid=1025955206.1705354577&ga_sid=1705354577&ga_hid=825628118&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=4716&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95321958%2C95320870%2C95321627%2C95322163&oid=2&pvsid=1858084845498572&tmod=684724935&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=10&fsb=1&dtd=671

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ba004f1c889e3536190eb81d95a7699aeab15ae997727ff1c4f8caa53f6ef2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:18 GMT
expires: Mon, 15 Jan 2024 21:36:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9071 0
45 B 547ms
226ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lrfg32ge&c=4533731359398&slotId=2266865679699&qqid=CIDjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9071 0
20 B 7ms
6ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Ci9IhUaWlZcD2HNvHssUPqMiRwAaZ7eiXdbXB1IWSEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTwAU_QcYy4WfEaFnzhOGFKoQD0DD8RDp9eEf-oC1Eqje9W38-z1cIO3W8UWc4FRigMS6JWW0yTC08T8LpJEoUSHdZvOiYycWjcR4VkH20TqgTptB66eUmmDIewtEOwCOXnoMg3XEADydU-DI_vnTuPc_HVrM56xoqs-CZ5sbE8kPM8VFCJU-0-KS7t2USXKmSnuqtx6Arn2FWTbl2bVmbCz0P624wAV6qtqva5QDKK7Am8BSRxz9YMp6qBullj_oJOsizcy2vHPA74-ciEFm-1B4yB1YBWFSxrWJ5_DorbzufDqiawFNTHw53PGJknTPMarsAEmau-wsIE4AQDiAXUqf73TZAGAaAGdoAHpu2M8gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDA4AKAcgLAeALAYAMAaIMCCoGCgSsurECqg0CU0ewE9PApxbIE8eoqOQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1705354578740&ai=Ci9IhUaWlZcD2HNvHssUPqMiRwAaZ7eiXdbXB1IWSEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTwAU_QcYy4WfEaFnzhOGFKoQD0DD8RDp9eEf-oC1Eqje9W38-z1cIO3W8UWc4FRigMS6JWW0yTC08T8LpJEoUSHdZvOiYycWjcR4VkH20TqgTptB66eUmmDIewtEOwCOXnoMg3XEADydU-DI_vnTuPc_HVrM56xoqs-CZ5sbE8kPM8VFCJU-0-KS7t2USXKmSnuqtx6Arn2FWTbl2bVmbCz0P624wAV6qtqva5QDKK7Am8BSRxz9YMp6qBullj_oJOsizcy2vHPA74-ciEFm-1B4yB1YBWFSxrWJ5_DorbzufDqiawFNTHw53PGJknTPMarsAEmau-wsIE4AQDiAXUqf73TZAGAaAGdoAHpu2M8gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDA4AKAcgLAeALAYAMAaIMCCoGCgSsurECqg0CU0ewE9PApxbIE8eoqOQD0BMA2BMKiBQG2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9071 0
45 B 543ms
226ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lrfg32gk&c=4533731359398&slotId=2266865679699&qqid=CIDjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.zu&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9071 32 KB
18 KB 32ms
31ms XHR
text/xml 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C_HzZZsSAfGCTVDWuuByCAXYBMniP371okV2vIxI5gJAsxBrJpSLx2JAWmqWYM9cA4faCiedY4vefYRKeYVz-So9StLg&cry=1&dbm_d=AKAmf-BP_s-qOsn8UXQllxKjIYYZXvaCpbF4ZGtoD4ABTRyrXEsTWm6Cv9uzaTBzNA8NEJKct7UCxuA0mWdrQd3qUMj5LAsAIPMDZuT3CZ1lQBd0iRnqAzMWVXBl1oar8IAjfyyYU8JMkNxe7xxeE2NUv1mqkLe_-N8SUjT7WekGkFJYYMlKifQ5hzHONdngBikdIi1ZV5hUr8DQPSKPNZpI-XHNZifU4owUnXYIVyg-8wGIxioRLNTonAf5orJELp1wXeBcEn58NLEe032ofT2tdMGdZjxvSOx_hk5erJ4xJ2xXmZjKnWyZoJsVFauql9UqX97P8hM36cBIgntbaLIeVZi9BhTu_cHcHwWlxaAcSj1yZ1FYwKTZrsQ6OunNS0_evqPoqibvcjGvedOixGJ9ah2iSEKrrc52L9nvYhtOPZ3_AV0atTuBu8_YEsSiDADz3kKL_a51oEO72wciq5H9R_1GqPu_JQlRwgER1MjwKFFGvsSn_B9jpxR6lbrTXtzhgxthgZIBixSrrRQs8tmDWVClevJbDEMw4GLOVarANfFcvEZQdfi8VkFLdZ30cXmPncR3svCLEy9myizYHooVxJ93H6UYw3Kx7Dev1hx8w0xoVORXhKhPQhPmbycp3D8bIy10wWmiG_Cuow0GjWjS6Be41tmtDqshONnDgodnwuumFYbKrHUQOGO5aYgTACyuwt9rTbxGONWMPcqrK4ULyt9DPNr_P2bJSHsUSVefdFmhsOPHj0smC-TO5vge71jHH3WpRpm8DnxaB4e7vKhDbgThR3nlk1hjdJJgcRtilOEIcRLa7u7qijgOnvxl5E52OU_XcpenkAzQlZ2QkdaZL9RJWjzVZzrXJjNRXVhlK7q4tSJQ5ClqoqJ9vnobdHVXbgqToHvcSSLNGFXoqIRksL_-MsLDwc8KKPGO6BFwM8pfTM5wGtwRB1HWCfT1gG02sAre43YoMQ8qdldgyQv6cxlRpOm_twMmGe0NN8vEpBgZ69Klr3mreM39x3uTO1X7MaizZjWqHpS9OPcg1TKfXD4y3CrKCIVzUNfAQC8omv4zBLlhmsQFDreAetey56n8TXLRjaSrpcleKHDPVk0hz1kgv3jrIua1rQcVfoe6XxCr8PWycwGVPM602N8m4HHFlj32BFARDb1HCvI2EzRs4ItHzh0kk_7fJyQd3vVJNQZOut-BIwr7OfA_OZle5aql1O49lncUMOZHLc8l3IRI6sQjTK4rujGeHO8BmUA7DtBZosbEPAXlgv-cX1BxgyDHskxllIG0qHA2SP1HtNzhgDhx4Nzn5rv7fZ1ESQ8q4GK4V1CPCjVMp-LDn_N_JNWRdCXl71kxRwR-GuyVDjtPtGhW3KxXcSl1yNaPlGk20o3fncg5ryNFqVI7XUIHOOODMvWDk6EUsS0mgPK4t7y5zIbOUCkdsrMr_LnnI6onL8CkyRRnkGz78F7m2Kalnea88c-ZgtztLs4jOkZjWOq6UiXlT2V_hFSeabix2aHuSrSW1ROTo2XP7BTc8WrG4f20N7J8FBbvtMoaklPTPDZULHTEGzNqdxCxJ_cNVOt2r2h7vd_PyZyFcLJycaqN2ZFEjo6wpVtVSEAMY543hMSoImErHV494t8e3r8as7WEkjRAFr48yIDJ0H4SawvHaa1krJNfaNQp1sspfy5lFJqz5I_Dd8HUcxNXo_4ExTKKbo68SMxsVoazT-6h1RdGK7n6jUPcU1pyphDlX08qKuhZzrGpoFLAZKS4DltVq68pgKH3ZsVXvxBBCI4KndEvvxA_olSs8WoDXxQ-sQt1eSzH1VfcaRaFxPH1OjT7aZM41zuSSBbafzi_PKyUXY6jirRwuhoAKsZkvP0V6Yt2MXHqrZcV1v7FXbXFMWAg0G5HICMv-tktor_4nGQfx8_L-3-T_xX1LrGgWJu-xzAbQJAYWJguPNMM3K8GQSss732pGPZEYlN6k3AbQaWLymgMIAiVYLOfNd6JCeHHqLAEEcDvyXNFR_nKzAf9fbRKbjQ9gAYnAVq5_DsUE0O5xJ8lTT72heFacK9_Vu8dqAGHU4_scUr8DsYiJ3bEFux0ovCKf9JelXDZmdIdUOwTS4b2ARh2Zo-PV3CGsIeGT0cxFhJNYJyAxHXIi5F4iW0oZOQWhiBOLuktU8z8VrUYGGMcCys391wYiWayvJVOmBpw-uwWfq4BM4htejwJ0oJb47fbiHvA60a8v_wMfG-YyI_9OsI1Yn9gFDGxKaJe9PLWKu2fU6ygHmmn7_LFdv2diqG0VwhZubGnitXirAPwcaQeuxH1raWIJbwchEvNfhwezw3pok1PlPmPdc7-caLsWYTym8jsDHeUaQAIMofx1GchRo3HqVU-tdVuTDPxeiA3eYO7L9wPCr_YPhlJtVT2LLPkNVM6M7W7-Q_QB0AN47agjiChwyvNdyAxxErM5SoZZwxhjNwLTnPhMYpYCtUp-wKSIpjFmvS5nnFIFLiZfaWkf_Y9qHaAXCLKvivgOtdVOiklKlhCCjXHFuonXFg25zNljb_G5aT68loEQ20yUbUyonNn3LKaF1lO8p15hhDpUnCkJJlmoQ-rpV-82AQqxaTRDyACriXItBKcHwakCtuIbFfBUBlVja_Ytr9h-2NOvx1y-KT8eF1anuz89hzet9bTQrpRTbdqwCeJ-mSchUXs2jNiSyAYa-hZOaITmsq7MnmnlJRFOh9OazgeLM_VQMpxdHXmC0F7rl6K5wc4EczfHQPK2LGimAtXyFGxTlHPyNZ9CFc74wll9NKLy-_Gb5_F2B6ZSUjxO2tMA6DjUn_cejukxTtX7rgUaUT98AB4UU5w_teckmnEKH64uJHkiJj433VkE1uQsEQLR1-62Co33k297SjFLD3wzsko6soTTMqfTcGAj9DIufSl7oe20WIGLqC5r9apQuOE_HaTmWTgJK3qaJn9tvQ6gbBpxvqrtVCeZTLAaGqdwBfdD0_TqqSDer6X9XqFuMkHsPgNc1zkLILDetRAZANgxDUjHI1PfoUCWYb1rylml_H_CtdR78FG_HDeFWrpt_kjbqy4lxfBLsLuYsBClgnwMzDugw78uzG6CX9x5mDQBbLx7PRXXI3tlPyWivHhTTZsHwWPqVawhjgAIZHWoe_DRVjm3MltUM38YVo_dVEylW2GtLSz-BxFCqFlX8TiLVa7JptoI2qqQtO6_9bZoHUhtwsudd81zewmnc4o9oVLj4I1fucCnSadjsfNjufVGdfFVa8zPU7nw8FIbEzBl-gv5WU3y0JkmIgGq7f74RBWNcjJ4Dhm1BWJkJYdqj7g7arkXtg1VM6Ew_u_npfHgNnFnt6ypyENNum7TkHPMutJaSt5rgBBk3ufGN0EFBmAdwcWM8X_g3g97JZ28UPYx46bYEwf_dOkxGQcvjaAw-QJOVvyaeIjRGokkSGUSrAndOtUr6quagIVzbMQpaz75OaJO5mb7F6rWY1Et29p84dXNAiBaWuLBJ8glkn6jALTGtq3MdfsHr9WdKTweoH5282EWb8VHEX8FbWGbRcYqhd5Eg0fE2R73b_jJmBBeW0qSo4Psg2BfIwLlmHhzNtJu1OqKY4ijtMMbYiquzgoQ_R-CfuzuBBmGsD4hhTjMadbeGRzB5QWjIhFKpXnrUaUaJ_DljSNTu21L132XjOxDghPZ3IkgFQqkZzVBcHtJcBddrrksoyyYL0KtTBabGX49MiPkxAIkpIBDfDOwlmc0y-FqZYsNSfQ3abuLnHMkiTYobg&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

