urlscan.io logo urlscan.io
SecurityTrails logo

zone.kedannews.com Open in urlscan Pro
194.233.95.82  Public Scan

Go To Rescan Add Verdict Report
URL: https://zone.kedannews.com/
Submission: On July 01 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 4 domains to perform 34 HTTP transactions. The main IP is 194.233.95.82, located in Singapore, Singapore and belongs to CAPL-AS-AP Contabo Asia Private Limited, SG. The main domain is zone.kedannews.com.
TLS certificate: Issued by E6 on June 29th 2024. Valid for: 3 months.
This is the only time zone.kedannews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 194.233.95.82 141995 (CAPL-AS-A...)
5 172.217.194.157 15169 (GOOGLE)
3 74.125.200.155 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
9 64.233.170.100 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 74.125.24.132 15169 (GOOGLE)
1 74.125.130.104 15169 (GOOGLE)
34 9
11    194.233.95.82 (Singapore, Singapore)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi943073.contaboserver.net
zone.kedannews.com
5    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
pagead2.googlesyndication.com
3    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
googleads.g.doubleclick.net
2    2404:6800:4003:c05::66 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
9    64.233.170.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f100.1e100.net
fundingchoicesmessages.google.com
1    2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
1    74.125.130.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
75 KB
11 kedannews.com
zone.kedannews.com
92 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
296 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
34 4
Domain Requested by
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
11 zone.kedannews.com 1 redirects zone.kedannews.com
5 pagead2.googlesyndication.com zone.kedannews.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
34 6

This site contains links to these domains. Also see Links.

Domain
wpastra.com
Subject Issuer Validity Valid
zone.kedannews.com
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://zone.kedannews.com/
Frame ID: F5867265C67C8D7F841B35134B31C10E
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: D98424C28A66B19BA29292254E772583
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8034141397182596&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719844763&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzone.kedannews.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_9~29_18&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719844763857&bpp=4&bdt=105&idt=78&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3107288932817&frm=20&pv=2&ga_vid=1555406636.1719844764&ga_sid=1719844764&ga_hid=920138132&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95330413%2C95334509%2C95334526%2C95334564%2C95334573%2C95335897%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2424897957098031&tmod=538210428&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: 05D9904A38453D1CA1EAF86194FAA405
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: 1A6913AA5723C5BB9FF04CD6C75965BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D202F4D588FFDB35FEB32F8F20CAF0D9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9E01334CDB2A952FF18528601D87AD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BEST TIPS -

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

34
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

9
IPs

2
Countries

463 kB
Transfer

1485 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://zone.kedannews.com/favicon.ico HTTP 302
  • https://zone.kedannews.com/wp-includes/images/w-logo-blue-white-bg.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zone.kedannews.com/ 		191 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
42926f3bf66e998b6c1b0d771afdd04b145a88abb4cc37848f8dd25210b99f6c

