gbwhatsapppro.app Open in urlscan Pro
2606:4700:3030::6815:45ee Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gbwhatsapppro.pk/
Effective URL:
https://gbwhatsapppro.app/
Submission: On January 27 via api (January 27th 2024, 7:03:09 pm UTC) from SG — Scanned from SG

Summary HTTP 139 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 18 domains to perform 139 HTTP transactions. The main IP is 2606:4700:3030::6815:45ee, located in United States and belongs to CLOUDFLARENET, US. The main domain is gbwhatsapppro.app.
TLS certificate: Issued by E1 on January 24th 2024. Valid for: 3 months.

This is the only time gbwhatsapppro.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:303... 2606:4700:3037::ac43:8bb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:303... 2606:4700:3030::6815:45ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2404:6800:400... 2404:6800:4003:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c00::61	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4003:c01::5f	15169 (GOOGLE) (GOOGLE)
2 9	2404:6800:400... 2404:6800:4003:c01::9a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::8a	15169 (GOOGLE) (GOOGLE)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
25	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c0f::9a	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4003:c05::8b	15169 (GOOGLE) (GOOGLE)
4	142.251.175.156 142.251.175.156	15169 (GOOGLE) (GOOGLE)
1 2	3.0.86.137 3.0.86.137	16509 (AMAZON-02) (AMAZON-02)
2	74.125.24.148 74.125.24.148	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::95	15169 (GOOGLE) (GOOGLE)
3 4	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	103.43.90.117 103.43.90.117	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:9000:217... 2600:9000:2175:2600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f18:1ac... 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e	14618 (AMAZON-AES) (AMAZON-AES)
2	2800:3f0:4001... 2800:3f0:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:1e::a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::67	15169 (GOOGLE) (GOOGLE)
139	25

2 2606:4700:3037::ac43:8bb6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gbwhatsapppro.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3030::6815:45ee (United States)

ASN13335 (CLOUDFLARENET, US)

gbwhatsapppro.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4003:c04::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c00::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c01::9a (Singapore, Singapore) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c00::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::8a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4003:c03::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c0f::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c0f::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4003:c05::8b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.0.86.137 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-86-137.ap-southeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::95 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.117 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2175:2600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4001:831::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:1e::a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

rr5---sn-npoe7ns6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::67 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	635 KB
20	gbwhatsapppro.app gbwhatsapppro.app	534 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	260 KB
15	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	192 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	105 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	4 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	w.org s.w.org — Cisco Umbrella Rank: 3198	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	300 B
2	gbwhatsapppro.pk 2 redirects gbwhatsapppro.pk	1 KB
1	googlevideo.com rr5---sn-npoe7ns6.googlevideo.com — Cisco Umbrella Rank: 56568	589 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2733	7 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	80 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
139	18

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net gbwhatsapppro.app tpc.googlesyndication.com pagead2.googlesyndication.com
20	pagead2.googlesyndication.com	gbwhatsapppro.app pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	gbwhatsapppro.app	gbwhatsapppro.app
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	dt.adsafeprotected.com	googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.googleapis.com	gbwhatsapppro.app googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googleadservices.com	gbwhatsapppro.app
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	ad.doubleclick.net	gbwhatsapppro.app
2	fw.adsafeprotected.com	1 redirects gbwhatsapppro.app
2	s.w.org	gbwhatsapppro.app
2	www.google-analytics.com	www.googletagmanager.com
2	gbwhatsapppro.pk	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	rr5---sn-npoe7ns6.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagmanager.com	gbwhatsapppro.app
139	26

This site contains links to these domains. Also see Links.

Domain
www.whatsapp.com
gbapps.ind.in
gbwhatsapp.net.pk
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
api.whatsapp.com

Subject Issuer	Validity	Valid
gbwhatsapppro.app E1	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://gbwhatsapppro.app/
Frame ID: A500396487738877C772E802C6320870
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 7382200D0EB8C54C90897B280C2DE7B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&adk=1812271804&adf=3025194257&lmt=1706382182&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgbwhatsapppro.app%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182268&bpp=57&bdt=101&idt=156&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6720250229525&frm=20&pv=2&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=180
Frame ID: E0F16A62BE700EFE0F9668A46827D7D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=9342665876&adk=366986306&adf=2653041513&pi=t.ma~as.9342665876&w=1200&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182458&bpp=3&bdt=291&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8
Frame ID: 5BD929050A66ECC38AC28C82700977F6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=3048720263&adk=101065328&adf=1837538127&pi=t.ma~as.3048720263&w=1120&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1120x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182484&bpp=3&bdt=317&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 1FC2AA929345F0EEC3C9D13F4DFC91F9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C4754820747D6C3C80D31BC85C61508B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D9971AF4B5E4B2CE9AA356260583EA41
Requests: 25 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: F49458B71C245FF7732047A83DABAE02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXC0MJ8fKKcGuN3T6lk7X71LZE5iwAe8XU5xOKEcATQyghN-pluuqd1_MtX2d1jild17vweXhhZGwDKrRVLOaZgzjxX0A
Frame ID: 52BFC3DA6DA4B9ABE8BAC0CAD34314E0
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 9485B824A38509F6C40A0165D24AEFCD
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: FAD6F6B49AC9B433BBC5469608F91434
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BED34436F96A93B8F56EDC110AC9E2C1
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 83A8B2DEAD6AD1E9AEE83632254118A2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js
Frame ID: 8473E05E6C84EE58322F329D40AB056D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 308874B44D13A57C8111FA6A20BDAF31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9074CFC04C5BB287AA5D0D81927E99AF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GBWhatsApp Pro APK Download (Updated) 2024 Anti-Ban | OFFICIAL

Page URL History Show full URLs

http://gbwhatsapppro.pk/ HTTP 301
https://gbwhatsapppro.pk/ HTTP 301
https://gbwhatsapppro.app/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

94 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

25
IPs

3
Countries

2769 kB
Transfer

5766 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whatsapp.com/
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://gbapps.ind.in/
Title: GB WhatsApp Download

Search URL Search Domain Scan URL

URL: https://gbwhatsapp.net.pk/
Title: GB WhatsApp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=GBWhatsApp%20Pro%20APK%20Download%20%28Updated%29%202024%20Anti-Ban%20%7C%20OFFICIAL&url=https%3A%2F%2Fgbwhatsapppro.app%2F
Title: Share on X (Twitter)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fgbwhatsapppro.app%2F
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fgbwhatsapppro.app%2F&media=https%3A%2F%2Fgbwhatsapppro.app%2Fwp-content%2Fuploads%2F2023%2F06%2FGB-WhatsApp-Pro.jpg&description=GBWhatsApp%20Pro%20APK%20Download%20%28Updated%29%202024%20Anti-Ban%20%7C%20OFFICIAL
Title: Share on Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=1&url=https%3A%2F%2Fgbwhatsapppro.app%2F&title=GBWhatsApp%20Pro%20APK%20Download%20%28Updated%29%202024%20Anti-Ban%20%7C%20OFFICIAL&source=https%3A%2F%2Fgbwhatsapppro.app
Title: Share on LinkedIn

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=GBWhatsApp%20Pro%20APK%20Download%20%28Updated%29%202024%20Anti-Ban%20%7C%20OFFICIAL%20%E2%80%94%20https%3A%2F%2Fgbwhatsapppro.app%2F
Title: Share on WhatsApp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gbwhatsapppro.pk/ HTTP 301
https://gbwhatsapppro.pk/ HTTP 301
https://gbwhatsapppro.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://googleads.g.doubleclick.net/pagead/adview?ai=C-7NBZlO1Zdb_HrDHssUPjs2pyAuVhoOQdNnGhrGuEo7755aCKhABIN-F8JcBYL8FoAGuhrHbAcgBCakCWBVhJuphXD6oAwHIA8sEqgTWAU_Q5DkR-IZ-eUDfnQ9tT7LMj0Q7XjgdqhkMYwzcIXJVRADyb2pC09MfDgvn_BnSAu4tUNBusGVUMCuqiOp5_61VfqclGI-Ow_5PD7ogSKwLdi5m5Tv2lxMOPBLH531t4miS_1OT_1kAxIHyuy7vg8SaR4NNhhZ9cpIrWclobfdHF4GMZYSdRbxZbDc2mHJItyTTtcvWVoabqxkSDHyIkiBgr6xhVCG7TBqa5P5xJu87Y7rYK28Q1SAhwnsp-fiMP2-r0Bf-SMkRePWsPgbN03ejmzfQ3_PABPjMsfG2BIgF2JzXg0ySBQQIBBgBkgUECAUYBKAGLoAHuvnOpAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDX8hDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WIqp2_6g_oMDmgkTaHR0cHM6Ly9hbWxib3QuY29tL4AKAcgLAdoMEQoLEPCrx_HRsvSA8QESAgEDuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMDgzNzgwODU3MDgwODcyGAA&sigh=qD7Oi-Ca3c0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_w7WjlosGFgI0Si2t-pnsVrBtriQYWIH8NdVK4bZGOWePsECQzB7wVwBUum5DUEaGnXgNnuL2z6m5zbAdsltZ9WRmqWWqUhDvjxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf8330fbc0013cfc50000000000000000%22,%222%22:%220xe8fde673e43c1580000000000000000%22,%223%22:%220xd5ecd1bf723304be0000000000000000%22,%224%22:%220x90183df1e867fbb40000000000000000%22,%225%22:%220x6714f19a587282bd0000000000000000%22},%22debug_key%22:%2213380618813985582953%22,%22debug_reporting%22:true,%22destination%22:%22https://amlbot.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22460079918%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214602534473007395313%22}&andc=true

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1&C=1

Request Chain 80

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbVTZ9ZGiog8ORT6m9vzCgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEChJvw8AyYyWcEjF9UE2wGs&google_cver=1

Request Chain 82

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMTU4NjYxNTYxMjI1NDQ2Ng%3D%3D

Request Chain 87

https://googleads.g.doubleclick.net/pagead/adview?ai=C-V6KZlO1Zcm4HbiMssUPn-a-6AHcusbFb-fQ7ve7EOCO7PSTDhABIN-F8JcBYL8FoAGegrb_KMgBCakCQbRsGCQFqT6oAwHIA8sEqgTSAU_QZlagL1EzqJtRbV8kDTPZz5JOdOm-ckgAFtXqVxzkR1yo4dxOlMtP7_qvbfjtwaQT8gucZc0TXjcXzNqzYnvndWqiLTcGqANhixGFm5TOcbfZI27r4gUl-BhpcY2b9OQTCyZPNRsqy5pZ0seYwetzZ4bRNclHqgaq0tzecRvpG5_0EakP1m7Jh_dHKYFn4F64zGgwjaRux3jBTuZTDf4yay6wrnD7fu0xYrOfz8I1JbDDGs4XeCCK_zGuWEf3nH-BUU26hs-BYt6C094cc3L22MAExYbFwo0EiAWW3-m-RZIFBAgEGAGSBQQIBRgEoAYugAeeuobfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEJrj_QHSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WObk2f6g_oMDmglTaHR0cHM6Ly9hZXN0aGV0aWNsb2Z0Y2xpbmljLmNvbS9zZXJ2aWNlcy9mb3RvbmEtNGQtbGFzZXItZmFjZS1saWZ0aW5nLWFuZC1zbGltbWluZy-ACgHICwGiDAgqBgoErLqxAtoMEAoKEKDumZyS-qiCNhICAQO4E-QD2BMNiBQD0BUBmBYBgBcBshccChoIABIUcHViLTIwODM3ODA4NTcwODA4NzIYAA&sigh=WdcuULnfDhU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_CbpqDP1m7ZkblSNT7pwWLHFxJ2xrSb-2U5Lqzx8P4sAFO4rlv4Vo23zUr0q5gDXsyc9zsc_V459Gv_H5lIZZiGYvRqcn_aSZbBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e5823d4debfa2700000000000000000%22,%222%22:%220x476c5720c2895a8b0000000000000000%22,%223%22:%220xa902263815c062c50000000000000000%22,%224%22:%220x27582f09bf6cfd0c0000000000000000%22,%225%22:%220x1b45375fb19b83aa0000000000000000%22},%22debug_key%22:%228070421329824737177%22,%22debug_reporting%22:true,%22destination%22:%22https://aestheticloftclinic.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211004641566%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223571609171332031505%22}&andc=true