06b3029e0cdcd7c221a33477d61a1247cdeacf77f04f6e97a69e1b64905bc71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17945
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E7F9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9420238af921002b92899e04f70a031b01a68cb7326e90633bf3a545f5f07192

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
54 B 521ms
227ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrfg32eh&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E7F9 41 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 06:42:58 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E7F9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

20ms
5ms

Fetch
video/mp4

2404:6800:4003:19::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CA8A7D5702DB7ED9351E31BC286681DED7B7859.314F59DE33DCFA382DF593B2FCE6EA18DBB3C6D6/key/cms1/cms_redirect/yes/mh/Jv/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoe7ns7/ms/onc/mt/1705354127/mv/m/mvi/1/pl/48/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Server

2404:6800:4003:19::6 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 21:36:18 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2845420
Last-Modified: Tue, 26 Dec 2023 11:22:21 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 15 Jan 2024 21:36:18 GMT

Redirect headers

date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2CA8A7D5702DB7ED9351E31BC286681DED7B7859.314F59DE33DCFA382DF593B2FCE6EA18DBB3C6D6/key/cms1/cms_redirect/yes/mh/Jv/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoe7ns7/ms/onc/mt/1705354127/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1C8A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d386277fee7de7b81328d287bb0bba1e669a1fa43794b17e8770e902eb2b30c8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
54 B 487ms
225ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrfg32hb&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2072&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.10j~videopreviewvisible.11d&ua_e=1&ape=1&ple=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9071 0
54 B 480ms
225ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lrfg32gq&c=4533731359398&slotId=2266865679699&qqid=CIDjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9071 41 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 06:42:58 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9071
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

23ms
3ms

Fetch
video/mp4

2404:6800:4003:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/04B8B225B393CE7FB92B944397FF583978A869AD.6214C373462A832411DF936F64521C7BCFB1B694/key/cms1/cms_redirect/yes/mh/ea/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoeenee/ms/onc/mt/1705354127/mv/m/mvi/2/pl/48/file/file.mp4

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

HTTP/1.1

Server

2404:6800:4003:11::7 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 21:36:18 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2645856
Last-Modified: Thu, 04 Jan 2024 15:02:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 15 Jan 2024 21:36:18 GMT

Redirect headers

date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 651
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/04B8B225B393CE7FB92B944397FF583978A869AD.6214C373462A832411DF936F64521C7BCFB1B694/key/cms1/cms_redirect/yes/mh/ea/mip/2001:df1:800:a004:1::6/mm/42/mn/sn-npoeenee/ms/onc/mt/1705354127/mv/m/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AAB 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:56:47 GMT

GET
DATA 200
OK truncated
/ Frame A73E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6330679cc18b6215ed4f5e642dbfeeab778daa2052366c3e136c1b34eba9f57