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
48846
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 14:39:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://zone.kedannews.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-litespeed-cache-control
no-cache
x-litespeed-tag
6dd_HTTP.200,6dd_home,6dd_URL.6666cd76f96956469e7be39d750cc7d9,6dd_F,6dd_
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8034141397182596
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
18f64fce4b38e19cf69f204a3e9b8eeae9d5dad66e6072a763d8010c67ecb8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Origin
https://zone.kedannews.com
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52603
x-xss-protection
0
server
cafe
etag
16971318728993331050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 01 Jul 2024 14:39:23 GMT
main.min.css
zone.kedannews.com/wp-content/themes/astra/assets/css/minified/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.7.1
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 13:31:29 GMT
server
LiteSpeed
etag
"a883-66800cb1-7e1992;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8107
expires
Mon, 08 Jul 2024 14:39:23 GMT
style.min.css
zone.kedannews.com/wp-includes/css/dist/block-library/ 		111 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 13:29:13 GMT
server
LiteSpeed
etag
"1bae5-66800c29-7a2407;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13743
expires
Mon, 08 Jul 2024 14:39:23 GMT
styles.css
zone.kedannews.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2024 06:34:25 GMT
server
LiteSpeed
etag
"b4e-66824df1-841691;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
890
expires
Mon, 08 Jul 2024 14:39:23 GMT
contact-form-7-main.min.css
zone.kedannews.com/wp-content/themes/astra/assets/css/minified/compatibility/ 		882 B
410 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=4.7.1
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 13:31:29 GMT
server
LiteSpeed
etag
"372-66800cb1-7e1962;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
344
expires
Mon, 08 Jul 2024 14:39:23 GMT
frontend.min.js
zone.kedannews.com/wp-content/themes/astra/assets/js/minified/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.7.1
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
19deb6782f674ebbc6065f61b240aa1663fd6b063c84bb63e530d5ad9a10980d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 13:31:29 GMT
server
LiteSpeed
etag
"58a6-66800cb1-801081;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5003
expires
Mon, 08 Jul 2024 14:39:23 GMT
index.js
zone.kedannews.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2024 06:34:25 GMT
server
LiteSpeed
etag
"2cf9-66824df1-881b84;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3220
expires
Mon, 08 Jul 2024 14:39:23 GMT
index.js
zone.kedannews.com/wp-content/plugins/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2024 06:34:25 GMT
server
LiteSpeed
etag
"32fe-66824df1-841695;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3922
expires
Mon, 08 Jul 2024 14:39:23 GMT
ea0c611c-7f8f-4431-a9e4-de12d5ea1928
https://zone.kedannews.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://zone.kedannews.com/ea0c611c-7f8f-4431-a9e4-de12d5ea1928
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8034141397182596
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
a485dd77eeb50d0c0014f1034cf9c54fe720d979a6c2e53f5314b6b2d4f91df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146932
x-xss-protection
0
server
cafe
etag
7371510816725718824
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 14:39:23 GMT
wp-emoji-release.min.js
zone.kedannews.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by
Host: zone.kedannews.com
URL: https://zone.kedannews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:23 GMT
content-encoding
br
last-modified
Sat, 29 Jun 2024 13:29:13 GMT
server
LiteSpeed
etag
"4926-66800c29-742b74;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4630
expires
Mon, 08 Jul 2024 14:39:23 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame D984 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
62710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 21:14:13 GMT
etag
9187630395144177108
expires
Sun, 14 Jul 2024 21:14:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 05D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8034141397182596&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719844763&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzone.kedannews.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_9~29_18&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719844763857&bpp=4&bdt=105&idt=78&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3107288932817&frm=20&pv=2&ga_vid=1555406636.1719844764&ga_sid=1719844764&ga_hid=920138132&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44795922%2C95330413%2C95334509%2C95334526%2C95334564%2C95334573%2C95335897%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2424897957098031&tmod=538210428&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
51429
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 14:39:24 GMT
expires
Mon, 01 Jul 2024 14:39:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
b21177de6c7cbd0f5ae5a33fb31847880e9929c89823be580cad74c048e04608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58351
x-xss-protection
0
server
cafe
etag
15336032701153236837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 14:39:24 GMT
ca-pub-8034141397182596
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8034141397182596?href=https%3A%2F%2Fzone.kedannews.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d70f57888f311e083122ea16bf498d61fa0ad3c6460d41f76013b9100c35e902
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DOdDB63ho9tL9e95ZorA7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-DOdDB63ho9tL9e95ZorA7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmPO_awubwIoj32cwKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAD1XDn6"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMezImSBUvG1vBjF2x8WCDnYvHjMk2RPbvOVWt9Wvd_DVXymp4RwNL-sh57wiNafqEamILBBq5l5827rckwhLMlYdjdNjVVQmTRJoZceZu4Ru8wazcKDlArTdZe4nSvcGDIdeDcg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUMezImSBUvG1vBjF2x8WCDnYvHjMk2RPbvOVWt9Wvd_DVXymp4RwNL-sh57wiNafqEamILBBq5l5827rckwhLMlYdjdNjVVQmTRJoZceZu4Ru8wazcKDlArTdZe4nSvcGDIdeDcg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODQ0NzY0LDY1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly96b25lLmtlZGFubmV3cy5jb20vIixudWxsLFtbOCwiQl9vRUJzb2JrSTgiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7df6996ad7af6b3588875d8de556faaa026c1731dc178985c06881ea45b57da4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pFngZg4rurR2i2aaxmc4tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-pFngZg4rurR2i2aaxmc4tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhmPO_awubwIpnBw8xKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAD_Yjoc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame 1A69 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
62710
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Jun 2024 21:14:13 GMT
etag
9187630395144177108
expires
Sun, 14 Jul 2024 21:14:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVcd1tATlCRdV89-VtOG9DkC12uq-DlIhvmWfqpIL4l47XYA0gHyoNmDN2pb8F5B0lMsZgyEkBd55x5HjHHld1LwGpP1RW6tuXHU5difX3R7kNGmU53Zmp04I31XZcOm3zH3QXgNQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVcd1tATlCRdV89-VtOG9DkC12uq-DlIhvmWfqpIL4l47XYA0gHyoNmDN2pb8F5B0lMsZgyEkBd55x5HjHHld1LwGpP1RW6tuXHU5difX3R7kNGmU53Zmp04I31XZcOm3zH3QXgNQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODQ0NzY0LDY4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vem9uZS5rZWRhbm5ld3MuY29tLyIsbnVsbCxbWzgsIkJfb0VCc29ia0k4Il0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
0d687d0565f8b0aaa33cdd2aa829191be6ba9c04168b122ec6de7b007b16cd3c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Lm6Apu87yvzX2hDKKyuGJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Lm6Apu87yvzX2hDKKyuGJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhmPO_awubwIJ9R84zKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBkb6BmYxxcYAAAAGzoM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240625&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
c905dcaa978cd1400753bd391ad0604834119cc78fb796f29305f4b1b86b9a22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12810
x-xss-protection
0
w-logo-blue-white-bg.png
zone.kedannews.com/wp-includes/images/
Redirect Chain
  • https://zone.kedannews.com/favicon.ico
  • https://zone.kedannews.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zone.kedannews.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
194.233.95.82 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi943073.contaboserver.net
Software
LiteSpeed /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 14:39:26 GMT
last-modified
Sat, 29 Jun 2024 13:29:13 GMT
server
LiteSpeed
etag
"1017-66800c29-7428e4;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4119
expires
Mon, 08 Jul 2024 14:39:26 GMT