Request Chain 101

https://fw.adsafeprotected.com/rfw/st/1924505/77817687/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fgbwhatsapppro.app&adsafe_type=y&adsafe_url=https%3A%2F%2Fgbwhatsapppro.app%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2083780857080872%26fa%3D1%26ifi%3D7%26uci%3Da!7%26btvi%3D1&adsafe_type=d&adsafe_jsinfo=,id:3708e9cc-ae33-ab6a-f5cc-5fb887e8385e,c:2yChbm,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5bfb858c85-dnrgr,rg:sg,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:30,oid:b26bbe8b-bd46-11ee-a241-9634e2bd82e9,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=

139 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gbwhatsapppro.app/
Redirect Chain

http://gbwhatsapppro.pk/
https://gbwhatsapppro.pk/
https://gbwhatsapppro.app/

86 KB
19 KB

1139ms
1054ms

Document
text/html

2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Rocket/3.4.4
Resource Hash: 7cf9f7dfeb1668859c6d85dafda2cba266bcba6fda26662459ceb3e7e3551d39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, public
cf-cache-status: DYNAMIC
cf-ray: 84c340d7fb31a041-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 19:03:02 GMT
expires: Sat, 27 Jan 2024 19:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1mzeJF5WRNPV20NDwcP0oYX3dG9pNaPa0qYA6w3tbM3nFl1B3%2Fiq4KrBWLaKuc1lvCKnBOdWue6LUSj%2FOEKHnVr9tNXhlRo%2FSYlQrkfer5JvRPjY7eAQjw%2Ba%2BGUWGeWMCSg9mCJLk0bK8e0L26D7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent,Accept-Encoding
x-powered-by: WP Rocket/3.4.4

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c340d2c9e93e35-SIN
content-type: text/html; charset=iso-8859-1
date: Sat, 27 Jan 2024 19:03:01 GMT
location: https://gbwhatsapppro.app/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCZ2tF0AQzcCWD3LHUYUIr562ExZ2ASDw4kaMFGwtHaF7SOZZrF9CVGB48Ho6gXijgNyJC9BzAnn5C59eGVNGNud%2B6A5HXThnjXhYfrzH42xveUKrQ12CZxeSllNhcMwoiG9rM2ZftGcAGMVb1Cl"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 56ms
28ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2083780857080872

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570c55aaafe089fac41ac8f7a8fc98ff57e4f88d580bbc49c5b1a57b0ffaa7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Origin: https://gbwhatsapppro.app
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51611
x-xss-protection: 0
server: cafe
etag: 11747917067759494991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 49ms
21ms Script
application/javascript 2404:6800:4003:c00::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ML4ERVY2RR

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcfcb9d066ebbacae4b5d6a410f0cc104ae078b1403d197dbe1fb924462a2dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 style.min.css
gbwhatsapppro.app/wp-includes/css/dist/block-library/ 107 KB
15 KB 21ms
20ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 02:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3251199
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUPGlkzjsZfQuXBZuLK6NeQctrWjfLbAXPq2UtvbnikXdAMcQTZXHTbO0IIuGczeog9lTLmI2xQ%2BtxM3PC9FT2j6Gl5tBCNxLEPYn4a57Us9f2Ykd3BlDamTleXySteQ26TDeG2qHF0p4ZQt3w9QOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340de9b98a041-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 20 Dec 2024 01:17:53 GMT

GET
H3 200 styles.css
gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 22ms
19ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.6
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 19:32:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uSMa1ZrDpYACMrOheb0OAOZ14NyQjyCzyZ5nrZ4QhIRA98MF%2BUs7prTppG5B7SZHE%2Bj95niTAR9a%2B4SqSOZfAyUo6mqjMih%2BxEpLnIbyxf54VE9XGxsYv0MMmC90cGp%2FZxRrCryu55bc0kgTW2B6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340deba3644a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 10 Jan 2025 19:39:57 GMT

GET
H3 200 scriptlesssocialsharing-style.css
gbwhatsapppro.app/wp-content/plugins/scriptless-social-sharing/includes/css/ 3 KB
1 KB 22ms
19ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/scriptless-social-sharing/includes/css/scriptlesssocialsharing-style.css?ver=3.2.4
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1a617ef3037728c07dbc27a24ddfb9a4271d3c42f756a77a0ddab152e152c66

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 14:53:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4980831
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX2VmFm1dVs6Bs90QmvqXHZyHK%2BJe6Xlf2w13kkKYNPRwJ4RerzTIcCGL8c1jav3PV8ZpxyPb8ubEXeMphisPB8PyzfPzl7zyEHLpxFO1MmL8V1m5qJW84ujV6IP4FXECzFUUQb51OX6JRgVPMJ72Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340deba3844a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Nov 2024 23:12:07 GMT

GET
H3 200 main.min.css
gbwhatsapppro.app/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 38ms
35ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 09:40:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048661
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5bSeKHA6zFCQLONAXVj8ES%2B8QEl%2Bzm6%2FvWmp5YM6wY%2BYF20eYkfh%2FYxGloA3AS22ER4PH8IhbG0%2FSKJdn2jPQ%2Fj7alDi2wzDFnDja8TfGKc4NSyRLuRZV2svcbR2EpSvx%2FQ0rXa7k3969pA64rWcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340deba3944a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Nov 2024 08:02:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 33ms
20ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic&display=auto&ver=3.3.0

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13c37d536f7c62a7650bd16c4d48bbd038ed1d3b9344c80b7f0b918e220fb6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 19:03:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H3 200 jquery.min.js Show response
gbwhatsapppro.app/wp-includes/js/jquery/ 86 KB
31 KB 38ms
36ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 02:28:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4980831
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BxeFABUmj467z8LcECNVnMbPIJNDo4wp6mY5%2FTptSOtvFjHOhBMs8D9qnFwJEn7gqM%2BVZt2Nw4E9GP8rvCxEYlhb6ayRt9r8ujqlZ%2BTydvqvG6Dk9XrgVjkHziI9tdNZA2iFIvZRRP%2BpQnNKwcIFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340deba3a44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Nov 2024 02:39:18 GMT

GET
H3 200 jquery-migrate.min.js Show response
gbwhatsapppro.app/wp-includes/js/jquery/ 13 KB
5 KB 22ms
20ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 02:28:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4980831
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKzPJaqYP%2Fyz8sTY9a7LAALSll%2FggwSgpbHo8tdwfFqezEyM%2Bdqw2RDg1EqFHDedaugkQzz3eLYJwGFkQjGFDx33AnykEWvxrIXKWMeqZUl%2Bt%2BZAOYKlMmumwDS%2FlNsSC52DX%2FtTe40sJI7LBazWXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340deba3b44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Nov 2024 02:39:18 GMT

GET
H3 200 GBWhatsApp-Pro-Logo.png
gbwhatsapppro.app/wp-content/uploads/2023/06/ 8 KB
8 KB 24ms
22ms Image
image/png 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbwhatsapppro.app/wp-content/uploads/2023/06/GBWhatsApp-Pro-Logo.png
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d23e423aaa78d91b9d1f4cc83813acab696884108f1ae205eff3cb071bc864

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 10:06:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3605856
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Exvx5oc%2FvS0qEkSQQuW%2Be0%2FSS28%2BwyBQKaybO0qkrHDhNQ4INasa2F4l%2FDF6U7Egn7O6%2B8u6oo8vsTtb6pfbiyDlOJPQguhBErWDUGUkhxOsRYoPOB%2Bkj9Oobtd4UIdvh%2F4kphEmdqgzSx5FrxsVOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 84c340deba3c44a0-SIN
alt-svc: h3=":443"; ma=86400
content-length: 8138
expires: Mon, 15 Apr 2024 01:25:25 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 406 KB
138 KB 47ms
38ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2083780857080872

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbd7bd88945c66cebd83c149e76520b8a8c6893f900e33e08dc7029d670bca31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140854
x-xss-protection: 0
server: cafe
etag: 7649194953009083280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 7382 9 KB
5 KB 21ms
5ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2083780857080872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 76066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 21:55:16 GMT
etag: 3890843268177463596
expires: Fri, 09 Feb 2024 21:55:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
36 KB 17ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic&display=auto&ver=3.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbwhatsapppro.app
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:53:14 GMT
x-content-type-options: nosniff
age: 248988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:53:14 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
255 B 18ms
4ms Ping
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ML4ERVY2RR&gtm=45je41o0v9175651578&_p=1706382182190&gcd=11l1l1l1l1&dma=0&cid=20433682.1706382182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706382182&sct=1&seg=0&dl=https%3A%2F%2Fgbwhatsapppro.app%2F&dt=GBWhatsApp%20Pro%20APK%20Download%20(Updated)%202024%20Anti-Ban%20%7C%20OFFICIAL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2163
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ML4ERVY2RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gbwhatsapppro.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0F1 366 KB
98 KB 431ms
430ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&adk=1812271804&adf=3025194257&lmt=1706382182&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgbwhatsapppro.app%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182268&bpp=57&bdt=101&idt=156&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6720250229525&frm=20&pv=2&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=180

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0572dd79fec0514def3d0f1b2a4995722bedf207bec3b8face4a3bbc97feacca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 100000
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 19:03:02 GMT
expires: Sat, 27 Jan 2024 19:03:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5BD9 120 KB
40 KB 564ms
564ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=9342665876&adk=366986306&adf=2653041513&pi=t.ma~as.9342665876&w=1200&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182458&bpp=3&bdt=291&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d5b40abd55bf6661c761ad773ddde182621fd9af5b6101959f3e87b2c2ae925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41000
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 19:03:03 GMT
expires: Sat, 27 Jan 2024 19:03:03 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1FC2 121 KB
40 KB 343ms
343ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=3048720263&adk=101065328&adf=1837538127&pi=t.ma~as.3048720263&w=1120&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1120x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182484&bpp=3&bdt=317&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c975e2638b0f67c74c9cf9184abc608120e4204a52c913208f9f457a1a87078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41252
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 19:03:02 GMT
expires: Sat, 27 Jan 2024 19:03:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GB-WhatsApp-Pro.jpg
gbwhatsapppro.app/wp-content/uploads/2023/06/ 68 KB
68 KB 13ms
11ms Image
image/jpeg 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbwhatsapppro.app/wp-content/uploads/2023/06/GB-WhatsApp-Pro.jpg
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b117f195d1125d37007154f205edd9d03770df8cfb277f46636b416bd686392