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1C8A 0
0 31ms
15ms Fetch
image/gif 74.125.200.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsufHErFFcKh5ssXInDxF0O0N2dJX-Krkmdx6q6C3SCpWMBeMyKTCXfrAxmaR6EA0mcENePjNRoDyTtVUuSn72NdPu5WJm4OsMfkZlBoDR9JtIOucHxZh6E5fIxOTSBgudH3dM7S6_gvzH9JBGdFfI0B8CVe4MlqLom-Yz85Y5JHF0Ui-W9W_MgieFDHvVP60Zn2ETq2fR4lw0Cl4mT7dyZjyRBRwypCCNEBHZeXst8nDYQoUsS7V31L8dtjjCAP8GYz9N-7BD1_AZemLwl5BhIIsw_GaFNqUHboS6MGPPxfs3KxzJI6cNvlxwzfg0QbiBAaVBKNqpbLRfUo3_s2mNPKUnqEdcEoJP2R2Ivd_sdJACFPYCwJrOIvO76ig3Ew8clLYefHX8uTqG_Y5Z8W3-9595cw_Rjmcrsi6bVCyl_4C2BUH3tMppKL0EXDtAIy9hdFhTKKQOUcCZbKSGOkH2vrKvShd8XPOy0MJhfM-ksfAWHnD3dZ0gk1LR8WVD6IXdQDaa1lcxOoHIzRdeFBF3kEojAccB8bM580_wPtE87-8AWLX5Lr3dCxQd6uFXpoJufPgdHhORdsv-16XSvOK1NkMkfM8gNdALdhhQxgIHDhwwWk8AQ6WgS436h9xCusP2ik33-UmsK0Q9GyJfyejYs5nJlH8MYETFdaHBbu5ktCARZlQYGK-0TSx_7Irn5bXsTLQiaYGG98Mp5_Yg4L4a2aL4MKK3Y0pOBgMtm8AzbouukcVRnx24WOrK8Km_xDz54hbwl34FTtlXStdTG1d8c0369FH8rFyJ-2kpVnBhqrUR4oQ326dU8YQV9V99kAt0Dfi6rLDi8f9cOUyXLvy080uaxqopYa7p0M0TLee08bxrbexo35GPIZnBdET2mK0WotQUHRWHjeJKbTo_4XnJR89-t6_7UBSd7tB5nWbZFXs8uF4uMmjhvQcQrt8lPFaZQlZvhdQs2RJrpacbjVZ3Jy_ugTtZ_ravvrSL9PcGX2yFi9gFnU9NZqJ0AqikJQY3_XAxcvP05EaSUhbvLxY9gQ0DZCXPFmmRUUg3HdEvWE8lmv-YbZtB9wI1pDdfIKOP-V5XT04jOpSf-S-1DuhFtvJcS_R-XeE0jCel8JHkNFsB1ZGJlVCi43SInYz_JSRNMIeL4nKBApajwCDd1MT2YYcJWPosWUtyORza8wZSeCcTS5jswjyIjKcKv4km3If5e1CA8Wu6FzRnyt7V_do72Bg8IpiK_1xJjoYIizEvw_mrQ1_b29qzTm4nv5M4lF4R6IgJyYf_9LJvkug8Tu4avxGzdcOKOCDZJJiTMQG_KBXDoNY_iQ9Q&sai=AMfl-YSwyHRovCeufTosIcnbXfzmpZqwcRi_MosqNCmKrvrmgPrxYt1yTrpM6MRceV9EJkX1J3igCIudznUJ1UtIlicgQ9wAlMrKy9IZ7ZGUaXxipRv26eVQ-KvIVV5GAGFMpBwJm5MDA9N1YQBHZ_xeEG-doSmZDsjKLfz0kyh9L71GpDq3efASID33rXm9yw_Xkv3gLBbvc3eheD5yDyf9TD1_kytlzYAGyCRkkCxqDqjbMDlqfMFv6cBaYyG9lJhpEITjusqPXO3-7J2Yx0gUGKdJ4D4i9BtbbhbNXgYQYS9m7gZfpMb203arGaSf72zpDmbBihe0x5maCUC3BpcwGoBGzkyKdWbaFjggJwPcZvlNP_M2qx3NXbWFGk6ytjeq2pKoTh8xvP5p7QXa7rQy3OAHZgUVp1onrhMaWrS2r2vAJ-svWM24oeZ14wYaEUIN8aaHIpB3uLSTWsitqUrnZqj-4xEICZSaX9L0WjmjeP0yvtwlIBlwWZeMjJXcdQcXwA36cZCf4A6SSQ&sig=Cg0ArKJSzLtBkUcpw126EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rZmMuY29tLnNn&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=535&cbvp=2&dett=2&cstd=0&cisv=r20240109.04763&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 AGSKWxWkKPR4WML_DBzu-xUYMfR89QPGtrYSuyYqtr-EZYDF12w0zGaJwchgX2WF7qG4V9PrTNWQvSJFI4KUjd3Uy4m03GgOflYwdrUoN6FxJcMkceJ10XKYWx8fctu4KSDZnM8MjJoHqA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 22ms
21ms Script
application/javascript 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWkKPR4WML_DBzu-xUYMfR89QPGtrYSuyYqtr-EZYDF12w0zGaJwchgX2WF7qG4V9PrTNWQvSJFI4KUjd3Uy4m03GgOflYwdrUoN6FxJcMkceJ10XKYWx8fctu4KSDZnM8MjJoHqA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA1MzU0NTc4LDgzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zYWp1YWJjLmNvbS8iLG51bGwsW1s4LCIxNW1McHpyd0xyQSJdLFs5LCJ6aC1DTiJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzE4LCJbW1swXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17a934ab6e704c8ad131a57140e7bf8011e431c54c636b2a9e156ee6b81f5f5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JYksNUMM_0Jv9ig3KtdXLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-JYksNUMM_0Jv9ig3KtdXLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C76 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:56:47 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A73E 0
0 15ms
14ms Fetch
image/gif 74.125.200.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsui8-JQ80RApE-Lj0ZmpNsMKh09p47HGAR4DY-nnYK3W9SFgniDhHnOGAgX05uxJD42TKKq4YaJRXmtNoNPU15F_WeJubiaFrlbdV9lTrcImBnNG0Abv4GO0mI06w6w8L9HVvbAUDCqpx2PaQr3kEqIhD_AFUHsnC2K2WaIRVQ3K0XwOhJ6Ife5W8qvX7T411JKBcNwXhvg5s_yUlKh_NUElzhO7e55moZN4guh9DAxse1HnUcXXauUxlN56LhKhzoYkAGmF-wYrjhQGHJD7qLgbVZDC3cJugDAy9VdjeV8wkZHG2ZLpgHZl5YNlJ7XgNrACZzQ-mJBnUr8AH3Ola1fwRzqpMst2SoM_4LTAdkKr6ooWMcCRCR9p3j7Frw3_TiVPfi6cleNZPdqVc_YW28NRVUi8WYUhwin4wYfOBT2_Hnkb8yc3V88sqd0DQ4Ket8SxWWEdJlrKfp7m0GrLqdtDoENlidJCL9zhxNcT6vQtpO3XafH3DrY0t68uVEZHwEVxyLDQ4eyVB7z3hrXCbJCHZ47tLeXfvwJOg1qKZmEegVkrYWVjjwDh6QnaRRaWM1uSKZY7q4McMkF4Dj6NWsex_V8s3OxzKwkCFzbQn_uHwuArBsOngljzdxiDh_XeY8-t5ZE-RZwKd2ErJbjRyVJ3TFCK1lb9Jnr_2qgM1t62tixVCdnuAhzxTpfa6XM0y_iKnfysvgoIVbsV-uPMSzLBGhn8Su6OLcRqfgBowMAylCHBK5YUQj7loDf_qzQj0DkhmWsg2eZU8z2n0lVv8wFS95tRsJI_EX5yL8bfAc9zRf4pP7eo4q61V8K7J8O_3YK2axPIlIIaKZkzYZIWaleuLZ0EaEH0Jna2-iYHwFf6QSWFWf8cfjf-T6X36oMmklhpKxVqZddR04lbZ-cOJN3rkeCUNsuyjZNiuH-DUdpX7qrTPlz7LfgIuLh-92DFGjETvztH8hOnZCT4PrN9gcOj4NWFS7r4bQiGMkcPqO7IgrO7Dgvkpz2mIut8OV4n5Vg1zw9U8gWxw-VUsax86Qb9NALpmxI74TVyffro80ilPS7LlLaCbDUn0KH5-cV7HB4l11ZywYArMBwEzMisfeRzvkarcIN2Tg2STRtDFnSR9yk56q-TPrHeDrK10yuVMxMvqy9hVOQC9m5vRAsLvXB9QkmWlDnz9bfWVXBbqBDh4JXqpWbbLLOTT0FtPp5SmAfg1jgCMKyk2UwLRYlqKtJ9Y7nmUdSmDuEcuSOqHd8Bjy5M0nEaj52TqCxQSq1sA5zleYBdaVgTUUDRg8CHZ-IkZKCXn1UcxAV6yIXJXCFm7d4Sqs&sai=AMfl-YQgL1YMbmeyUtkGawcX7OGBnmS7ItxlzY1V917wPl4Sw_Z5hAIMH0xZ6CGZC6oKqo4JNV1YJvjuMb_4tWn2kMpzU4YcYUNhWk66wtQk-0jKKURtfb9c5BLci_-8QdacgB-F3-6G9pX5riTViT5dNJI3fGQpOI_mN8NyIBQki6-a0Btntiw0FqiJZHqNQgI0cj0k7TggOPy1g0IVqsBeujebdEDTxDujNKsg2v15E0pmV5XFRrkpmkL4eVig4Uqk4JvvZmS87cMG9sYIwl7KbiSiiVLihF5uUaPlSVXyQ9NShG-mLlAq-Jno4ELyFqNfY2MRbXHPy57LtPYndoSnzUTEOcr_FRZ7H6CttgabpsdH4jU6TPyREzPyaBdE5Vvj9bROHdW-OyWS40MfaGS0BtyNoJyjLEOx5ZhK8T1kIFM5usqRC_RR0u90IkOl8F3fpp-HQeoAnjfBZDqN2OAwBhVknjm2MnErR9NdagAS9dof8sDbraTq16cScwbf9C2R_8YJEi8S-RkySg&sig=Cg0ArKJSzNm9zID5VtKoEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9rZmMuY29tLnNn&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=509&cbvp=2&dett=2&cstd=0&cisv=r20240109.10405&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 33E1 23 KB
8 KB 8ms
5ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 484668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 06:58:30 GMT
expires: Thu, 09 Jan 2025 06:58:30 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C34C 23 KB
8 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 484668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 06:58:30 GMT
expires: Thu, 09 Jan 2025 06:58:30 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r1---sn-npoe7ns7.c.2mdn.net/videoplayback/id/82b3fd1c7cc60276/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E7F9 3 MB
3 MB 11ms
4ms Media
video/mp4 2404:6800:4003:19::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:19::6 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ff254d65d391a632ecdf4d4662817d292e7c979019fa10f582f2a4bd19b6fb82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 15 Jan 2024 21:36:18 GMT
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2845419/2845420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2845420
last-modified: Tue, 26 Dec 2023 11:22:21 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 AGSKWxVcdAYiJgEo0lVqXR23PSy5utmNxiH5Y3GwFvIP05sA91xLhzkJLFH0dakHOoWBXB6ovFPeGBhj7CEZv6qslt_79-zLWT1k3hFfW0qZ-I5J9_EGU8K2GGLokqecO5tkQpgt0ugI5Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 10ms
10ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcdAYiJgEo0lVqXR23PSy5utmNxiH5Y3GwFvIP05sA91xLhzkJLFH0dakHOoWBXB6ovFPeGBhj7CEZv6qslt_79-zLWT1k3hFfW0qZ-I5J9_EGU8K2GGLokqecO5tkQpgt0ugI5Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-um27dVCEmsAZ-zoxAzyttw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-um27dVCEmsAZ-zoxAzyttw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://sajuabc.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
14ms XHR
text/html 2404:6800:4003:c1c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX1rEiQnntiytq4pKLJjz37DYs_1w7X2exqnaCc3ifGpx12FTjWLEB5XQoxwiBehD0dpXmMjw__j6NIOfkQAB7PdhW-ktW_Dp-lZZ6-tXyp5sP3Jd3FLpOE7M9_mJbKfUgrG6EEag==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pLI-Z2LGv0KKzcPBXI-Vpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Jan 2024 21:36:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pLI-Z2LGv0KKzcPBXI-Vpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://sajuabc.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-npoeenee.c.2mdn.net/videoplayback/id/68b4825e202fb67d/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1736890578/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 9071 1 MB
0 13ms
6ms Media
video/mp4 2404:6800:4003:11::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sajuabc.com
URL: https://sajuabc.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:11::7 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 15 Jan 2024 21:36:18 GMT
date: Mon, 15 Jan 2024 21:36:18 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2645855/2645856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2645856
last-modified: Thu, 04 Jan 2024 15:02:56 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 33E1 39 KB
15 KB 10ms
7ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:56:47 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 242ms
239ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sajuabc.com
Date: Mon, 15 Jan 2024 21:36:19 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame C34C 39 KB
15 KB 9ms
8ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:56:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E7F9 0
0 8ms
7ms Fetch
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtK18UaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwGqBO8BT9CAURWEbNPx3d7uYtJCjtpZaleoCmSoghLQgySqmUPo2hXWazFAqqHyub0DjQDk0Swe0_cj2HzxLhisnz8vG4DPiD4VWsPAYafvH3FVqxEBstxQDyd6j0lWiAQHShOP31PqP48LwkmtlF-kHQfi1HBIkkiPotl-ubmq9i2H-HE5PquzEyZj0HFudKBLIo24zpOyP6y-QT4UVf1nl1vetR9jn_jCNtv20ahxdJz-T_J_OWJyvQY2HaIT8usZu4HK9XWVw8UDG_rZUnIcDFSBnJFLZBW1gOWfQqawn9WhF-ftOLQCVgiSTTiM9GklxvPABLDamNneBOAEA4gF9v-e7E2SBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB6btjPIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ89YWGLnrvYIC0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDA4AKAcgLAaIMCCoGCgSsurEC2gwRCgsQgJbHyIy8kuevARICAQOwE9SjpxbIE_XkkeQD0BMA2BMKiBQE2BQB0BUBgBcBshccChoIABIUcHViLTYyMDIwMjM5MTE3NTU2NjEYAOgXBQ&sigh=OlDVf8l2dEc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
Attribution-Reporting-Eligible: event-source
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 Jan 2024 21:36:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 17ms
15ms XHR
application/json 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec34ff07756114c8517bdabbdca6f6d5c5b4aab9e2d54662de6d5fa4b109caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12119
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&RedC=c.clarity.ms&MXFR=37925AE6A0F36AC22B054EE1A4F3646A
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&MUID=17504DCE1ED06792011A59C91FD16675

42 B
441 B

37ms
36ms

Image
image/gif

20.205.115.81
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&MUID=17504DCE1ED06792011A59C91FD16675
Protocol: H2
Server: 20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:18 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DAFADCE7EFA4ABFBF51D7B4C29E163F Ref B: SIN30EDGE0311 Ref C: 2024-01-15T21:36:19Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CFE4AF6C212E413F981D8059D55A4246&MUID=17504DCE1ED06792011A59C91FD16675
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKr...
ade.googlesyndication.com/ddm/activity/ Frame E7F9 42 B
401 B 25ms
7ms Image
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D56%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705354579153;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E7F9 42 B
64 B 13ms
10ms Image
image/gif 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=Y6AvZlsoewI&label=part2viewed&ad_mt=56&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D56%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705354579153

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E7F9 0
548 B 32ms
15ms Image
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCpq22hXgQsT8W5z8yVGlVHaW3ztEs2gjroTa8rRAPoiHORvYkTeGE_EYZpmX8NWjpYh7NVJRGoYfGxxo3Gyldo9ypDdE7gUJHD6AmO34M0yJawiq4kp1NFwwhyhsaDUIBGb8wNXDYClpQ2iiPS1srHm4Q7q9EEk9JzJlc8nB_eZQHnV7BY9XAYe3gFFX7fjFM9ZOtZ8-MX87UgER_YXw8UbbmtKU6lAWk_iiU1KBKd7m_T_i2WZnBc77pz1Itxgi3NOwmDzyPsee6EKZQmAatQbxyWUFP8A17jCqTAFQXrv-UMpNAocJZzNdHzZVCZnGzW0JnLyQF_L87nd1mVwICww7z2GTscrZ9d-2q3LYPdNp6N_RAexA80hscVekMHQgFRRw2qXAynY5Y_rzADMKy-WmvFw-Mb8NDo7MiHXkvKx8QrDBIP7dNxVYh87XjFD80h-pp43p-J9_xlqBSq1a2m77OERuj93iBh4cEQSh_6UOG6XFb_ccp77KQEwc70pZMiH3gX6a83YoiZ3JdlOtKx6BJ7uyFNYKeqLgYrrpMgLBcyf7JFImix8QCOEtzkL2rgHUJKhZ83RTuHgX3ERXe0D50dz6FUDJiaq_4FKPWxu4v9A988FM3HkUjtL-phl-U--qYzJ085GkcUndqzlztGCn5eF5P9A3Zh-4XYhaIKS0R24GS7krFftQ5P8ToeyRuv4XP6oG8KeXj4iWfgMQ7o5aqaFleYYixcDNAboBznjfp_sKvpt9vBNF_OQVulzIJFB0U6swXt99LO-3JYeotqOsXzgByIAfE-D_pNXZ9B3gOw8K_a8zn55WZpVNXTyPZNYudnHuIAE5Taz590bn-Fqx4BwzYZFFZWb19CHK7uZUtLlveqZMdpxeb8KB5HeTnC4XkasaHs1x5xXULo1-oqVsDMhBcPIbdcpVLEsNllVx2mlY-D_zsHVu9WROrrPKqwKnfIpzk0ADuro0xKo5aDMIv5uRIBJFI_cpFyARSklxF8L90T9euUDbVr4kBkGY182mgzk8zjSfppRp6ZnTyaHJ3Mz9fxfJdH5PlZQtNsDepHCfMmfir8h2BV7cazvNNYXuD5eCaDUUjlpSvuMirdbQER2bZN8vnzfSl89TgNzEFgToPy7srOfcAH4IoGgTXh-LjZ66UzdE75NhoC5B2bYC2gZp2tf2JBwkXpdLz3BGhSks6o_NJ_dAOMpvQyqQZFZ4CVXp6kQloRPvrSSr9i2XEukeIyBIf4gJ40wsO351si396oGSUAW64M5ikUjaQ-vc-2Ps&sai=AMfl-YRbQNEYDI8KEbDWxKzTBAzusa0m83WIv1h4zqAG_4TzSnCAYUC5bCh9c9agBMcZz-qzxND0S957cHD3OppZu-Knkz7iakG3Zus12MnNbnZLfCT0KOxtSjbWbwzICOaKneLXNFqeSB1XiU15GPRUzL9X_TlwMD1TKihQEeBiPBXrT-zraoUfINTkg3bqrejWJw7ZljnlwM1Peokm9NeHZzFQ7Pcbv_Ro63ZJzQh4pPp-xd2tM9HJulQHTWznp55ZaRc-dGFDZX2Mbh2bMfNML2f1r_gxGGPTQ9DIzMUGo2HYI1pVMd7fXqt2pnHKDPCcOtg0&sig=Cg0ArKJSzCVKfaFdem8eEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

B31115596.384579451;dc_pre=CP7Doe-s4IMDFU_wcwEdoX0CzQ;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc...
ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/ Frame E7F9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdp...
https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_pre=CP7Doe-s4IMDFU_wcwEdoX0CzQ;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_c...

42 B
63 B

20ms
18ms

Image
image/gif

74.125.200.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_pre=CP7Doe-s4IMDFU_wcwEdoX0CzQ;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?

Protocol

Server

74.125.200.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N4021.4015482HPHSG/B31115596.384579451;dc_pre=CP7Doe-s4IMDFU_wcwEdoX0CzQ;dc_trk_aid=575458185;dc_trk_cid=207839070;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E7F9
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDo98qiBRi5672CAiABMAE&v=APEucNW_NvXPsdDaoRO_XE1eWQMQZKGPgmpIYalfOTdX5pt3W0_39PZt2Wkmx7z3zPPY8O4bpdM29zCDS5R_TbbpThXqVfUPFNB2o2Mc3zrxrZwJcREW_90
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaWlUvUBVtLCOCRI.hL.gAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2

43 B
737 B

21ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvi8eJn6dEpW%2BmD3Gkjuemen3wuxB2eHPCQWuZAP0YPG5j%2BJispido0XV6bZSPhesMx7bppHd%2BL3DqEy1pJSIoq7m21aUfgp8HBE0%2B122sOclD8QRkFVrYV9kZSlU0e%2FOkuGvvy49%2FHPZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 846140e82f244024-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECj3gyVVhO8Ct39xXcDSzVM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7F9 0
20 B 8ms
6ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E7F9 42 B
64 B 11ms
9ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf1UMn9eL-0dqcFAP8UalHMPKo8ARqTywA3-pqRC45Dh15onwnL-T06hQgLMoLYIjcPxAdC_Y94VDNaLI9mRfF5PuOoqwp18c_a9gYL7AwoH0jpZM6N8icQAYQeHfUGti8fpoTp5Fnhk4ccoTz71sWFFTd&sai=AMfl-YTna-JzLOvbJpwGEI-K4dTRBQoxR96iWhQxBuslrygtIkJ2ZZVFyPf9XfnJcdPYIg86lp2kYeIN5IBFVUkrCKhs8d_cYA1hqLPwmA5rkK5pEY75c5N0Wy9GN_DkK4_o-jXLCVgmL2yZMhvMRR7iXw&sig=Cg0ArKJSzINMunopKtGeEAE&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D56%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1705354579153&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E7F9 42 B
64 B 13ms
12ms Image
image/gif 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=Y6AvZlsoewI&label=vast_creativeview&ad_mt=56&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D10005%26vmtime%3D56%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1705354579153