Redirect headers

date
Mon, 01 Jul 2024 14:39:26 GMT
server
LiteSpeed
x-redirect-by
WordPress
content-type
text/html; charset=UTF-8
location
https://zone.kedannews.com/wp-includes/images/w-logo-blue-white-bg.png
x-litespeed-cache-control
no-cache
x-litespeed-tag
6dd_HTTP.200,6dd_HTTP.302,6dd_default,6dd_URL.b54ff2eddcb0060bcd786ce388d8d4d7,6dd_
link
<https://zone.kedannews.com/wp-json/>; rel="https://api.w.org/"
content-length
0
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Jul 2024 14:39:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D202 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
227424
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Jun 2024 23:29:01 GMT
expires
Sat, 28 Jun 2025 23:29:01 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D9E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f104.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eGFqaaK2a-sZE2N919eRLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://zone.kedannews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-eGFqaaK2a-sZE2N919eRLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 14:39:25 GMT
expires
Mon, 01 Jul 2024 14:39:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nativeads.
fundingchoicesmessages.google.com/f/AGSKWxVahLtmESq7c8AvnzeRNuyCcfLG6PW5E-rXUf-ttVg-1Fr0CJV3AjSJU9Z1duGzSoV4cSdeKFLjuxqqrAVeqNcsTdkg1rci_vVnGa8PhZGRHxlq3BKX4RwB4lpy1W5N67Kh8RwmOFmWUMFKEmMwEnbOQZchx... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVahLtmESq7c8AvnzeRNuyCcfLG6PW5E-rXUf-ttVg-1Fr0CJV3AjSJU9Z1duGzSoV4cSdeKFLjuxqqrAVeqNcsTdkg1rci_vVnGa8PhZGRHxlq3BKX4RwB4lpy1W5N67Kh8RwmOFmWUMFKEmMwEnbOQZchxuiw0Ytno1jpUAYsFuIXNYwEYeSSFRyW/_/bottom_adv_/ad-350x350-/footad-.net/pops.js/nativeads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxo_NcNcEpbesK3XHZR__qjKGTizw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
35ff0b4c16e01e49bd7db7a8cdc32a6db901c594fd78d05f29aa24f402afc5ac
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9z-AjMgLqzzUgZZhQ_99oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-9z-AjMgLqzzUgZZhQ_99oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhmPu_awubwIT21vmMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGZkbmegam8QUGANz6OVQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxo_NcNcEpbesK3XHZR__qjKGTizw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:05:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2033
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25678
x-xss-protection
0
server
cafe
etag
6704855416901562528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 15:05:32 GMT
AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wtVpSz_dkOfrN6TcCu4gCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wtVpSz_dkOfrN6TcCu4gCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoEHm_YuZVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAYkkr_Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pJzkbyoxk95kcovNVfb3LQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-pJzkbyoxk95kcovNVfb3LQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoED398vZVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAdB0sRA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bg8u87LoNbB2L4XSd4NoDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-bg8u87LoNbB2L4XSd4NoDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoEXt58tZVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAdSwsRw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zovcNajGphDLVJ3VYJ4Ryg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-zovcNajGphDLVJ3VYJ4Ryg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoENqw4tY1RyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAUr4ryQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX6Gkn8_NcX8qb5N-MGljpc4ax6P9X3fBA0Ov-0LgSYITsYk9oDHuQuZqLFzrt3cxoqp1k4SWOrsGImOQffGubFtXparWO_jAlxK5ZatMwfPYLTqDnqZweHYUXVAnCmX1FHxllmXA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX6Gkn8_NcX8qb5N-MGljpc4ax6P9X3fBA0Ov-0LgSYITsYk9oDHuQuZqLFzrt3cxoqp1k4SWOrsGImOQffGubFtXparWO_jAlxK5ZatMwfPYLTqDnqZweHYUXVAnCmX1FHxllmXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODQ0NzY1LDM0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96b25lLmtlZGFubmV3cy5jb20vIixudWxsLFtbOCwiQl9vRUJzb2JrSTgiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e2e928a6206b72a179e8d4417fb643b3556e158cd7850cf3db7d630d6c530827
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3u9h9XBvpXLqrXbwBi3bjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-3u9h9XBvpXLqrXbwBi3bjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0pBiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0B4iURF1mPJF5kPfj4IutJIBbi4Zj7v2sLm0DDwZdbGJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDMyMzPUMTOMLDACniz8M"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV7Ejho6w36ZOcvufvVaeKQBVK9kWO8w9xg20q8RCV_NocvdmFwXt0YYyryLdkwvpfsiE3IOUkj0pVAAR2_A73zMzVZgzaUuhIkeenpBlkSbIwXgAUtV-ydGaS7fvFapNnhqal7Iw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV7Ejho6w36ZOcvufvVaeKQBVK9kWO8w9xg20q8RCV_NocvdmFwXt0YYyryLdkwvpfsiE3IOUkj0pVAAR2_A73zMzVZgzaUuhIkeenpBlkSbIwXgAUtV-ydGaS7fvFapNnhqal7Iw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UQ0LcCpCDydAWf2U-3MKzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UQ0LcCpCDydAWf2U-3MKzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoEDhybtYVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAVK4r0g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUMv_1rteEVEx78w1OwfxHOQgpKgZwfXihzMsPLAmDxhMJSJGMcS1NgWUX1XwjWlgsFf1o03uQeu7DmF-z_v8LOfa13Gc1iFhCrt0rBprFQTp95ji_ofJ6kdLbQpi07uvpHPPifsQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMwdctVOrqTK15npjHCL2pNW4X-g9Q/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--Hh8Bp2DJz_zWE8hnR3YWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zone.kedannews.com/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 14:39:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--Hh8Bp2DJz_zWE8hnR3YWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoExJ8fn2P9DcRLIi6yHkq8yCrEwzH3f9cWNoEFj8_uZVRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAZ0MsEg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://zone.kedannews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240625&jk=2424897957098031&bg=!PT6lPnHNAAb64txl2uI7ADQBe5WfONSZU8-ka3XHBosD7qbZv65J_eeK7es0FEdaOqnJftc4nImx9eZeD6IdVv8EI-59AgAAAEVSAAAAA2gBB34ANb7wf96AcPulHQIm2k6r8Gj3P4k9GMW-B0HOi0gAMz3NCN9ZdEIaSIyVtLlyABRnoUsyT7zuCgAn2pCRPLAU9nArwQwcfyXwRIJu4X1TF_H9pUT6BylBqfgKGjoAqpG4mQKdEzEwaoR-MCLO3VbjKllvgIq58x2Ke45o9YOmiel-FrN7xgG9pHBqFH-CjyW4JvwUrF11AVfcIYStZ3gnzHl-jOucF98zz7ztzb411LSwpsHxLSrr_GkuMtW3BWDupS6pcY99YGWlr2FTs2xLhLFBm_2OvVDmxTJgSo4-CkOKACa0tot8t3HjikeqD8fKlayMQVeeItEAmlr0Bzt7PrWi04ZB_MrY_hC-qo6UQBkopSFnbqrj1nORYR8epXz1JRlb4qXO-m-tEBR-1hDfcbd4EJQ_n70oGohWwFnuSwOdtnjrPGWkbuX4juDTWeq2Xk7oJHUtmMvdusIpgyaqbwXRODoJZpV7FLGn18Sbd3fXjr50dAvurPqLU2ZBmJk75pDGX74KZhGxA-ifsKbncx0r_a_lPQnL9JSkfqHntcVqGVumjn5oVlpSvGHPDitlGDW096aHhaX5ieTfkzFtyOKbdbAEA5GTud11__o0EykRHF9JwCGKIMEg-6A2DUK9WF4j5NteEMEZf-bnkiWULJziumPLTN8nsGHogKlTISAhjSFTU2t9JWa_DL8mKoVxKhsd6Wogylv-qBSUcgmgZdLlU2FFI6fwEZX19NmHshFaewf-5GaoqnOqFoSknCoD6Bdsgkci5_vM5vrABk4BJNGfCf6V4zGeaI27odSV3Y6gDIs9XLmvS1TryGIqY8l4K2_z5Z6LBGf9vXVmdSq0saAHknThmnuYJ7nMuFBow1A8hjdzlQkszHNtQBoYsRuPgDrnyPEDSB8Tqh-jSeM7zoxKXywwILM2LNSF-BTaX8zslbfO7S6h43DvoaDi37ukPDob52tkXLzA8Oc-4wyjqCxzDc7pVu3AWqQ0LX5LvgbNG5Zra3Im7YcJvJ5Ko6Ml