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 15:27:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2688343
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92f6ng9iBCOnBRMVbBpnYURyyNe13F7X4cjLnTXplJtdDOA%2BDvXdx7VMsWwEidB2N5lKIVARcVWep2uQ4qZ417v%2FiMJEWBhLNut8jLTLoWPmhWUH%2BihrIAyrQ59Ny4OClUuNMkRJWxJagZOtY9FfKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 84c340e0ac7444a0-SIN
alt-svc: h3=":443"; ma=86400
content-length: 69167
expires: Thu, 25 Apr 2024 15:00:23 GMT

GET
H3 200 emoji-reactions-feature.gif
gbwhatsapppro.app/wp-content/uploads/2023/06/ 121 KB
121 KB 22ms
20ms Image
image/gif 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbwhatsapppro.app/wp-content/uploads/2023/06/emoji-reactions-feature.gif
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4dfb0b44f7c3be5927811920ef057f130c65603f9c675336b6a0d9bd8c08207

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 15:47:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048660
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFOioCKNk%2BegufcjK6wVf%2FWQzLGP7cUfnNOS7GxDDbWfrCXG2%2BUG5XwXh0jWpJ0dBmWG7%2FVAmw3bHqBc4TPBXfW%2BG%2FjkGyMr%2BJJe96hMEZE7TXAcXRv3x3IN0D6K%2FQfpblKF9tV2k9MFbozIDlAViQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 84c340e0ac7544a0-SIN
alt-svc: h3=":443"; ma=86400
content-length: 123597
expires: Fri, 29 Mar 2024 07:19:55 GMT

GET
H2 200 2705.svg
s.w.org/images/core/emoji/14.0.0/svg/ 482 B
792 B 25ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2705.svg

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT sin 2
date: Sat, 27 Jan 2024 19:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 482
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 274c.svg
s.w.org/images/core/emoji/14.0.0/svg/ 491 B
802 B 25ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/274c.svg

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

27f8ab7873cee2b392d76fa453d5c3cc1c4166dbb8d7734ff491dced2f84c7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT sin 2
date: Sat, 27 Jan 2024 19:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 491
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 GB-WhatsApp-Pro-APK.png
gbwhatsapppro.app/wp-content/uploads/2023/06/ 116 KB
116 KB 38ms
38ms Image
image/png 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gbwhatsapppro.app/wp-content/uploads/2023/06/GB-WhatsApp-Pro-APK.png
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337ae098dd5901bc220fc0d6c73679e7aba099e5362eef5d7aded2610448e1e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 16:57:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 653696
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WILBMj7OCM51skv4FvswWiUXgMhsX1ZGLLaAbmIeQ3lVyieqZ5GQwY0wOVBGtCWUoU5j1BsfOub%2F3yQfzNIIXiFmsiKSKtvtSSEI5AEBqGOfbdb8xglcj2blepvpCLy7znZrsESSaLfA8NE15sP85w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 84c340e0ac7644a0-SIN
alt-svc: h3=":443"; ma=86400
content-length: 118307
expires: Sun, 19 May 2024 03:08:26 GMT

GET
H3 200 email-decode.min.js Show response
gbwhatsapppro.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 7ms
7ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gbwhatsapppro.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ujml0tfM4O3vtEPs2YYZ5q%2FRCqatt4%2FlBq6KaFMkJlU%2F7ZJrfgK%2F2S92Izr38pTHce2DbOsBfu6jw7eWQUuq8XEMvyupphv0qbk2xjPdP5wS1VDhPs7VaKFZuHlgRkywR9Y8XabdNOAe%2BT4Nf5nUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84c340e0ac7744a0-SIN
expires: Mon, 29 Jan 2024 19:03:02 GMT

GET
H3 200 shortcodes.css
gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/ 44 KB
8 KB 64ms
62ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=7.0.2
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Jan 2024 04:24:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 224517
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1Jp7Fl7woNo%2BvlLwVdqKJqnILGxQAgV81%2BBUEvzAIwp3lPJX9LLTwhqH1wBFwQEbDaguVQXiJJKyCx8n5cOMw%2Fl6JFImJU665c5CixDF8yImSEu25Nvsv53HB6Vz5AExxO9yAm3FyPA4H1BWv8big%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7944a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Jan 2025 04:39:00 GMT

GET
H3 200 icons.css
gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/ 37 KB
9 KB 64ms
63ms Stylesheet
text/css 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 17:27:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048661
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AOdp11k11ikP0RuAAWGruWfeoLqZrTc1n4jYFreR8TsTFFYAzT%2FyWbIYVanKoduUiNt66OxdmQvsVcaWt3n5cw6QNtv9IfHhFkf3Jkj86mzKdFQmyhgmW%2BzohSlMVKePzLfMkDwN158OjYWoKzEHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7a44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Nov 2024 07:45:33 GMT

GET
H3 200 index.js Show response
gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 66ms
64ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.6
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 19:32:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380104
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKEPDRY%2BMk6NYU6NPL10OcB9fjnnaB8N8cjyFfpxb63HWeYI7rhnKsjnqwm1r2sgmPOZQ2x%2BTADchgRrUImyMtjQmK%2FdwcOlUDPDtAAx%2Fz4%2BwuTcH5Tp5wqi%2Fs%2FDcrB6q4oCBCltPpQrDPmyliKMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7b44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 10 Jan 2025 19:39:58 GMT

GET
H3 200 index.js Show response
gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 67ms
65ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.6
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 19:32:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1380103
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Dg%2FTocmoGC152KAKMUsRWanFw9Xk4YZzuUIk4gdSiZT1EJ7tHDmf7w%2Fj%2FfhZYQjS44VZ2U%2FxizKzKYVMpND8HGsNY%2BPvVN3yibFYCptka5hk3r%2FikWBUZzrBXWVgFeTUMmCQUtQ55RR18Rrd%2FSWMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7c44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 10 Jan 2025 19:39:58 GMT

GET
H3 200 menu.min.js Show response
gbwhatsapppro.app/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 67ms
65ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 09:40:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5336525
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfDctLFON9Itbqxm7KXmJFlcMRY%2BMbcIbNNhnyoyNK23wTSdsWRc6WBdKvYB%2FCTUKTKkDpFw0U%2FWCzbbsZR4iQpjygI6pvSlyuT%2BmkQ3DdHyhVYw%2F4sby4BlYdFy7lCKEdcw01rP887SyAFxVzcpzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7d44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 25 Nov 2024 21:07:54 GMT

GET
H3 200 back-to-top.min.js Show response
gbwhatsapppro.app/wp-content/themes/generatepress/assets/js/ 757 B
862 B 68ms
66ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.3.0
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Jun 2023 09:40:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5048661
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ved%2BLKUzY58W4al3pz2wq%2B1UBH19ptFnuKXHSFGfE7QDCCwwTFyWJ1EPcrIsTwwxFHVzHo6bqYnRWdkDXtNsbfhpJQmXbeYjeIQXiPpnb59UO5p0Gib9940QRhEY4wTAqvFr%2BtloDqBrEbqm9BB7VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7e44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Nov 2024 08:02:01 GMT

GET
H3 200 index.js Show response
gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 15 KB
5 KB 68ms
66ms Script
application/javascript 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=7.0.2
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14d7aa713df1750803daa3bf7d7449b982797e66ad0be8ca78c2a1721aaab43

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 25 Jan 2024 04:24:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 224517
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzb7RmIK2%2FLP7Y7a9XMu0Nhf552LF2vJvxWnAj4PwZMkWzGru%2BmM%2FBVQ5Z4kwOs%2FSZosqCZ1BZdjw31ziNFZtRpMeG%2BFkx%2FeNvQqeKr%2F8M43MJp3A3DtTLP9xnKqIJoLEvI%2ByzlDDn1953uSmgY5EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84c340e0bc7f44a0-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Jan 2025 04:39:00 GMT

GET
H2 200 0QIhMX1D_JOuMw_LIftL.woff2
fonts.gstatic.com/s/lora/v32/ 38 KB
38 KB 15ms
14ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIhMX1D_JOuMw_LIftL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora%3Aregular%2C500%2C600%2C700%2Citalic%2C500italic%2C600italic%2C700italic&display=auto&ver=3.3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d55ce9c3ac7a5f37a38813a2deed310abde9e63d0d36912e2e5e59751ca66c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gbwhatsapppro.app
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:59:21 GMT
x-content-type-options: nosniff
age: 248621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39208
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:46:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:59:21 GMT

GET
H3 200 forkawesome-webfont.woff2
gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/ 107 KB
108 KB 16ms
16ms Font
font/woff2 2606:4700:3030::6815:45ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/vendor/fork-awesome/fonts/forkawesome-webfont.woff2?v=1.2.0
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:45ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49

Request headers

Referer: https://gbwhatsapppro.app/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
Origin: https://gbwhatsapppro.app
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Dec 2023 11:34:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3605856
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ub49NxNXrZx%2BaFQbxpNUem4eU5fdldLQfTMXOa4MP8poOJsVneH34vcfBMfnHdkA8yUwLBWDCFYJVBW1VQ905e0GBtQ5%2BgPA6HGFMxCR1jF%2BXI8JQWViaKNIrnxhDcJnZLH%2F9Z9Ceu4YSnorMUANw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 84c340e17d3844a0-SIN
alt-svc: h3=":443"; ma=86400
content-length: 109916
expires: Mon, 15 Apr 2024 00:01:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1FC2 4 KB
728 B 8ms
6ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=3048720263&adk=101065328&adf=1837538127&pi=t.ma~as.3048720263&w=1120&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1120x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182484&bpp=3&bdt=317&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:44:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1FC2 2 KB
903 B 33ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 21:46:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 1FC2 23 KB
9 KB 18ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 07:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 07:17:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1FC2 3 KB
1 KB 22ms
8ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1FC2 20 KB
9 KB 26ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FC2 205 KB
65 KB 29ms
7ms Script
text/javascript 2404:6800:4003:c0f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 ddb466d8785cb75acd721f17b1b8dd87.js Show response
www.gstatic.com/mysidia/ Frame 1FC2 37 KB
16 KB 18ms
5ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15487
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 03:17:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 07:36:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4864641958568168482/ Frame 1FC2 31 KB
31 KB 17ms
11ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4864641958568168482/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e5002c20be47b25caac73171d98965e1252ddee87d61d41fec20831031f4f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 26 Jan 2025 12:41:12 GMT
date: Sat, 27 Jan 2024 12:41:12 GMT
x-content-type-options: nosniff
age: 22910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31683
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 16:49:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1239824014708124953/ Frame 1FC2 6 KB
6 KB 23ms
17ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1239824014708124953/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24fbaa0dcf9a65010838e84f4bda9dbdb91b95d518681829d236f1fb4d03dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 26 Jan 2025 13:07:40 GMT
date: Sat, 27 Jan 2024 13:07:40 GMT
x-content-type-options: nosniff
age: 21322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6527
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 13:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 1FC2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdf4b4499ebab6759f6ce1d3ae5ee5fdd1d336cd7e9c35bafcc38da8903e02e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 165 KB
56 KB 18ms
17ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/reactive_library_fy2021.js?bust=31080697

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4a5501a613581a36f686344cb4daf0d59f595268f6f04e4600706d1199d0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57008
x-xss-protection: 0
server: cafe
etag: 11235583968756658534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:03:02 GMT

GET
H2 200 ca-pub-2083780857080872 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 47ms
32ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2083780857080872?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