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
54 B 227ms
225ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lrfg32i8&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2072&mt=video%2Fmp4&vs=1024x576&dm=10000&umsem=0&event_name=first_play&asset_bytes=191441&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.1b5~ff.1bi~videopreviewstarted.1bk
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 9ms
9ms Script
text/javascript 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 21:36:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7063 13 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 309097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 07:44:42 GMT
expires: Sat, 11 Jan 2025 07:44:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6CCD 829 B
1 KB 34ms
7ms Document
text/html 2404:6800:4003:c0f::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::67 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9875594e2b7b6c6a9e2d1e20023354e031c56d80cd285cbbe5a7c15fc9098426

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QlevprrnIIcvWxN-m4_MBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sajuabc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QlevprrnIIcvWxN-m4_MBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 21:36:19 GMT
expires: Mon, 15 Jan 2024 21:36:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AAB 0
20 B 8ms
7ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BkuNaUaWlZcH2HNvHssUPqMiRwAYAAAAAOAHgBAI&bg=!9_Sl9LvNAAaumcC-jpk7ADQBe5WfOM5VK-Bwi-dYlEN3w91kzC-F_vt78jGuIGXc8sbb76oqHtSAife1-abJTzx3NRvaAgAAAWxSAAAABWgBBwoAkwtxqnukHgaqOGvNHk4ULh2rD-HcosutrnFjqgaxdb87R7Lc9pDQL_Su3usZuie5mnDtDl-xK4vVxOv0kEXXsKi6P947-aW2UCTC-AQ6ydpL5o9a2oWd23UqWdlxqS-uOVORLbguWRG4c47BFw11lHcee2X60dzHo5e0j4L12j_ZzJPCk4iJuJGC_EjnF-UpG1_CfpkC-lCCkHZz3HMJqQLYKjKYwvu0bRxxtbPKRj-JNjbSOif_xV_ezAHgOrFAgInrSxjOtYUEZCbGopk0ltHUj1V10_qGpuhhoFjxRxzY9CD3JAQYvwi0EPwYWvtDxTVDIii03TB4FsLc4O50v-tg4LynrlD9r3iowYvWt25lNwjFCobpaYJz7A42HZB3mHeBY5-7remubNHrQyqNp3QkU341QJFFQj9K51xldaMd0CjV_rwVoommwKfZAXcJchL8gKSwCDPm7dZ3PmhyE-3Fv22S7NjCi5DI2pZDSRnMpMi7ajupA71ONdVTecDNZfsQqL4d4_Kg-NOs4Mn_u6kMhbOZbJ3AruMQ1Ld1VteeuZQhGJNVRILZ1Yam5ikVIhiQrffIxgtmbv_xmIpf9O95WQOE7xRJNIVGfn74iIfFoW6ZLe_utW3uhK1cyLxAKEQh_wVu5jTx4eZMiMD67gW2He5ws6nGliKV3lYBoY_aytMXjVeF5_q1eRNWJFgExuVJr_lyRw6NOZegXtiXmzB_zqJo_yEFSg6b5LKJ81X34LGtJWMCXyXQk4VpJXpru7LpywaYB3GHo_6fS-fOU9jhsNmhMVakTKdYF9BVkxtpNufNxZE62d9ghDZI7s5AWFLo_wYTp_-SsxiC-7yj2gn6Ui1PKi5KfrRqgSwhgMs4abGupJmfwTocvHyDRnZmBtI3vWVqr5cUj4x45GVbHSzm8stfjk6-baWpIQ4vz7sz4cDCoeMYiWD4SkY-jRqPrZPRz7KXbq_GmCuJ4tkA3dbfYt5OdJSiESrIXdcq4DRddc1_QHeaW52eekwPmpvRVbPuz-2LpDJouV69InL1e-eRlt6eh3ZXPc1176rnlCQ-9B_vFngoA2xU7NFt4U9NjqdfmDO3F9wcqVZfAtS-TySfplKkb6ZOrpNorQyQQS58TrRBs4TX9WgbVgeOKzCE9HI0bxtjx1tOPyWaw9H88ZNw1VzoVM7C8SQax4uOunRLMd3qbaHmH1xNUgyUbVQoaA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C76 0
20 B 7ms
6ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZXbOUaWlZcL2HNvHssUPqMiRwAYAAAAAOAHgBAI&bg=!19Sl1JvNAAaumcC-jpk7ADQBe5WfOHzTQCCR4LbY-XPs-cv5PTZ1Fd3o3esNZD8QuEr6KmFXamKGEDjiZlYvo_ZdX4s9AgAAAYRSAAAABWgBB5kDB-8CBeAFZvmWZeGetgHJup5ypqFWCd73n0fnuebzCnShuKzrcHO5af6FTDxcIdXz_5B-RQH80NBTdka7wYOzIMLZe8y_x9FhOddlUVagHTUHiUVfS9059-pDWn0aSQTm2JyyyAvoCGT4BoLEq1n7K0j46_ym7GE8fF1I_xe9l6dUkcwdYGAN50-7UrOIXao7cO29Li_MJ_pdOoHex4kOSSReoEgMX0s1GBOjuRVChRbd7a3SRgFpGyLUkAg0Et0Cx1t52o1ioUS_WfW_Ou1euXLvD2xCkcU3GO4xpel5pevpBRlaLQsdsNI1ZD057vTnqTmAbuQn1pRD67_sSG9_A4R5ncjSrHJ4BP65FpcKLrCpnrfHthQ398757DhPyoJDZBtuC9ETb0QlclOx15TZuKiE3H5KmM5MhH68pGZhkotc11YBEuqeuhy6r-QFHM319zH7PkhHEWThRPkdGtRB8yl2jRoaiznruy7qQwtzeCDodOJinwArv-JrDeDHIKQnfvb9IIYzTn-nXPetW9VTP3p0HytjSQ1ObtjK5T09En07aTmY6k3Zj_b1E6fozwjj9avCm4a-5kyTTJgfoVsHQ0efTf4EvQmapxavpTeOxxvSGHBmEL4VGpViaqxgLGgPnAKYf580Phk9K7eWOlO2IAqKGXN954b9v5XnbJjTjdMdFeCGSg2VDOnje-TRm8nvjEWathXHkXxJ_RQGPepUVtGPwZ_ldZHuO0iiIfIf0X4ucoYP7xJ6uo0cU2EDmQQznocHO3qKbpuu6yanY1M3B4vyQIZ93GuZyPJO6SLPVqmvDw7hQniWDxnSgVPvg6EpUsTi9BryLvfgpWRwNS_M9ERjtlXvinJybyGQBKQjQTep7FvRoZjb5Hb8ZeFxhN1kdQ2zGiqDxYp_T6qtZ85-ime-jW0WO4iivAn2YhZq0PGIm3yGWFrPazKdonLcbKt2CZF4igiI4BeQ1SfhD2Ms4i6xi1UKbLi1q7I1S8MP0hbxMrNDIUeSXr2l2rpsKlV1AFF4Q2Q89IA

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6CCD 0
0 7ms
7ms Image
text/html 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1858084845498572&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7063 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 11:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 207572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 11:56:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33E1 0
20 B 8ms
7ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BTw7-UqWlZciKKveZjMwPi7Ky-AIAAAAAOAHgBAI&bg=!JySlJGvNAAaumcC-jpk7ADQBe5WfONTlFq_pnkIx_rOKMPWWlfE9WM974GJyjw9WJLedyM2d2r_pGsRooMX8VdyKmlPrAgAAAaJSAAAAA2gBBwoAqVKNQX3d-UbtXIzvwMnzky-6OguEoAMo8a3qfBQ6PGlo4LZs48F0F8QKyUI1IZkgs4HTogmylvi40N17_d79amXjXTilqz44a3DvJNkaPS4-gsF9RhjHJtm9Q2rMyVJWJ9CpEYMyDtw9-qoQdjU7-GSV6orRVg9DO8RzP1SwafJX7CxmJ3ddna_HCmi8pEZ-wktltPXUyh0oIFuijZfXFkasWDpl0n2K9g6ZAuX8El-n86PhPVAHxMWZu_OmjEnswk_55rqgdWw0N5juNzphK6FXT4BWqb8SKNTfd1smYUFjIBqG-yV4haZma4My0JgGeUiXy8BkNFAwv24-oOTlMZZK211fAAKMGaaRXGHqm4El_JB55h3tSsYLfQDzDFeKId-KlY75P2hMaugqC-Vk0U4DBBO394RG2YYI4cJllBvd5wncqYA-BxHdG5c9n-xpkeoktoKb4EcsxNKNNy0qqXzTayQknmTFkNvRR7lgdM6fG7cJqkCMoscskKoHsZRnaCCpXJAaiOpLhir68DFMnC0UwxnovOlM3YiFOGZ5HrQxaxtbEUVvxZVdP7D9TBMi96oLYBG-Dinlk971FBp3KKScpB-E5rb4xQGThQUpd9iKhbTKcQwm0k-q5pJsY_KATeBdUgytu2TAS5JH9Z6jBjJAetYRsSHoklUQwxwXa3f4WbRnMGNAAwLC8FBMJfdV23G0PAaxzPwG3lFetu-SDW55KmdDDCAxW11ryi8mTImfdj83boIKTRl3vd1kwElyhwFpdbIY6eme8YvwpVMt5FUFEm1EaZ1GcnShFZeLctTWGRUDyC62F60Ro197_zrrwobJB6PAvAMA4NiIPeK1y-kaywlJcd97ySvnulW8Lsdjfosn4WfDIHxt5iLAR6t94GZF8AiifJKXbYZTb4qBl64SjeqHAJlVe4gz9x75gz_vPX97G2S5YUqJrEOQJksiNJDbwanxWPz9eoSBzgPC9jq1Uls-_vASf-hfqNPbXZZQKfHITIs3INmbNSgiulAfdyF-nfqNgKM7we4C54fjJbnR8a0xlzqomVI8EQ1C5L8blOTX8FQtRzGn_HcslJy3OD2YJeay5d9QzlwML_EwEUxcRxgHjVCzKJkXl147U83NeOsILOEyuJaxPW0wtqGLtAb7DhtoKIi_kDwmzITml0jn3JoFQHLAOisbgkyIFFBEqu5zYFuDJHyluqDsQk_paCg