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 undefined| event object| fence object| sharedStorage object| _wpemojiSettings object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| swv object| wpcf7 function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjgwNTYzYzczMDg1NjU0MGxvYWRlcl9qcw== string| ZjgwNTYzYzczMDg1NjU0MGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag number| link number| len object| GoogleGcLKhOms object| _google_rum_ns_ undefined| google_rum_values boolean| dd24c73b-16c9-4eec-becf-83b5ed47f3c7 object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

12 Cookies

Domain/Path Name / Value
zone.kedannews.com/ Name: PHPSESSID
Value: p7cs6k9do4pm3d07833su7vfej
.doubleclick.net/ Name: IDE
Value: AHWqTUmx_J4yUDHZG_No9opbhkvxXF8xitmp1PfnO8EUAKDXfjsdwkok8q3f1buo
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZoK-nIsFVUgAAAIiATFY5gAA
.casalemedia.com/ Name: CMPS
Value: 4752
.casalemedia.com/ Name: CMPRO
Value: 4752
.kedannews.com/ Name: __gads
Value: ID=5367233a24c221bc:T=1719844763:RT=1719844763:S=ALNI_MY9mNeDhsaUYx8MWe69VPONOUh7kw
.kedannews.com/ Name: __gpi
Value: UID=00000e6e4b6efc78:T=1719844763:RT=1719844763:S=ALNI_MbpqBoS-VfCxRizXWf40JhdQpkH5A
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.kedannews.com/ Name: __eoi
Value: ID=2231f943d102fefa:T=1719844763:RT=1719844763:S=AA-AfjbZSexgVgMDrJMFuNyqKtg_
.kedannews.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9ISSc6vRjgUy4SQqPrj-Qc160MS2j8k-dA9h5QYXG9ApbbMuY2i8RO9aqfMQEmDuICU5KQyv0izjz-rXOPt5XV5u3YPL5PiGqBjw-WlpHk2JXAZ_nVVYDQpJ85ajEWRqT2fKNcsxlgi79cWPP64g2h9bJRzA%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
zone.kedannews.com
pagead2.googlesyndication.com
172.217.194.157
194.233.95.82
2404:6800:4003:c03::84
2404:6800:4003:c05::66
64.233.170.100
74.125.130.104
74.125.200.155
74.125.24.132
0d687d0565f8b0aaa33cdd2aa829191be6ba9c04168b122ec6de7b007b16cd3c
18f64fce4b38e19cf69f204a3e9b8eeae9d5dad66e6072a763d8010c67ecb8cd
19deb6782f674ebbc6065f61b240aa1663fd6b063c84bb63e530d5ad9a10980d
35ff0b4c16e01e49bd7db7a8cdc32a6db901c594fd78d05f29aa24f402afc5ac
42926f3bf66e998b6c1b0d771afdd04b145a88abb4cc37848f8dd25210b99f6c
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
659d78e86e4eeaf329bc6ce7d9023a5df5212584288eeef25ddc03db94074a5a
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
7df6996ad7af6b3588875d8de556faaa026c1731dc178985c06881ea45b57da4
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a3c948a216530521f3cd0575e075c9f20308f610a9d2e0e2499f5c5ef30f58f9
a485dd77eeb50d0c0014f1034cf9c54fe720d979a6c2e53f5314b6b2d4f91df6
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
b21177de6c7cbd0f5ae5a33fb31847880e9929c89823be580cad74c048e04608
c905dcaa978cd1400753bd391ad0604834119cc78fb796f29305f4b1b86b9a22
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
d70f57888f311e083122ea16bf498d61fa0ad3c6460d41f76013b9100c35e902
e2e928a6206b72a179e8d4417fb643b3556e158cd7850cf3db7d630d6c530827
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855