920218c1da3f06d4921c7be30615cd277e0f1d9610eb49005fa5f6b91cf14c1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n7Cf6-X_x2zigAXXErN0NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-n7Cf6-X_x2zigAXXErN0NQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusKoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gZin_oZrFFAXHb7HGsdEAtxczxfdnUtm0DHi3uCADIeXx4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5BD9 4 KB
655 B 15ms
13ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2083780857080872&output=html&h=280&slotname=9342665876&adk=366986306&adf=2653041513&pi=t.ma~as.9342665876&w=1200&fwrn=4&fwrnh=100&lmt=1706382182&rafmt=1&format=1200x280&url=https%3A%2F%2Fgbwhatsapppro.app%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706382182458&bpp=3&bdt=291&idt=3&shv=r20240122&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6720250229525&frm=20&pv=1&ga_vid=20433682.1706382182&ga_sid=1706382182&ga_hid=840866792&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=100&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079265%2C44795922%2C31080697%2C95322181%2C95320893%2C95321626%2C95322166%2C95323009&oid=2&pvsid=326298708256248&tmod=776720737&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:36:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 19:03:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5BD9 2 KB
861 B 11ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 21:46:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 5BD9 23 KB
9 KB 7ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 07:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 07:17:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5BD9 3 KB
1 KB 8ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5BD9 20 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5BD9 205 KB
62 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 18:22:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63000
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:22:56 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 5BD9 37 KB
15 KB 9ms
5ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 08:23:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1FC2 16 KB
16 KB 12ms
12ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:45:28 GMT
x-content-type-options: nosniff
age: 249455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:45:28 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1FC2 10 KB
10 KB 16ms
14ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 22:48:44 GMT
x-content-type-options: nosniff
age: 245659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 22:48:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1FC2 15 KB
15 KB 15ms
13ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:48:55 GMT
x-content-type-options: nosniff
age: 249248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:48:55 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1122648390885987507/ Frame 5BD9 24 KB
24 KB 71ms
70ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1122648390885987507/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51d8302a850a3b03f422ec8d3d5294172646be170a0de34a621e499da7081127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24324
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 05:16:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 26 Jan 2025 19:03:03 GMT

GET
H2 200 10083602392056568056
tpc.googlesyndication.com/simgad/ Frame 5BD9 2 KB
2 KB 7ms
6ms Image
image/png 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10083602392056568056?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfa01e43a86729fdd58f239ff7010f02fef6ef2d6b2cd7ab2dc51daf4a8c3d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 26 Jan 2025 16:54:49 GMT
date: Sat, 27 Jan 2024 16:54:49 GMT
x-content-type-options: nosniff
age: 7694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2430
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 05:14:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1FC2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-7NBZlO1Zdb_HrDHssUPjs2pyAuVhoOQdNnGhrGuEo7755aCKhABIN-F8JcBYL8FoAGuhrHbAcgBCakCWBVhJuphXD6oAwHIA8sEqgTWAU_Q5DkR-IZ-eUDfnQ9tT7LMj0Q7XjgdqhkMYwz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf8330fbc0013cfc50000000000000000%22,%222%22:%220xe8fde673e43c1580000000000000000%22,%223%22:%220xd5ecd1b...

0
0

20ms
6ms

Fetch
text/css

142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf8330fbc0013cfc50000000000000000%22,%222%22:%220xe8fde673e43c1580000000000000000%22,%223%22:%220xd5ecd1bf723304be0000000000000000%22,%224%22:%220x90183df1e867fbb40000000000000000%22,%225%22:%220x6714f19a587282bd0000000000000000%22},%22debug_key%22:%2213380618813985582953%22,%22debug_reporting%22:true,%22destination%22:%22https://amlbot.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22460079918%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214602534473007395313%22}&andc=true

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Server

142.251.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf8330fbc0013cfc50000000000000000","2":"0xe8fde673e43c1580000000000000000","3":"0xd5ecd1bf723304be0000000000000000","4":"0x90183df1e867fbb40000000000000000","5":"0x6714f19a587282bd0000000000000000"},"debug_key":"13380618813985582953","debug_reporting":true,"destination":"https://amlbot.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["460079918"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"14602534473007395313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 19:03:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf8330fbc0013cfc50000000000000000","2":"0xe8fde673e43c1580000000000000000","3":"0xd5ecd1bf723304be0000000000000000","4":"0x90183df1e867fbb40000000000000000","5":"0x6714f19a587282bd0000000000000000"},"debug_key":"13380618813985582953","debug_reporting":true,"destination":"https://amlbot.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["460079918"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"14602534473007395313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame C475 9 KB
4 KB 5ms
5ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 25248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 12:02:15 GMT
etag: 3890843268177463596
expires: Sat, 10 Feb 2024 12:02:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame D997 9 KB
4 KB 5ms
4ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 25248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 12:02:15 GMT
etag: 3890843268177463596
expires: Sat, 10 Feb 2024 12:02:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVeVwpxHTFUaPS5uUbckHWEdEseQnR8_aqXjzJMGY3s0VbjmfZEgzChW_ab14P7_EwjZaMPTYI3jxCTaDRdtN_y82kQgSuv6oIHBPRnLDHXS-UXjkPhEK3lySZz5Unq-O-W8k8rCQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 19ms
19ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVeVwpxHTFUaPS5uUbckHWEdEseQnR8_aqXjzJMGY3s0VbjmfZEgzChW_ab14P7_EwjZaMPTYI3jxCTaDRdtN_y82kQgSuv6oIHBPRnLDHXS-UXjkPhEK3lySZz5Unq-O-W8k8rCQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MzgyMTgzLDIyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nYndoYXRzYXBwcHJvLmFwcC8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMxCWJ8ZoRM9YMYskYzXXr5AnF0WAQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

604b6914d5769003f75273674463a498f04f876d7122068b6f648bdf006b6983

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-T82vBkNUz1lbJWqHiysdLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-T82vBkNUz1lbJWqHiysdLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KchxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIm-P5sqtr2QRWLDlVBgCWAWFy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame F494 51 KB
19 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 11:32:37 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 32ms
6ms Preflight
text/html 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 19:03:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5BD9 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a324b514369af3f62faebb435ab299843aba5133a2b4df5db604eb4c289e9dc4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css2
fonts.googleapis.com/ Frame C475 4 KB
671 B 7ms
7ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 18:33:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 19:03:03 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C475 205 B
229 B 7ms
6ms Image
image/png 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:29:40 GMT
x-content-type-options: nosniff
age: 113603
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Jan 2025 11:29:40 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C475 604 B
628 B 10ms
8ms Image
image/png 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:12:28 GMT
x-content-type-options: nosniff
age: 121835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Jan 2025 09:12:28 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame C475 16 KB
7 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 13:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6870
x-xss-protection: 0
server: cafe
etag: 16407976921096022632
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:27:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame C475 22 KB
9 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 13:27:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 13:27:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 52BF 624 B
242 B 15ms
11ms Document
text/html 2404:6800:4003:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXC0MJ8fKKcGuN3T6lk7X71LZE5iwAe8XU5xOKEcATQyghN-pluuqd1_MtX2d1jild17vweXhhZGwDKrRVLOaZgzjxX0A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 19:03:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1924505/77817687/ Frame D997 270 KB
79 KB 41ms
7ms Script
application/javascript 3.0.86.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1924505/77817687/skeleton.js
Requested by: Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.0.86.137 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-0-86-137.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: fe4a9f1df15f16776b34649e49ee82b0e7aa1bc86a0750b32078f59fed7e7373

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D997 23 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 01:14:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 01:14:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame D997 8 KB
3 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 16:39:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 16:39:42 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D997 0
0 42ms
16ms Fetch
image/gif 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuU9z50lfq-uLWhXqyUeVmy3GAymNbgVzfHTAG9I_aotFP4XhAsgn4TNBML5d4POiCun1FGgQKtpRUu3OIWPEk1p9X2xumFRx9U7WDG2hhUFvw-79H4qHWSre9WXmTET-Q0NR8iU6DYoOFG2zmZRR4e6yHgx931ssvxUcgfKl6gLq2tLSu3zW0HRzJ_HwuSIwBirmWTVkzQZX0oB7hZq5WES6ftW6qkJ3RoSCroqli8P2BXNK6zPUWfhnN9oPlqOdcfGBeqJFY0HedUEws54-w4qX9cxvxaxVr2vsHfLcGv3Y9s86PpXSZ5tijMJsJWzfi8QEqOMhHuL9NjamlzXyOinWPp1BEEqlaP0fbu8Pqgz5sYMFeN5NSlw80dXUv-MR0Y5elX_j77mnqcqJ5so9W-s1IyZOQBea6FtegRHR35nr4gXuqZWXevGOuFCGvT56dRrZuszobJc-COZIpYTRJa-_Bptk-lwwwDq4twCKlkXCPib43W7Zhdxab_WSYh1McbkToY0qpYdaMp_p_CnuWpIT4vpnNJT2qj9bVWV6NjZC_6drG5we5IeLgRLUd7gFBJ7vLW37qeN_glDXycFNQiOBzCQ_-a4kTHI-O8wNrGizS_UWulichnFb1EjtO8ZtjH2A5igbeG0Ah-6jG5Hez0iPmu6qt8-0YW-ch3JlnJJqNLEKd8YG96XDdYDUjOhtabUFWCCm8ytVy_7bodQVkp2KkRtf321jf3Cg9gCZRlGI21IqipooceCx3WO_z4tHnIcvxj3yMUOJbmQb9WWHGpfWvo-i2n2beQWGed7HzV6L6rHJPDNQyKFVekAODcatstSXcxBVwiiBeorwNgo8ziqhKcpBznt7PV6BbXep_oBlvuRddhW2ZhohlU0_5qwnN6hqcKDGmcls7QOF29RkekHOkbye6VZg5rdici8PhnPWyNURvoLvu4fjI8m-VcLviX9Sj4nvzHiHHc6OADhqOZFCpeXRrIEh1jGUkZZauS8IpNtbSLNsBgIMSzJdkR6krrugq88V0jUKPdWSbCKnYzxMRNWvdwyA9vfznYUgj-pSSQWoRCFGKT3ke7TuQZ90MBrHwLZVcAc8lBCBu5jEiFYxD6U5li0HSoYOJlUD-5_ibyZ7zRJxndKWyifDsZWKUpm7E6yfg37l5Rsl2cxbXaNVLWclSy6H__kg_0ySwFdyfJJ5ZWwTuOJDtBV8tYIS9pYDbDk2QEZlpEyetf6hVz69JviBSR9aeoifN85aaynx3UDHCiN1G90V76eo-Fap6hg2mLh2zZkwTRAbiwZqZd9ieEhoZRqikNNxTFlidOTRFth4mkmTqA-A86ngs&sai=AMfl-YScNQ4zH1qwjXuC9RS7PasfrtfOCVAIvUUqwOcs3jXGe9crOc1qEqL-1cVnMKb0DvIaquUwJrWSxCAH4Zbyhj6FK0-IlGVOgQKDtiy6Gdq0nLnTGUTcg2HuMdP_T6tFKCP1E33hWc65jOuaRJVLjEqhNPTflCzvQ5uZ7OYCqacq3VXYba1umzOnozrGP-rrzGGMyzd4U4F7t52_83-gfwt34miFtWUlpJtk8JDe3PXm6hP0VD9f9w2IA0A6qLFX0TJA-kogyyAEt8-iWu_Fjkz9UVjf1ykoRjOls_0iwxMXDAZ-B-u7N0jpc8S5gnlhnBu-ywdPSTPc3ie5_90vgQt5rDzM8Bj5hDDEXEdah_eUJ2bEUiELG0x9P7ExJb6BEZjdMqC71FBDi7XFYSyLH5cLAEX_unR8ZU7ae4UcqGWFGSWkUgjfVzlyoBd4ABhlviuCH-pRc4F-CR9SbzO9GrGCudQSyppcSIXIc5Dgalsdwog5VKWIMzi2MyhKBtji7UjMlgk&sig=Cg0ArKJSzHjLWhn93IrtEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYXphZGEuc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20240122.50203&arae=0&ftch=1&adurl=