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C34C 0
20 B 7ms
7ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BD6jrUqWlZfGkLv-_jMwP3Y6YuAMAAAAAOAHgBAI&bg=!NTalNnnNAAaumcC-jpk7ADQBe5WfOH1O8HArWjhyaTk6nzdcwbwYztClYP0hP6DvJTVa9x330PidDRx_H9Gh168ik0igAgAAAZNSAAAABGgBB5kC9gwNYNT2LPBtwhyLCJxjMv7soqwOPPaxWdRzCwIbR6QNhwsg6mgXtBYC0dc-feZCtTndhIXH4wLHlEi7eifembjnEgrP_h6RpryLZtdHg_4qS4eGXiGiCEvD2QQxi-4_6aXlxWUUAz_yPMpNVTkjD11siRKm9KURKjTk8aGUsuQw1SqP5KM5DyVY55Xdu5lqtmyn66ixg8E66hhkstl_ojWZC3WXmxP31OBZHqcC3Jco3MPBhsYU9UhgeiEFwvIHlci98V3XXvyy0XevYFfPJRJURSa4-saIwmRz6fuYfL0miPGIIV6u90q8Z7eJpx4ktdkGWwehJZ7OTOy7OzmRFX6QQkdHOgtTSrOWTYU2ZXkNJPkmFvWlXY2_GheZjLQlvx-lq6dby9pE2oG22KnxuvLhlt3qG2ch-RigozM5uAFBNKG5pWBUkfFvZ9EWd03L3qwSRzu-oqYS678mfwknsQX6JFfulh2ROCzNzNlCz1W4lKfr8z8HEe-kQaXWMEfI1ivSLMUbrVWSibJpKy2uJNfX9xP7Rs8FihJb6FE8tpFzsXP2UCWywTQ7U-9D3dwET-JyIKmF0fMVr3AED579AVvWQL82yDuWoEixMZKBJChD39-WOKZm0ynIggnpwVPBhrJXcFn6-6IgZL0tPaCMzAGqFkq-p2QpONGLMovPqWDd1gchjmCQ-JXibdQVcuSr6MNIzh7Nwvcopfi1INER3943HqK7Ir5t9IKgQVUVWB8wOR6FDiVRu7d_XdOPhpQb0ImfK17EVFWW8-lksD1ELHf6nEU_ZEml7G0a7AG4Go4yfk96rAAIVKDX33HLSWz49u47bH-RfaQYbSZpev7dZH_OHYLHyjlA-IUbB0OFKx22ZlQDzFmQ8ttkV8Zch6Jf2uf5hsyl02PtCgAj-LLFw2bTINlrCOUx4eN2zyLgCZBS8_imhOCLWJNrHdXBm5seluOK2eRFvXbsfUKR5lVF6oleFRAgXQE6ZOBdggJ34v95XBZzTR20

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7063 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?j2w1hw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c00::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:36:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C8A 42 B
64 B 10ms
9ms Fetch
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8eNo_ZetYtCDo_V9qkAih0qJlqInzoWXYkp-Uo7PvlUjJON6DUV0wLa2Ah4lDWfiIRqhvWBs9kOUbgKfiF8tlJOekU59Td5DX-dUNKG8MSDwH4shSLd5iwf2TAmpmDqFrj9VQyod8PQL8gisK0nTs2EgC&sai=AMfl-YRmHA7YWte_FY4pN_efwrSGeWp5wJ7fC0dwDNXGydWemWumM1QoRzEYyO1wJZQIdJq3NDqr5nTyVUwpNsOmQgfcPhxUJ4laICT0YbgVMKPvkPbyZo6fBe8qYWylxWAqDFq0sZ8xaRY8WKsghWynjQ&sig=Cg0ArKJSzE0opzr9l3DyEAE&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705354578271&rpt=341&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A73E 42 B
64 B 9ms
9ms Fetch
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuheGd47rEoS0S72Gu5Vir86rOS45Fq7gkyUFJjRhS8awGHEylGOtp_TowYX6FG3E4J76rq-cyl2Hy-u8S86mF6qXaYm9xCM2hrSbB3EKXsCp2f0mb_NbgCtubPBBrs6T3j9zBuhzSt-DzcdsZGYCAsesQJ&sai=AMfl-YTD1tJC-WROh1J6aICjaFPIl3_m1bBTEbDZcn4X9Mb3PRmITLM7MFBXgZrzJzxvXPI8D3Si5Uu9F3DcpliHFx_wwVKwWNul3-hr1jkabwehEWqdF9TfRfYLvoUkGG9udI6CrjKqREcKtVfsNvt5jw&sig=Cg0ArKJSzCiNcQv3ijZjEAE&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705354578313&rpt=296&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9071 0
54 B 226ms
226ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lrfg32if&c=4533731359398&slotId=2266865679699&qqid=CIDjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1913&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.11l~vil.1gk&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 8ms
7ms Image
text/html 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1858084845498572&bg=!HR6lHlHNAAaumcC-jpk7ADQBe5WfODJN7sstRaFFXTYJKNgbBsuSZQO6zqlUzBlDjHZ0mwV2bMYvM1PvUu_NHQ9u9JTIAgAAAHhSAAAAA2gBBwoARD7R_TKwMPVk2IV9Tq3tpJCreogM0NJQdMDlPNYNOUmFvQ1_Ic3O78mRXNm9JjroWgT3U96B9kOHybohMpOH7BUYbZLumQKu5Lt1_RrNvHgM6cghdMUFD_Drz-iej9Ttk0bBAtM7tg9khSfZy80u2WhmUvdXp6Gts0g8wENa2NITPhOyFotMFiWQqvHOz0iuT023x3s-umArczGln6ub1PoZg_Ix14lOS9P7JmhyZEZ2Xj3UUrAeKzlKgTcMzOsCmLC5GRazDryhB5GbDt4NX-lnfY0HRyhQhuA80e_uCCdUhgyYbiNyEpIbFFMWgxaqQFSUgnzvQI4E0_jGBSi0yGtLKoj86Dpa2J66bbopERUJRpRYcTtn31dQAylk0sLIH3CO23WJRR9okZTht2VRyXXlXpaH0WIVe9-nSIftvnPYZoeQ01Vsfh27Ciwu2J2ogGt-FdjquPJXvD-bQSiFaCLcQAr6S7jQ0z0EoQ0qdZb_7tY49YiL3Au1tWHpYb_nit-htySxJDKq69ZocpK7Y6VCv6eTCBZqPDHpktu5lrEpC_e0y9vkE0scVi8kcO43MbYW-dOlFWylc9ajbHQp978Nu4GAzVqM87NDV1MRTkziVNra_Vmwgge-FX1VsxBxtBcwVHvZNKKDpp8nNql5dy9Vf8_CyiaPcL3ED6tjC-2ctx2ptj1pETTqzc9Lh9G3m70U8XD8YM_Q3AUf7kGmmw0EMs3Sor42Avgu93HVRAZUjwJ-va7uEFrWvAj5X7Hgktt2rBufIiYGTfNQbQh0CbPZ1cIJLd1q4qbbwJC9kx57x1agmOPIRbBeygMeqTiwsd8Km2g3wlZFIkz85aRe59CbGFOU1gwEt-X3-LmcvXD2TEa_4r2v-Dmxp6v_O3ojKj0q1PPPnoGEWO4T-khe2S55LtYRtrFeCakIX6c-syHDbdWxsyaAbC7cYVwqseMUL8F0ZVEHWF7YN9OzQP36m1aWxzulF-b_dwU0prGhh2xr-KjeCbM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sajuabc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame E7F9 0
54 B 226ms
226ms Ping
image/gif 2607:f8b0:4023:1413::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lrfg32sf&c=1207435673419&slotId=603717836709.5&qqid=CIPjue6s4IMDFdujrAIdKGQEaA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2072&mt=video%2Fmp4&vs=1024x576&dm=10000&met.4=vfl.1e6
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1413::78 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
291 B 239ms
238ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sajuabc.com
Date: Mon, 15 Jan 2024 21:36:21 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E7F9 42 B
64 B 8ms
8ms Image
image/gif 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssf1UMn9eL-0dqcFAP8UalHMPKo8ARqTywA3-pqRC45Dh15onwnL-T06hQgLMoLYIjcPxAdC_Y94VDNaLI9mRfF5PuOoqwp18c_a9gYL7AwoH0jpZM6N8icQAYQeHfUGti8fpoTp5Fnhk4ccoTz71sWFFTd&sai=AMfl-YTna-JzLOvbJpwGEI-K4dTRBQoxR96iWhQxBuslrygtIkJ2ZZVFyPf9XfnJcdPYIg86lp2kYeIN5IBFVUkrCKhs8d_cYA1hqLPwmA5rkK5pEY75c5N0Wy9GN_DkK4_o-jXLCVgmL2yZMhvMRR7iXw&sig=Cg0ArKJSzINMunopKtGeEAE&cid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ&id=lidarv&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D2017,0,0,0,0%26mtos%3D2017,2017,2017,2017,2017%26amtos%3D0,0,0,0,0%26mcvt%3D2017%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2234%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D218%26dur%3D10005%26vmtime%3D2291%26dtos%3D2017%26dtoss%3D1%26dvs%3D2017%26dfvs%3D2017%26dvpt%3D2234%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2017&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705354579153