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D997 41 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Jan 2025 04:52:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D997 3 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D997 20 KB
8 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D997 42 B
63 B 7ms
6ms Image
image/gif 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AhxnssyXT952YiNVaHPEnZlaCM7NVfP3RYByUwIwwFpTE0U-wGvNHDBnAssZ5bNmsfGUlyUDAYcTeq8hL0G9k4S1ZSNrmK9vt82JqCHdyBrOwScS0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D997 205 KB
65 KB 10ms
5ms Script
text/javascript 2404:6800:4003:c0f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:03:03 GMT

GET
H2 200 6841486161983271656
s0.2mdn.net/simgad/ Frame D997 79 KB
80 KB 22ms
7ms Image
image/jpeg 2404:6800:4003:c01::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6841486161983271656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::95 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162bf1963f866686d1e53e1eec3a67d57bde651d98706e097b23d87666c7b7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 24 Jan 2025 00:30:08 GMT
date: Thu, 25 Jan 2024 00:30:08 GMT
x-content-type-options: nosniff
age: 239575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81155
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 08:57:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 52BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1&C=1

43 B
342 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXC0MJ8fKKcGuN3T6lk7X71LZE5iwAe8XU5xOKEcATQyghN-pluuqd1_MtX2d1jild17vweXhhZGwDKrRVLOaZgzjxX0A
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgABk9zoioBh3nHvizLzHoTgprqlE%2FfH%2F0QmumC%2FiwtM35u8UZX8DQcKPWgMSivb38VlQ%2BpFvtKUxQGWYUIe7wLS5ellAZzA7wATvCl%2F6ybOzjAkvDwCGp8JAPjS5HGGxN8IyPxajVb%2Fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84c340e6dafe895f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeK%2F4gjWppLWZM9FehEu%2BRuaiJR2g5ptBBwGN4BeoHq1nw%2B0Czv%2Fhw9SmqCePZoazywW%2Bx%2BkALe%2F9cc7h5ZVS4cG4JVRl2EGJHcCrFALSHaxZATSaUgD7JJ4iV7AWKZga2AgNOrvaXRQVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84c340e6bac2895f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 52BF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbVTZ9ZGiog8ORT6m9vzCgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1

43 B
778 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXC0MJ8fKKcGuN3T6lk7X71LZE5iwAe8XU5xOKEcATQyghN-pluuqd1_MtX2d1jild17vweXhhZGwDKrRVLOaZgzjxX0A
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNg5JqzMVvUcyHL9E0iyGT0Q9yvB%2BY1UTOWt%2FQcS%2B0KnPkT%2Fypv03MEhq6RnhOv3v3vCjeq8Eyk40IwEO%2Frh7VT7rLyYEE7inCrP%2FZmmUBw%2BbQOEE%2BX8ALMWPYeRrqvUFo0KXmebxPpCkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84c340e74ccd5f53-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFC7to-_QaZ6g2hGINPk2D0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 52BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEChJvw8AyYyWcEjF9UE2wGs&google_cver=1

43 B
1 KB

4ms
3ms

Image
image/gif

103.43.90.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEChJvw8AyYyWcEjF9UE2wGs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIWIo9oFENOd2t0FGNXHpIMCMAE&v=APEucNXC0MJ8fKKcGuN3T6lk7X71LZE5iwAe8XU5xOKEcATQyghN-pluuqd1_MtX2d1jild17vweXhhZGwDKrRVLOaZgzjxX0A

Protocol

Server

103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
an-x-request-uuid: 8a686df5-ba9f-47d6-b4d3-78a634c0f1da
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 209.58.162.198; 209.58.162.198; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEChJvw8AyYyWcEjF9UE2wGs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 52BF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMTU4NjYxNTYxMjI1NDQ2Ng%3D%3D

170 B
243 B

14ms
12ms

Image
image/png

74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMTU4NjYxNTYxMjI1NDQ2Ng%3D%3D

Requested by

Protocol

Server

74.125.200.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
an-x-request-uuid: eff51cca-33cf-4ea1-aa4c-bd4f0d1baa7c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTcyMTU4NjYxNTYxMjI1NDQ2Ng%3D%3D
x-proxy-origin: 209.58.162.198; 209.58.162.198; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BD9 16 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:45:28 GMT
x-content-type-options: nosniff
age: 249455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:45:28 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5BD9 15 KB
15 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 21:48:55 GMT
x-content-type-options: nosniff
age: 249248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jan 2025 21:48:55 GMT

GET
H3 200 AGSKWxX5R2xFlhQxUyGrpRs24aGZllJlXHXV2RwhGpc5syIWDYLR41IBcR4Yh2j-K65jCNGL9b3TtjM8c3u5rXwfs0HhAu9fV-VE1fa6UoyVwjpV13K5MkMUWVV7x8_eIAbdf4AU4vqa2g== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 30ms
29ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX5R2xFlhQxUyGrpRs24aGZllJlXHXV2RwhGpc5syIWDYLR41IBcR4Yh2j-K65jCNGL9b3TtjM8c3u5rXwfs0HhAu9fV-VE1fa6UoyVwjpV13K5MkMUWVV7x8_eIAbdf4AU4vqa2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MzgyMTgzLDQ2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2J3aGF0c2FwcHByby5hcHAvIixudWxsLFtbOCwiWXRrdlV2cjBLaEkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1a5056205d5f96e17c237091c0eb32b9e1bf13ace30f7b0672ebfb2dddf14572

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q2Nm-comPJAKZW3k3lH9rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-q2Nm-comPJAKZW3k3lH9rA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXFEKwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh-P5sqtr2QQm_P_5ghEA_jxiXQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D997 0
0 9ms
8ms Fetch
image/gif 74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuU9z50lfq-uLWhXqyUeVmy3GAymNbgVzfHTAG9I_aotFP4XhAsgn4TNBML5d4POiCun1FGgQKtpRUu3OIWPEk1p9X2xumFRx9U7WDG2hhUFvw-79H4qHWSre9WXmTET-Q0NR8iU6DYoOFG2zmZRR4e6yHgx931ssvxUcgfKl6gLq2tLSu3zW0HRzJ_HwuSIwBirmWTVkzQZX0oB7hZq5WES6ftW6qkJ3RoSCroqli8P2BXNK6zPUWfhnN9oPlqOdcfGBeqJFY0HedUEws54-w4qX9cxvxaxVr2vsHfLcGv3Y9s86PpXSZ5tijMJsJWzfi8QEqOMhHuL9NjamlzXyOinWPp1BEEqlaP0fbu8Pqgz5sYMFeN5NSlw80dXUv-MR0Y5elX_j77mnqcqJ5so9W-s1IyZOQBea6FtegRHR35nr4gXuqZWXevGOuFCGvT56dRrZuszobJc-COZIpYTRJa-_Bptk-lwwwDq4twCKlkXCPib43W7Zhdxab_WSYh1McbkToY0qpYdaMp_p_CnuWpIT4vpnNJT2qj9bVWV6NjZC_6drG5we5IeLgRLUd7gFBJ7vLW37qeN_glDXycFNQiOBzCQ_-a4kTHI-O8wNrGizS_UWulichnFb1EjtO8ZtjH2A5igbeG0Ah-6jG5Hez0iPmu6qt8-0YW-ch3JlnJJqNLEKd8YG96XDdYDUjOhtabUFWCCm8ytVy_7bodQVkp2KkRtf321jf3Cg9gCZRlGI21IqipooceCx3WO_z4tHnIcvxj3yMUOJbmQb9WWHGpfWvo-i2n2beQWGed7HzV6L6rHJPDNQyKFVekAODcatstSXcxBVwiiBeorwNgo8ziqhKcpBznt7PV6BbXep_oBlvuRddhW2ZhohlU0_5qwnN6hqcKDGmcls7QOF29RkekHOkbye6VZg5rdici8PhnPWyNURvoLvu4fjI8m-VcLviX9Sj4nvzHiHHc6OADhqOZFCpeXRrIEh1jGUkZZauS8IpNtbSLNsBgIMSzJdkR6krrugq88V0jUKPdWSbCKnYzxMRNWvdwyA9vfznYUgj-pSSQWoRCFGKT3ke7TuQZ90MBrHwLZVcAc8lBCBu5jEiFYxD6U5li0HSoYOJlUD-5_ibyZ7zRJxndKWyifDsZWKUpm7E6yfg37l5Rsl2cxbXaNVLWclSy6H__kg_0ySwFdyfJJ5ZWwTuOJDtBV8tYIS9pYDbDk2QEZlpEyetf6hVz69JviBSR9aeoifN85aaynx3UDHCiN1G90V76eo-Fap6hg2mLh2zZkwTRAbiwZqZd9ieEhoZRqikNNxTFlidOTRFth4mkmTqA-A86ngs&sai=AMfl-YScNQ4zH1qwjXuC9RS7PasfrtfOCVAIvUUqwOcs3jXGe9crOc1qEqL-1cVnMKb0DvIaquUwJrWSxCAH4Zbyhj6FK0-IlGVOgQKDtiy6Gdq0nLnTGUTcg2HuMdP_T6tFKCP1E33hWc65jOuaRJVLjEqhNPTflCzvQ5uZ7OYCqacq3VXYba1umzOnozrGP-rrzGGMyzd4U4F7t52_83-gfwt34miFtWUlpJtk8JDe3PXm6hP0VD9f9w2IA0A6qLFX0TJA-kogyyAEt8-iWu_Fjkz9UVjf1ykoRjOls_0iwxMXDAZ-B-u7N0jpc8S5gnlhnBu-ywdPSTPc3ie5_90vgQt5rDzM8Bj5hDDEXEdah_eUJ2bEUiELG0x9P7ExJb6BEZjdMqC71FBDi7XFYSyLH5cLAEX_unR8ZU7ae4UcqGWFGSWkUgjfVzlyoBd4ABhlviuCH-pRc4F-CR9SbzO9GrGCudQSyppcSIXIc5Dgalsdwog5VKWIMzi2MyhKBtji7UjMlgk&sig=Cg0ArKJSzHjLWhn93IrtEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sYXphZGEuc2c&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=113&vt=11&dtpt=111&dett=2&cstd=0&cisv=r20240122.50203&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5BD9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-V6KZlO1Zcm4HbiMssUPn-a-6AHcusbFb-fQ7ve7EOCO7PSTDhABIN-F8JcBYL8FoAGegrb_KMgBCakCQbRsGCQFqT6oAwHIA8sEqgTSAU_QZlagL1EzqJtRbV8kDTPZz5JOdOm-ckgAFtX...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e5823d4debfa2700000000000000000%22,%222%22:%220x476c5720c2895a8b0000000000000000%22,%223%22:%220xa90226...

0
0

6ms
5ms

Fetch
text/css

142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9e5823d4debfa2700000000000000000%22,%222%22:%220x476c5720c2895a8b0000000000000000%22,%223%22:%220xa902263815c062c50000000000000000%22,%224%22:%220x27582f09bf6cfd0c0000000000000000%22,%225%22:%220x1b45375fb19b83aa0000000000000000%22},%22debug_key%22:%228070421329824737177%22,%22debug_reporting%22:true,%22destination%22:%22https://aestheticloftclinic.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211004641566%22],%2222%22:[%22true%22],%224%22:[%2201-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223571609171332031505%22}&andc=true

Requested by

Host: gbwhatsapppro.app
URL: https://gbwhatsapppro.app/

Protocol

Server

142.251.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9e5823d4debfa2700000000000000000","2":"0x476c5720c2895a8b0000000000000000","3":"0xa902263815c062c50000000000000000","4":"0x27582f09bf6cfd0c0000000000000000","5":"0x1b45375fb19b83aa0000000000000000"},"debug_key":"8070421329824737177","debug_reporting":true,"destination":"https://aestheticloftclinic.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11004641566"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"3571609171332031505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Jan 2024 19:03:03 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9e5823d4debfa2700000000000000000","2":"0x476c5720c2895a8b0000000000000000","3":"0xa902263815c062c50000000000000000","4":"0x27582f09bf6cfd0c0000000000000000","5":"0x1b45375fb19b83aa0000000000000000"},"debug_key":"8070421329824737177","debug_reporting":true,"destination":"https://aestheticloftclinic.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11004641566"],"22":["true"],"4":["01-27"],"6":["true"]},"priority":"500","source_event_id":"3571609171332031505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 9485 9 KB
4 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 09:12:28 GMT

GET
H3 200 1998dfb009663f6d7c7a35473f5431a2.js Show response
www.gstatic.com/mysidia/ Frame 9485 174 KB
64 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1998dfb009663f6d7c7a35473f5431a2.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6b238a58690117829ecb5359b23e6375966921bc7afecbc5f9f78c1f9518ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65092
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 08:39:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9485 7 KB
1 KB 18ms
16ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 27 Jan 2024 17:35:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Jan 2024 19:03:03 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9485 2 KB
822 B 13ms
11ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 21:46:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 9485 23 KB
9 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 07:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 07:17:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9485 3 KB
1 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 9485 20 KB
8 KB 16ms
15ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 04:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 04:52:49 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9485 205 KB
65 KB 14ms
13ms Script
text/javascript 2404:6800:4003:c0f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:03:03 GMT

GET
H3 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 9485 37 KB
15 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 08:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 08:23:55 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame FAD6 51 KB
19 KB 12ms
11ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 11:32:37 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 14ms
7ms Preflight
text/html 142.251.175.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 19:03:03 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BED3 38 KB
13 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 51014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 04:52:49 GMT
expires: Sun, 26 Jan 2025 04:52:49 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D997 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1546c7e2f1dfd35f613708dfa386c49ead847fe8ab39e8df4d0a88bf668c8378

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame D997
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1924505/77817687/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
https://static.adsafeprotected.com/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=

1 KB
1 KB

330ms
177ms

Script
application/javascript

2600:9000:2175:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2175:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 20:34:33 GMT
x-amz-version-id: j.dc8NhIHD_.W9XQnY1wTLb3uCGP048v
content-encoding: gzip
via: 1.1 208f48681f6b479ae682201c08156bc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 340112
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 23 Jan 2024 20:34:31 GMT
server: AmazonS3
etag: W/"eb639ea9c60fa52fae8bd853911ab0a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: DunFcTfCyPJtNYCK3EB84fEV_N3qxYcNW3N48_FCQchrdtFPleRW4g==

Redirect headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:03 GMT
server: nginx
x-server-name: app01.sg.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=gcc_ZlO1ZerRHMGS9fwP6J-X8AM&cbFunctionName=goog_wrapCb_ZlO1ZerRHMGS9fwP6J-X8AM&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 83A8 91 KB
23 KB 522ms
162ms Script
application/javascript 2600:9000:2175:2600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2175:2600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:50:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 208f48681f6b479ae682201c08156bc2.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 2707968
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fefruc5Ci_4bT-7ELVsSVJG2CJAvcgbbSPSxlDiai8XvQwiIVsKBBA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 715ms
229ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChco,pingTime:-3,time:93,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:93,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
216 B 709ms
227ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChcq,pingTime:-6,time:95,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:95,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31%7D&tpiLookup=ao:gbwhatsapppro.app*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 9485 0
234 B 1062ms
375ms Ping
image/gif 2800:3f0:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lrwfw7ia&c=4630900192666&slotId=2315450096333&qqid=COmc2f6g_oMDFUFJnQkd6M8FPg&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1998dfb009663f6d7c7a35473f5431a2.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/UkTXeHVBtT4/ Frame 9485 7 KB
7 KB 59ms
10ms Image
image/jpeg 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/UkTXeHVBtT4/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2408538c9eee336fb327ed8c78c73b1c535b78957d4cae4418d817d108fd21e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:03 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7130
x-xss-protection: 0
server: sffe
etag: "1690461919"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jan 2024 21:03:03 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 642ms
228ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChdy,pingTime:-2,time:165,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:141,mdZ:201,beA:369,beZ:370,mfA:374,cmA:376,inA:376,inZ:380,prA:380,prZ:392,si:399,poA:400,poZ:426,cmZ:426,mfZ:426,loA:463,loZ:466,ltA:533,ltZ:534%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:165,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B72~0%5D,as:%5B72~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sinceFw:133,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-npoe7ns6.googlevideo.com/ Frame 9485 589 KB
589 KB 308ms
288ms Media
video/mp4 2404:6800:4003:1e::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ns6.googlevideo.com/videoplayback?expire=1706410982&ei=ZlO1Zb-SMMO_juMPiqmi6Ak&ip=2001:df1:800:a00a:12::3&id=5244d7787541b53e&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Yc&mm=31&mn=sn-npoe7ns6&ms=au&mv=m&mvi=5&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=11.540&lmt=1697097875504828&mt=1706381828&cpn=8J3ckOz1bi2h-hEi&txp=5310224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRAIgSLdvXQETiXziTRa7Tf7RndHpJPTE9ZrATa_e9GKL14ECIGyuzmS4yiFdHXLxswdnYudV3zfynr8qZ9SG9sIJd4VW&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRgIhAOIgL0hx8VlHzBtsiokJPyRVeO8BhCzRT9FBhzu4fNLyAiEAgtfAcPFWGd2M8LnyYyR9_0rww50_pTFKbhte4L8Onis=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:1e::a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

22ac5ccc47c31a78c0f3ee9ec6b71f4398b4523a3c264bf86bf12e635f0f0afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 27 Jan 2024 19:03:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 12 Oct 2023 08:04:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-602636/602637
Cache-Control: private, max-age=28498
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 602637
Expires: Sat, 27 Jan 2024 19:03:04 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame BED3 39 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 07:26:10 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 452ms
227ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChgC,time:355,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:87,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:82,obst:0,th:0,reas:,bkn:%7Bpiv:%5B87~75%5D,as:%5B87~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BED3 0
20 B 8ms
8ms Image
image/gif 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BeSwgZlO1ZerRHMGS9fwP6J-X8AMAAAAAOAHgBAI&bg=!GhmlGVbNAAa8BdJLnAU7ADQBe5WfOE4oy3zC61DTrxXctGZ51cq59BNMEZfSoiV0PDcMqg08KoUxotGK5eNhiEC49Fv5AgAAAGpSAAAAA2gBBwoAICEf1oD2L9Bh0VzMOwmsJUGMoN0gQ7RzBR2joZXWFTOUmQLgxCE3MriV8neANtaUpMzZbrQp7rBf3V2tpfrpjKSun6i3aozzOVtWnUQ5vyl-q1v5h3ODLc0OihvqvOHaWQXmn5qfaLR4_WGJ4kTrkS33EgL3mYM1LbkKdm54QouRqbGz_X1DvHlI7-yS4G46pzoRMtq6YOw57vzUS_oEClUOApT-Put5M7ByMNcltN4xOyxBY3mj2Mlyah0kj9RnH5J-iG8I1Xf9OryxO0QkzDG34iLaR42KbqAZ5V13Wy29ObVpBIuZOr1dHKXUjNayVA4hfvdGZJ8m34abTeobhXObNhpoYCxNtuMiPemwwn7mPvvEEbXWciGDKXoPV1Nd-fQnJ00QGkQ4TsdVvYh5-1P5yz3m1483Yr2FNJrMjsPIHeIwFFayUhHirQnU5wHDY3kNyVGyRYL45HxUZLOYBfQvv2dHRLOI7sRBzWXkpHLLi1GZ6v1dsu6hDyJeNyx8tT5fj5BTLHqbgXebBihVf8A6EwSHFxhTGUiLZY-TQDEVo3iPOBgEhJMWPqF13tZuU9lrf_wMpJHHRu00FDt_hQHLV0QfKeOpKXIQDr7XN6yW7sEEf8Pst_V_fv8MqZvRraWO1tBg5wXKRDfaMH5h-3Q3vYVi2b1h2H7NHT6veVUtQcBUWuHPIbYTeggEoEJTacjPhUXVx1QFSL7JQ--pNVy_q5SZZZ-h-O6ODxZc_kCVItVGL-mTwkst6IoLtXYzhxvxvCIaWO-8H0pgrKIdPoes9l3i-Tr4DKuAo9NmPmjbXuwlWMZOVZTHkCptfOwiEdt5hFsPEDB3dCzIXVnyFsB3RmVe8b52P9osFI2-NuqR0EGUZWQwSqh9n7MmX5ILuvcSyXalCj2rXAHH_kciJg2Ml0l7JX3-sztOCGhS_BEHmYhB6bqPW6mRKQyMg8fRYNxJ6CQVLpDEjxQliK7HVCxcLWL1z9oUWaZCPR7FakLa0I1ZT1UxwSJpB6eff1c7k2IUSg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js Show response
pagead2.googlesyndication.com/bg/ Frame 8473 51 KB
19 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P1hqgBmkkNDwT9zug75Po3J06KDKU0QoOZK6hiZMV2E.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 11:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 113427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19859
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 11:32:37 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FC2 42 B
174 B 9ms
8ms Fetch
image/gif 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5XmMmnjJEqeacqSD1Oj-OOASXzB--JYuI2osWqcFhuDh8DSige2ijVKBLJAPiC0aNZ12IGV5DG8FJGGK6TYoW1NHL34ZGCUjShDPx03XtLkKVansCtb9a2WU6fg5qNeByYXE78QzPtFOgYCQByTx69pR8&sai=AMfl-YQO34RP3Pp2ALO11UA1rbznRsLVL2w84urXnTdBqlVWGe42cpoiSo3XNxjOFJXbYKXLb2G90nyS-CZB5ZruHS9iG4tI-6tl2lpY79KVVfn1hbV6NsgPXVViu0_FMQG24J1AoRNpc3ZFcUA8O7aL&sig=Cg0ArKJSzLgQE9J6w5EkEAE&cid=CAQSTgAvHhf_w7WjlosGFgI0Si2t-pnsVrBtriQYWIH8NdVK4bZGOWePsECQzB7wVwBUum5DUEaGnXgNnuL2z6m5zbAdsltZ9WRmqWWqUhDvjxgB&id=lidar2&mcvt=1056&p=0,0,280,1120&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=101065328&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170638218200&rst=1706382182492&rpt=639&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 357ms
357ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChlK,time:673,type:e,im:%7Bimprf:%7Bttecl:867,ecd:563,tsecr:45%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:405,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~75,17~100%5D,as:%5B405~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sis:640%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ad_news. Show response
fundingchoicesmessages.google.com/f/AGSKWxW0k8ad2UF0JkNLoFSTLfqWjrtgJVJPGLX3xuFRnA85bhYdL5CEhz6pj_6qavFeuH_elNq8gh0kwjGmz9hg_MqjehIw9Izgfria4xY_owMa1kriiftMbC3sVG_6N3MIJJvl2fYMsVOrhM836R_PTkamIYJVg... 54 B
110 B 14ms
14ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0k8ad2UF0JkNLoFSTLfqWjrtgJVJPGLX3xuFRnA85bhYdL5CEhz6pj_6qavFeuH_elNq8gh0kwjGmz9hg_MqjehIw9Izgfria4xY_owMa1kriiftMbC3sVG_6N3MIJJvl2fYMsVOrhM836R_PTkamIYJVgsg8Eo-Ts8JAOMPvwGUlbXMxSa2JVaDO/__sponsoredlinks_/getvideoad.-google-ads//ad_news.?adflashid=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzAfoTxIl9osQRxMclx4sZPz8pDug/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