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::9b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKr...
ade.googlesyndication.com/ddm/activity/ Frame E7F9 42 B
107 B 52ms
51ms Image
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D2349,0,0,0,0%26mtos%3D2349,2349,2349,2349,2349%26amtos%3D0,0,0,0,0%26mcvt%3D2349%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2566%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D218%26dur%3D10005%26vmtime%3D2623%26dtos%3D332%26dtoss%3D2%26dvs%3D332%26dfvs%3D332%26dvpt%3D332%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2349,2349,2349,2349,2349%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2349;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705354579153;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E7F9 42 B
64 B 8ms
8ms Image
image/gif 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=Y6AvZlsoewI&label=videoplaytime25&ad_mt=2624&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D2349,0,0,0,0%26mtos%3D2349,2349,2349,2349,2349%26amtos%3D0,0,0,0,0%26mcvt%3D2349%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2566%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D218%26dur%3D10005%26vmtime%3D2623%26dtos%3D332%26dtoss%3D2%26dvs%3D332%26dfvs%3D332%26dvpt%3D332%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2349,2349,2349,2349,2349%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2349&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705354579153

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 6ms
5ms Ping
text/plain 2404:6800:4003:c04::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D1W2CMFHSN&gtm=45Pe41a0v9132932958&_p=1705354577170&gcd=11l1l1l1l1&dma=0&tcfd=10000&gdid=dZTNiMT&cid=1025955206.1705354577&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705354577&sct=1&seg=0&dl=https%3A%2F%2Fsajuabc.com%2F&dt=%ED%98%84%EB%8C%80%EC%9D%B8%EC%9D%98%20%EC%82%AC%EC%A3%BC%EC%82%B0%EC%B1%85%20-&_s=2&tfd=6884
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-5RFW3K6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c04::8b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sajuabc.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sajuabc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKr...
ade.googlesyndication.com/ddm/activity/ Frame E7F9 42 B
63 B 10ms
9ms Image
image/gif 142.251.175.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIyPuD76zggwMV9wyDAx0LmQwvEAAYACDSjf9iOhoI6PfKogUQsNqY2d4EGPXkkeQDIJWwtKaJEkITCIPjue6s4IMDFdujrAIdKGQEaA;dc_rmcid=CAQSTwAvHhf_8WoV7bJnhtQ9eHUj8c7waTSTP1NOOuk8Ffzzs0s6zL-NqjI1lYY694EcgSfnbKrYwF9Z_xtLKSFV6Z9TJC0UsfMxUXRkhTDwDm0YAQ;eps=CIBhEAEYHzICigI6BIBAgEBIvf3BOlj-wrnurOCDAw;met=1;acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D4738,0,0,0,0%26mtos%3D4738,4738,4738,4738,4738%26amtos%3D0,0,0,0,0%26mcvt%3D4738%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4955%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D218%26dur%3D10005%26vmtime%3D5014%26dtos%3D2389%26dtoss%3D3%26dvs%3D2389%26dfvs%3D2389%26dvpt%3D2389%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2389,2389,2389,2389,2389%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4738;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705354579153;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E7F9 42 B
64 B 8ms
7ms Image
image/gif 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CEWDEUaWlZcP2HNvHssUPqMiRwAaWw5mCdZWwtKaJEvAuEAEgwqv6YmC_BaABprW8kirIAQWoAwHIA5sEqgTyAU_QgFEVhGzT8d3e7mLSQo7aWWpXqApkqIIS0IMkqplD6NoV1msxQKqh8rm9A40A5NEsHtP3I9h88S4YrJ8_LxuAz4g-FVrDwGGn7x9xVasRAbLcUA8neo9JVogEB0oTj99T6j-PC8JJrZRfpB0H4tRwSJJIj6LZfrm5qvYth_hxOT6rsxMmY9BxbnSgSyKNuM6Tsj-svkE-FFX9Z5db3rUfY5_4wjbb9tGocXSc_k-qfqus4Sd7pIgftflAv-ppdKWfK6xSoFRtUj9UFtxdqIRj-N9aIgFYsGy-fVZz8f17cBeYGsGALEaT33eZS_kcK0a0wASw2pjZ3gTgBAOIBfb_nuxNkAYBoAZ2gAem7YzyBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP7Cue6s4IMDgAoByAsB4AsBgAwBogwIKgYKBKy6sQKqDQJTR7AT1KOnFsgT9eSR5APQEwDYEwqIFATYFAHQFQH4FgGAFwHoFwU&sigh=Y6AvZlsoewI&label=videoplaytime50&ad_mt=5015&acvw=sv%3D960%26v%3D20240103%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,156,119,365%26tos%3D4738,0,0,0,0%26mtos%3D4738,4738,4738,4738,4738%26amtos%3D0,0,0,0,0%26mcvt%3D4738%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4955%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D218%26dur%3D10005%26vmtime%3D5014%26dtos%3D2389%26dtoss%3D3%26dvs%3D2389%26dfvs%3D2389%26dvpt%3D2389%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2389,2389,2389,2389,2389%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D965798180%26psm%3D63%26psv%3D62%26psfv%3D62%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4738&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.01%26t%3D1705354579153