146802cf419d076e7b05e81b22ea68e21f1541c0775cf05a5abf80c5aabf3f17

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8KRVzKD6KmOnoyxRrwZAXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-8KRVzKD6KmOnoyxRrwZAXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KwhxXDy1m2mi0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh-PFsqtr2QQ2XPt7lBEA8CliJg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 86 KB
30 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 18:14:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31172
x-xss-protection: 0
server: cafe
etag: 8274047967244442607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:14:19 GMT

POST
H3 204 AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 28ms
16ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1MbpgvBhuT7llr1BC2kpPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-1MbpgvBhuT7llr1BC2kpPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBF5s-X2GEQDt5yE_"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gbwhatsapppro.app
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 13ms
13ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s7-byHIqT9apI16uIpWrLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-s7-byHIqT9apI16uIpWrLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBBo2XjjDCADxHCC8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gbwhatsapppro.app
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b--2fO8JEJC2c0GTaKYyIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-b--2fO8JEJC2c0GTaKYyIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBB7c33yWEQDxiyEo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbwhatsapppro.app
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 13ms
13ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7I3xNBPI23CksZPzTJTn3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-7I3xNBPI23CksZPzTJTn3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBDpW3DrHCADs_iC5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbwhatsapppro.app
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU6stGXdk_gYdOtXth6zvrIbZMJrfImfcxA28BV6dhGt08jQeTGE38Cs880p5-DUmFfZUqrrOOExGYr49acQ4GwnXZN29E78ukRxMtIEpSg-9-8i5aMp8MdbwljMEUPb8_NM_G81g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 21ms
21ms Script
application/javascript 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6stGXdk_gYdOtXth6zvrIbZMJrfImfcxA28BV6dhGt08jQeTGE38Cs880p5-DUmFfZUqrrOOExGYr49acQ4GwnXZN29E78ukRxMtIEpSg-9-8i5aMp8MdbwljMEUPb8_NM_G81g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2MzgyMTg0LDQyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nYndoYXRzYXBwcHJvLmFwcC8iLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00c9dcf5ad572a4ed090da045d43f3121e0004fd6663dcfb7bd2545db2785ee4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bvNAh8RVOQz7W4ogxGSYTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bvNAh8RVOQz7W4ogxGSYTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4K8hxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh-PFsqtr2QQOrFt-mREA96th0A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV5KEeC6LOeZUEu4yDz4Jp4W4zFcWUXOoyPJEEaZdRMRcjOTCwtAFmrZ77KvgRMpFO1Kf-c9B8S7ME91srv6z1eJQSrybtBan8nisKPEMiyTqvpuFH-lR4SFsaGxT31UlvxrPqvmg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 15ms
14ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV5KEeC6LOeZUEu4yDz4Jp4W4zFcWUXOoyPJEEaZdRMRcjOTCwtAFmrZ77KvgRMpFO1Kf-c9B8S7ME91srv6z1eJQSrybtBan8nisKPEMiyTqvpuFH-lR4SFsaGxT31UlvxrPqvmg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SlVyFlWPDtdfWQDwg71TXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-SlVyFlWPDtdfWQDwg71TXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBGZsP3GbEQDtICDS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gbwhatsapppro.app
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 13ms
13ms XHR
text/html 2404:6800:4003:c05::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4FkawWUodfqziRTO7X5POyQpeWH5UDYQvKc8DxuI-u8VY-9vs2mA9u8dZ1XnP5mR4sOS0hvd43AJz6Bo2BhmvnYacyKjaDd3juyMEtuezqo49WE8xSLz0qlkQ7c6CodXm5yngig==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::8b Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tT1BbAtPVF9m2rLK9_JkRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-tT1BbAtPVF9m2rLK9_JkRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH48Wyq2vZBBY8PH6bEQDwXSEL"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gbwhatsapppro.app
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 231ms
231ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChpY,pingTime:-10,time:935,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706382184510%7C%7C37b448d5911fc52f667652df99984337%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C6d533715b5906dec1776fa3583a94996%7C%7C8e13d27f05c968a8b7e5137af8913aa7%7C%7Ce4f24691c9070bc9b6016195f4dd361f%7C%7C05a843f621af17567a3a6a769977a853%7C%7C25f9d164f91920fe2de48c2438a4c748%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BD9 42 B
64 B 9ms
8ms Fetch
image/gif 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6nL8N-Ywco_VoVRL3tDFSYc7JxnTG52PUx120dRAI28FTYBbxHbWjazEHJI-a2TrPwGYTGD1pDV4hyzmiESIdSHbul-bWUEu6byGFZubGvatdFRoNRgWbyBqOloQhP4XPP8ekSO0vsAold72N7-vYWcR0&sai=AMfl-YS6-PxKF2lswt_a6qfRsr9Unx0i4R0DAzo1kwAbA0E4S9WQuNlWtwppbpKebtuRKNGqMm6M3EE4Bv2oHNISOWfKBRGNQxf4nb2xIDB0nuDQV0mgP7mYUUubNvHeh5ozMvdTYWALLh7Ebb8lK3_s&sig=Cg0ArKJSzIJIBYt2nZrKEAE&cid=CAQSTgAvHhf_CbpqDP1m7ZkblSNT7pwWLHFxJ2xrSb-2U5Lqzx8P4sAFO4rlv4Vo23zUr0q5gDXsyc9zsc_V459Gv_H5lIZZiGYvRqcn_aSZbBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=366986306&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1706382182467&rpt=1021&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D997 42 B
64 B 11ms
11ms Fetch
image/gif 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLzPebccD6DWSnmZUJpzLg2D7jFnA-nt2kmsjgeOPR50AFtgzV4SSIiVIbBqKv4-ZSpFUoamdpic6JIKBJUlHPNWnJiMPB9wsaCKwp5V_zRAu_jB0szOdoKVuROqo6EGNBZa0ODYmwblo&sai=AMfl-YQiZ4lqwBvQFjcYSGlxp77gSGeC0-JNd_z22oP3vcYh3_neTgVwEkkQTymWEYTU58qICayExbdHD0yQQZO6_DMz5wfj3LNaiC9HSH6mDf4H4b0Zn_8aZFJ4RiG1CXkohbJv2TyD8gzI2-1WekZL&sig=Cg0ArKJSzLdTKc1zDxfvEAE&cid=CAQSTgAvHhf_lqIWov_1xbDVUDWyTOrvmrSjfG2aNRdVxIUnKVIFZSJcC2iOcignohqFbAO4NCOqukr4FQwlFVRgyjMeD3vbsK8SB1FB-hmqphgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=529,899,1000,1000,1000&tos=529,370,101,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170638218300&rst=1706382183207&rpt=467&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 12ms
11ms XHR
application/json 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f01b0a6c1205305164fbd7ae97b78ff3ac73abf131b522780ee020119114478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js?bust=31080697

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 19:03:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3088 13 KB
5 KB 7ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 51010
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 04:52:54 GMT
expires: Sun, 26 Jan 2025 04:52:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9074 829 B
1 KB 20ms
8ms Document
text/html 2404:6800:4003:c02::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::67 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

488073d2243a2ee91eea97426167ac97458c18f0c44fec6a11df79f7c8f162ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cn7wMGivl75XhKzupkRpEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gbwhatsapppro.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cn7wMGivl75XhKzupkRpEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Jan 2024 19:03:04 GMT
expires: Sat, 27 Jan 2024 19:03:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3088 39 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 07:26:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9074 0
0 5ms
4ms Image
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=326298708256248&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3088 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y5ay3Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 19:03:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 238ms
237ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChwL,pingTime:1,time:1356,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D,%7Bpiv:82,vs:i,r:,t:268%7D,%7Bpiv:100,t:656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1088,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~75,700~100%5D,as:%5B1088~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:234,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sis:640%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:05 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 9485 0
54 B 364ms
363ms Ping
image/gif 2800:3f0:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lrwfw7ii&c=4630900192666&slotId=2315450096333&qqid=COmc2f6g_oMDFUFJnQkd6M8FPg&umsem=0&ple=1&ape=1&met.4=vil.lrwfw7tc~vfl.lrwfw7x3
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1998dfb009663f6d7c7a35473f5431a2.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:831::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 228ms
228ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yChDd,pingTime:1,time:1756,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D,%7Bpiv:82,vs:i,r:,t:268%7D,%7Bpiv:100,t:656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1488,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~75,1100~100%5D,as:%5B1488~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:240,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sis:640%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:05 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 7ms
7ms Image
text/html 2404:6800:4003:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=326298708256248&bg=!KimlKWbNAAa8BdJLnAU7ADQBe5WfOOXRFsCq_2UaV_GUwLuBXUmUZFZOew0Q5cwoZPpGP_tg1Sqg8pYFi-XPbYaHu9XpAgAAAGFSAAAABGgBB5kCugM2GFPH2n7oSKCwiQPHrPeYAWIsFnkU6lFdvGxuj9jKRvVfqn2-f7FmRwx5oBGr2Jbspetyvyz_at_AQnepCydjWfUhYX4tpvfkd4d6YWZh0fKouH41AK3q0xo0uxxJkE1-yw0uBL87Y-tjNAAnYmUcm06kUYeKBe6FPn7vQEZVBLxWe3x8w-03AalyF8gHg4rXY0OQncB8u9EORE9vAzPVRcxQggeiA6A5jcuTjH43Kbpgtb8e_51ZHN2iop34WfAm_NbzDmu_3EkW1V4CKn7flat08qhm5GuyRgF1mL_WAR5ShmZLvWhaZrJsBflGO2qOpWf2AytCHnJ680bxzri9D_GMRHbEfqxdNNGNP_3L0SSoGBTh5Pcl1FLkVRxkNjqtmaW7rencGLiHt6g2E8nmx4s8mZHbQ2BfnpWvwFCrltXiXHiTjBnN0PIXuKopa3w5UvZGT7nSClRecEix0ndDhGd1Pd1CTaFomxrA6u2o_7WZ0HbEjPSFRceiBRctvds4e5X_BAV24HRRfdMOF1DahH7kWnjwNkT27SMFke93JGWibCI7nNEpvQrj6MzqeSjVDWMchPSVripj0ZB-ba430it2YqMHcgR4zsuhZVNCavbUP_RD-jLTWED5Fah5sjqkQpnwQOMzG4HIKpBkIxJMBhWHczfiOC4strAmz1XjQ59_Xp4Y4lC5I12eRuG9G--fr9-5t1W2BpyWbcZmn9tsB8WiKX8rBDmvDUYki0UkNmtLalOha2_19ggXSxsnYf9iu3TnUhxeJLhEh_osv7tFeNVOEeb-ccUVxAlDPq4Q9XeqM997WPD1znFBlijA-Q2ehJEtMxLaSjWLj93AXTVCgiuT_D2RgNIzwwfJ7ffEU5qEDKwEfbzxVKkJ73Pw7ABYMntwZbxJfgsXtPfFN_HqwKiUOFdHEag9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 6ms
5ms Ping
text/plain 2404:6800:4003:c1c::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ML4ERVY2RR&gtm=45je41o0v9175651578&_p=1706382182190&gcd=11l1l1l1l1&dma=0&cid=20433682.1706382182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1706382182&sct=1&seg=0&dl=https%3A%2F%2Fgbwhatsapppro.app%2F&dt=GBWhatsApp%20Pro%20APK%20Download%20(Updated)%202024%20Anti-Ban%20%7C%20OFFICIAL&en=scroll&epn.percent_scrolled=90&_et=25&tfd=7193
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ML4ERVY2RR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::8a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gbwhatsapppro.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gbwhatsapppro.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D997 43 B
215 B 244ms
243ms Image
image/gif 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yCizg,pingTime:5,time:5355,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D,%7Bpiv:82,vs:i,r:,t:268%7D,%7Bpiv:100,t:656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5088,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~75,4700~100%5D,as:%5B5088~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:231,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sis:640%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Jan 2024 19:03:09 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET dt
dt.adsafeprotected.com/ Frame D997 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dt.adsafeprotected.com
URL: https://dt.adsafeprotected.com/dt?advEntityId=1924505&asId=3708e9cc-ae33-ab6a-f5cc-5fb887e8385e&tv=%7Bc:2yCiFI,pingTime:5,time:5755,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:29%7D,%7Bpiv:0,vs:o,r:l,t:93%7D,%7Bpiv:82,vs:i,r:,t:268%7D,%7Bpiv:100,t:656%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5487,o:268,n:92,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~1%5D,as:%5B84~728.90%5D%7D%7D,%7Bsl:o,t:92,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B175~0%5D,as:%5B175~728.90%5D%7D%7D,%7Bsl:i,t:268,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B388~75,5099~100%5D,as:%5B5487~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:247,fm:u2AJKbt+11%7C12%7C131%7C141%7C15%7C16%7C17%7C18%7C191%7C1a*.1924505-77817687%7C1a1%7C1a2,idMap:1a*,rmeas:1,rend:1,renddet:IMG.qs,siq:31,sis:640%7D&br=c

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gbwhatsapppro.app/	1970-01-21 03:35:42	Name: _ga Value: GA1.1.20433682.1706382182
.gbwhatsapppro.app/	1970-01-21 03:35:42	Name: _ga_ML4ERVY2RR Value: GS1.1.1706382182.1.0.1706382182.0.0.0
.gbwhatsapppro.app/	1970-01-21 03:21:18	Name: __gads Value: ID=43f7689c49509df6:T=1706382182:RT=1706382182:S=ALNI_Mb0Tx6bm4njPn-ejoSg7V9PY1xNDA
.gbwhatsapppro.app/	1970-01-21 03:21:18	Name: __gpi Value: UID=00000cf1cdf7de44:T=1706382182:RT=1706382182:S=ALNI_MYsWGli3VOn5bFHJ6a6k73mL5MDIA
.doubleclick.net/	1970-01-21 03:35:42	Name: IDE Value: AHWqTUk3ph-lDQqYGvCbnhHfQhP2RFFfVqHvdS2-rGg47KtEQ2795HVpgY2XJbkICD8
.googleadservices.com/	1970-01-20 20:09:18	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 02:45:18	Name: CMID Value: ZbVTZ9ZGiog8ORT6m9vzCgAA
.casalemedia.com/	1970-01-20 20:09:18	Name: CMPS Value: 4939
.casalemedia.com/	1970-01-20 20:09:18	Name: CMPRO Value: 4939
.adnxs.com/	1970-01-20 20:09:18	Name: XANDR_PANID Value: jX0mPbH8h3nof1XbCZa_RKWXeenJnUizB5TZ1n8hst1BdfPpPxQcIcTa5Rb5IJuRtwJeM1-emAy9nHQsHCbDM3_ZH5nNzp0kP8sAshIQ6yE.
.adnxs.com/	1970-01-21 03:35:42	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:09:18	Name: uuid2 Value: 5721586615612254466
.adnxs.com/	1970-01-20 20:09:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?kr(Nk(!]tbPl1M>e)ZlrFUfJ+tGXxoaP3'RlOp#a+EYPwUGHLf](9IW_/$xFA7feP3If)y3KL9D3I?+_e+qL
.gbwhatsapppro.app/	1970-01-21 02:45:18	Name: FCNEC Value: %5B%5B%22AKsRol8dzjyS5tWnmykOx0Aau5Reps76eAl2tNmo72Y2QvtutSEx3QdhgYNJUjbR4U0LsJBjj5hUssmtHmCtS9Zu2pF8qnmOMf9uhDynMF6DsClctDMh_EjSDfEtDRapl0q2oW-OqUeLvIzWobC9qLWlhuamE4inqQ%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gbwhatsapppro.app
gbwhatsapppro.pk
googleads.g.doubleclick.net
i1.ytimg.com
ib.adnxs.com
pagead2.googlesyndication.com
rr5---sn-npoe7ns6.googlevideo.com
s.w.org
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
dt.adsafeprotected.com
103.43.90.117
142.251.175.156
172.64.151.101
192.0.77.48
2404:6800:4003:1e::a
2404:6800:4003:c00::5e
2404:6800:4003:c00::61
2404:6800:4003:c01::5f
2404:6800:4003:c01::95
2404:6800:4003:c01::9a
2404:6800:4003:c02::67
2404:6800:4003:c03::84
2404:6800:4003:c04::9a
2404:6800:4003:c05::8b
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::9a
2404:6800:4003:c1c::8a
2600:1f18:1aca:4280:cf74:6b89:a2ac:de9e
2600:9000:2175:2600:8:48e:53c0:93a1
2606:4700:3030::6815:45ee
2606:4700:3037::ac43:8bb6
2800:3f0:4001:831::2003
3.0.86.137
74.125.200.157
74.125.24.148
00c9dcf5ad572a4ed090da045d43f3121e0004fd6663dcfb7bd2545db2785ee4
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0572dd79fec0514def3d0f1b2a4995722bedf207bec3b8face4a3bbc97feacca
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c087c3e6882fae966a431bb979d17bf8af58ce38101213a5eafa6c10bf7e0ac
0d5b40abd55bf6661c761ad773ddde182621fd9af5b6101959f3e87b2c2ae925
0e5002c20be47b25caac73171d98965e1252ddee87d61d41fec20831031f4f11
13c37d536f7c62a7650bd16c4d48bbd038ed1d3b9344c80b7f0b918e220fb6a1
146802cf419d076e7b05e81b22ea68e21f1541c0775cf05a5abf80c5aabf3f17
1546c7e2f1dfd35f613708dfa386c49ead847fe8ab39e8df4d0a88bf668c8378
162bf1963f866686d1e53e1eec3a67d57bde651d98706e097b23d87666c7b7c9
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
17d23e423aaa78d91b9d1f4cc83813acab696884108f1ae205eff3cb071bc864
1a5056205d5f96e17c237091c0eb32b9e1bf13ace30f7b0672ebfb2dddf14572
1c975e2638b0f67c74c9cf9184abc608120e4204a52c913208f9f457a1a87078
1f026beb67630abcdbc341651b1c17591aa76261296a9fb118793765964eb4e9
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
22ac5ccc47c31a78c0f3ee9ec6b71f4398b4523a3c264bf86bf12e635f0f0afe
2408538c9eee336fb327ed8c78c73b1c535b78957d4cae4418d817d108fd21e8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27f8ab7873cee2b392d76fa453d5c3cc1c4166dbb8d7734ff491dced2f84c7f1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
337ae098dd5901bc220fc0d6c73679e7aba099e5362eef5d7aded2610448e1e9
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3f01b0a6c1205305164fbd7ae97b78ff3ac73abf131b522780ee020119114478
3f586a8019a490d0f04fdcee83be4fa37274e8a0ca5344283992ba86264c5761
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e8d373b9d97d2006ac7790c8962b71668574e1342cd834ee9e6f40302bc7e2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
488073d2243a2ee91eea97426167ac97458c18f0c44fec6a11df79f7c8f162ac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
51d8302a850a3b03f422ec8d3d5294172646be170a0de34a621e499da7081127
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570c55aaafe089fac41ac8f7a8fc98ff57e4f88d580bbc49c5b1a57b0ffaa7f0
5b117f195d1125d37007154f205edd9d03770df8cfb277f46636b416bd686392
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d55ce9c3ac7a5f37a38813a2deed310abde9e63d0d36912e2e5e59751ca66c7
6039c0e8da2c0af4d0ddac49d03558864cbc9ba84fc3b20eee6b331eee12a2e0
604b6914d5769003f75273674463a498f04f876d7122068b6f648bdf006b6983
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7cf9f7dfeb1668859c6d85dafda2cba266bcba6fda26662459ceb3e7e3551d39
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
808af092ebf9a3f9ffa55a0fcb1ec1809ac1a12ffa602e01e4ea91da1d2b5475
8810ba3440bf482ced33d2f74b7803bba711f689d8e4caa7da5c6ae6844a1b49
920218c1da3f06d4921c7be30615cd277e0f1d9610eb49005fa5f6b91cf14c1b
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a14d7aa713df1750803daa3bf7d7449b982797e66ad0be8ca78c2a1721aaab43
a324b514369af3f62faebb435ab299843aba5133a2b4df5db604eb4c289e9dc4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6b238a58690117829ecb5359b23e6375966921bc7afecbc5f9f78c1f9518ae8
bdf4b4499ebab6759f6ce1d3ae5ee5fdd1d336cd7e9c35bafcc38da8903e02e3
bfa01e43a86729fdd58f239ff7010f02fef6ef2d6b2cd7ab2dc51daf4a8c3d09
c2a69649d15f908464902e679f465757cff39c3f59f8d92f4117987152c50303
c4dfb0b44f7c3be5927811920ef057f130c65603f9c675336b6a0d9bd8c08207
c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbd7bd88945c66cebd83c149e76520b8a8c6893f900e33e08dc7029d670bca31
cc4a5501a613581a36f686344cb4daf0d59f595268f6f04e4600706d1199d0c3
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d24fbaa0dcf9a65010838e84f4bda9dbdb91b95d518681829d236f1fb4d03dc7
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f1a617ef3037728c07dbc27a24ddfb9a4271d3c42f756a77a0ddab152e152c66
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fcfcb9d066ebbacae4b5d6a410f0cc104ae078b1403d197dbe1fb924462a2dce
fe4a9f1df15f16776b34649e49ee82b0e7aa1bc86a0750b32078f59fed7e7373

gbwhatsapppro.app Open in urlscan Pro 2606:4700:3030::6815:45ee Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

94 %HTTPS

72 %IPv6

18 Domains

26 Subdomains

25 IPs

3 Countries

2769 kBTransfer

5766 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gbwhatsapppro.app Open in urlscan Pro
2606:4700:3030::6815:45ee Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

94 %
HTTPS

72 %
IPv6

18
Domains

26
Subdomains

25
IPs

3
Countries

2769 kB
Transfer

5766 kB
Size

14
Cookies

139 HTTP transactions
3 data transactions