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jan 2024 21:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sajuabc.com/	1970-01-21 03:18:34	Name: _ga Value: GA1.1.1025955206.1705354577
www.clarity.ms/	1970-01-21 02:28:10	Name: CLID Value: 199ec8777e974bf383de0c5a1e9037f7.20240115.20250114
.sajuabc.com/	1970-01-21 02:28:10	Name: _clck Value: 10ywojd%7C2%7Cfif%7C0%7C1475
.doubleclick.net/	1970-01-21 03:18:34	Name: IDE Value: AHWqTUkNSN3C1HhJqYA0IJF4sTqtzaN5O7AU9eFCdGRFrPB-Uulwi5DF7yG_3pI08SQ
.casalemedia.com/	1970-01-20 19:52:10	Name: CMPS Value: 5020
.sajuabc.com/	1970-01-21 03:04:10	Name: __gads Value: ID=3cd48eaaa099b63c:T=1705354578:RT=1705354578:S=ALNI_MYa3iIasiJn4mg_NPV2zUSqIXMdpw
.sajuabc.com/	1970-01-21 03:04:10	Name: __gpi Value: UID=00000cdee00ce2f5:T=1705354578:RT=1705354578:S=ALNI_MY49QFcSAZe5dqcV1wRmvHlQu5u-Q
.adnxs.com/	1970-01-20 19:52:10	Name: uuid2 Value: 1594815549241662361
.adnxs.com/	1970-01-20 19:52:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTvqMtL+!]tbPl1M>e)ZlrFUfJ+tGXxoHN6hWLaTMLaIj`vjD?cfwaZoYuZsk00j4kw3If)y3KL9D3I?wQaZ%N
.casalemedia.com/	1970-01-21 02:28:10	Name: CMID Value: ZaWlUvUBVtLCOCRI.hL.gAAA
.casalemedia.com/	1970-01-20 19:52:10	Name: CMPRO Value: 4774
.adnxs.com/	1970-01-21 03:18:34	Name: XANDR_PANID Value: R4FMJsnMHiYUz2uVC9PnK-eKO9a3YmDF4dLcPD6VENWsFxEe6QdvzVbX0mdvuBpugZ-iKsCITEQayIPwPdHogH2K27UbR8Yt5Nmg-mU3Esk.
.doubleclick.net/	1970-01-20 22:01:46	Name: APC Value: AfxxVi6-AsTCF9XsFxiBo9dAUL4SnnhSzaBotGekTifRPNjfvnxkwg
.sajuabc.com/	1970-01-21 03:18:34	Name: _ga_D1W2CMFHSN Value: GS1.1.1705354577.1.0.1705354578.59.0.0
.sajuabc.com/	1970-01-20 17:44:00	Name: _clsk Value: 1sa4qqw%7C1705354578834%7C1%7C1%7Ct.clarity.ms%2Fcollect
.sajuabc.com/	1970-01-21 02:28:10	Name: FCNEC Value: %5B%5B%22AKsRol9pz1gEf2bAe5uaK2Z3OyEvWCcmDnvBIYTbmEERIQUBy6ma--XglCW7mrV4KwI5SPzOxu3JjCW4VLu2AwtHlrXZHZXC9Tm56dIWGPzYwP00FSZw0drmySyL7N28-1zx4TpZ_QxsR6gZMCTNcLJCo3Ct4CLfgg%3D%3D%22%5D%5D
.bing.com/	1970-01-21 03:04:10	Name: MUID Value: 17504DCE1ED06792011A59C91FD16675
.c.bing.com/	1970-01-20 17:52:39	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:04:10	Name: SRM_B Value: 17504DCE1ED06792011A59C91FD16675
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:04:10	Name: MUID Value: 17504DCE1ED06792011A59C91FD16675
.c.clarity.ms/	1970-01-20 17:52:39	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:42:35	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
analytics.google.com
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cm.g.doubleclick.net
csi.gstatic.com
developers.kakao.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r1---sn-npoe7ns7.c.2mdn.net
r2---sn-npoeenee.c.2mdn.net
s0.2mdn.net
sajuabc.com
stats.g.doubleclick.net
t.clarity.ms
t1.kakaocdn.net
tpc.googlesyndication.com
www.clarity.ms
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
103.43.90.178
104.18.36.155
142.251.12.155
142.251.175.154
143.198.80.28
20.114.189.70
20.205.115.81
211.249.220.43
2403:e800:e80b::2a63:8cbb
2404:6800:4003:11::7
2404:6800:4003:19::6
2404:6800:4003:c00::5f
2404:6800:4003:c00::84
2404:6800:4003:c01::9a
2404:6800:4003:c02::66
2404:6800:4003:c03::5e
2404:6800:4003:c03::61
2404:6800:4003:c03::94
2404:6800:4003:c04::5e
2404:6800:4003:c04::5f
2404:6800:4003:c04::8b
2404:6800:4003:c0f::67
2404:6800:4003:c0f::9b
2404:6800:4003:c11::9b
2404:6800:4003:c1c::8b
2404:6800:4003:c1c::9c
2607:f8b0:4023:1413::78
2620:1ec:bdf::59
2620:1ec:c11::200
2a04:4e42:600::485
74.125.200.149
74.125.24.156
0036d889c30c3d3481a745c71fc23d3e8f867743f2217118df3f4d0951252866
06b3029e0cdcd7c221a33477d61a1247cdeacf77f04f6e97a69e1b64905bc71d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5bc9e669b9bc6631d7c12bf04e76e30b8d9c772fccf54c045cd3ef25d9c4cd
131f6803fd486c7ea8815f441228a49b18c600d8b33e2e915d456e8a3d58b8d7
17a934ab6e704c8ad131a57140e7bf8011e431c54c636b2a9e156ee6b81f5f5d
19ac25e7b5e9e49a5831fbc65d64fa08359878472089c23521f1e3f43a246df8
1ba004f1c889e3536190eb81d95a7699aeab15ae997727ff1c4f8caa53f6ef2b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f63f05c15f02b517aeb7bad8bcbda596a499e03ef3a1b47d6ebdb76b2dc7cc5
29a9023ef7170c1fdf28a69719b1f9141507983f19443d6d82e4dfb5b05704fb
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a44989ce72423c80fcaae8d88a48969f7c72808c44ff790a76f1cbc8e30ac4f
2b9ac115a742827fa7b9cad2ef4d2d932ff1b8d7f6ac5db98177efaa41bb41c8
2beaac1dcd7aaf842814d6d2862a3ac7755e7d0fc0fa8cc7f9ab66beeb7e569b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30f64202939d97857128c1288d0c7ed3c1533e773437fcc9730ba22e20e30f39
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316a308f7f072efd9044e2bad379035a4e5f1d27ff9fece18bf829162aea0e50
3365ddd2c4a082f0a3af0dba77f7d477185abacd4b3e38419b1aa97a71bba3d9
3471bf6feba005d8eb35fefbf71a7be7e23ab60ea9a0a8462cc9cc63f4667d96
3a8f59340ce472660db410161f3e7fc7ade175053930bb1ef074df92bb58847a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4394d080cb0a0f2772bd10728654ffad6d228aad6c64fc54ca17a391a6f33646
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2
51f2cdd4f7e97288a74d803275b0550ec9eb938210ad5ab7fb1409548acf7554
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585357c44a17f93656c7e1e583a514359d37521046af5a2f59cfecd18e7dd271
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
70bdcf5f9a160d0b0e2b7f1528a0d73202c746a14a9553eb550df8a2bfb0a983
7598552b1f42bc21e19e17e78ace86e01ab4e596c8575527631c299a3f9a2c12
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7bb167b25d3bbae5246019df9d374fc0663a67a7adf5f74cb9a62c85d6b1493d
7c4bf30ebbfcfa968fe8a0744f75803ef68f89b16f92b112327e7de6773a4f70
7e8b4b660dca10e31dc82923cfbd88ad87ed8e014b38686b80118fc32a6e8a2d
7ffd8fbd85fcb3c0656756330cf4ea21f08b0eab4221a5e4a0e7909579e902f4
80161febafb6794177b5fce09a4201195e2b2e85400bd3117a05c2f2d003e008
80f877b7b25275582efa9e7dd691314d9a9879e5698bee1add2357950495aa54
8ec83c373e4e938aaf42cc2807f7c5717cadde2be70e09adda5de6034011d0ca
9420238af921002b92899e04f70a031b01a68cb7326e90633bf3a545f5f07192
957b4c2a8b7f12de088bea742c62818641afcedaa6e46bc83ad9d4e271453852
95c212910ebf54b89de652fda2a870facc0e7c9b0b9bc0975fe399df1d1087de
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9875594e2b7b6c6a9e2d1e20023354e031c56d80cd285cbbe5a7c15fc9098426
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
998ee801593bda96deb363ae0e760aae04f26f1f6dafd0b5f7d4debbd804f4c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ec34ff07756114c8517bdabbdca6f6d5c5b4aab9e2d54662de6d5fa4b109caf
9f58b2c2ce7858f4254c5edd6e3c747bc139248f25ccdf6bcb6c0053cd199538
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a64fe78a2aa7c0463bb0f148c6cbd9c953da07b2e3986ba23ca8b0e54e16a352
aa8ca579d4346c4e362a490ef8563b9564989cfa38a2b3420c327caa7a54df16
adea7bf6b6f056a33e3f74c28cd1302caacf3838446e48f6c0fbaadf5c217d68
b0fbbf476cf9973df1b5e80e19ed479c6b57e8f38764d5de91d652861ab68fae
b10c1e3029a1a4a29fb4f5d31defb87f22b2e374b4d3ee7fc00ad325c31e2e52
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b4dbf1c8cca69c79a497e8a74f52cf7c2357156d4593bca2f0e86c60775dcb
b65df3f41ee84e2a41b65f5c90492f2df595bd934bdd7556bf45789d6511412b
b90ef4c8174e6bd3ee3aebaa0826006dba18576c598cb84d4f64db78ea395af3
bbc5018849109232d15ee8ad6885f3356b026fa59cb4fb7719b8d5bb378021e8
c0d16a8f2f1ffe17309a510eab5344b354e349cc62c7ad0a032e0b8cf5a954d7
c1f51853307b262db7adca1f4ba0f87b9073a4a063d49903a528f0d87ca6ff8f
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c41fed115e2944d45e362f3f2181ffe3df1f5901a01fe849e136165741515a62
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6330679cc18b6215ed4f5e642dbfeeab778daa2052366c3e136c1b34eba9f57
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbb11d51e2e319ae50b15abb7346ff0baf155282b483c8fb2b21e7f2c11049f6
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ce3f6b5a53bb393a5322c5537ade06aab808ee2dc2f340502032991c2e74e809
d09d4b80d32307d116e694b0e2ab0f212b139143a90957cb12d4216a3b525a8d
d230fa6c14bf1f2df177f38c46f0d091f90ea57753e36e035616a381bd43a2db
d386277fee7de7b81328d287bb0bba1e669a1fa43794b17e8770e902eb2b30c8
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e768eab2d01300774dc4b1e457a0259551ae91f345ca49dfaa557009ab1bba0c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee1e6d716ba3c2719ccbf5cda46986e775d4c371ddf6c5003d69463ff3255669
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1480f8a0c1e20a42db1a5abf7b775b6fec09cfc1e406520877c4a273e72fabb
f1a3808d9705b05b6e8b5a8fcff9b012ed8447d8555aad3ee47df6f4e750aae8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fefece962d493d47f03a28e1e75cca738bb078d8109ebc305410a814c7fee8ed
ff254d65d391a632ecdf4d4662817d292e7c979019fa10f582f2a4bd19b6fb82
ffdac0355f7f2effad14214492d2a2de5d10771c18143889a506612cd2c71881

sajuabc.com Open in urlscan Pro 143.198.80.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

92 %HTTPS

69 %IPv6

17 Domains

33 Subdomains

30 IPs

5 Countries

5051 kBTransfer

9867 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

sajuabc.com Open in urlscan Pro
143.198.80.28 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

92 %
HTTPS

69 %
IPv6

17
Domains

33
Subdomains

30
IPs

5
Countries

5051 kB
Transfer

9867 kB
Size

23
Cookies

183 HTTP transactions
3 data transactions