urlscan.io logo urlscan.io
SecurityTrails logo

xn--220b31d95hq8o.xn--3e0b707e Open in urlscan Pro Puny
내도메인.한국 IDN
139.99.90.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://k-bank.n-e.kr/
Effective URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Submission: On November 06 via manual from CA — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 89 HTTP transactions. The main IP is 139.99.90.56, located in Singapore, Singapore and belongs to OVH, FR. The main domain is xn--220b31d95hq8o.xn--3e0b707e.
TLS certificate: Issued by R3 on November 2nd 2023. Valid for: 3 months.
This is the only time xn--220b31d95hq8o.xn--3e0b707e was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.104.112.214 63949 (AKAMAI-LI...)
1 139.99.89.153 16276 (OVH)
5 139.99.90.56 16276 (OVH)
1 74.125.130.97 15169 (GOOGLE)
10 64.233.170.156 15169 (GOOGLE)
4 119.205.238.29 4766 (KIXS-AS-K...)
1 222.239.240.92 9318 (SKB-AS SK...)
2 172.253.118.139 15169 (GOOGLE)
1 10 142.251.10.155 15169 (GOOGLE)
1 142.250.4.157 15169 (GOOGLE)
10 172.217.194.132 15169 (GOOGLE)
2 142.250.4.95 15169 (GOOGLE)
2 142.251.10.95 15169 (GOOGLE)
3 142.251.12.94 15169 (GOOGLE)
1 142.251.12.155 15169 (GOOGLE)
12 222.239.11.20 9318 (SKB-AS SK...)
7 142.251.176.120 15169 (GOOGLE)
3 74.125.130.94 15169 (GOOGLE)
2 74.125.200.154 15169 (GOOGLE)
1 2 64.233.170.106 15169 (GOOGLE)
2 52.76.135.227 16509 (AMAZON-02)
1 1 172.217.194.102 15169 (GOOGLE)
2 142.251.85.138 15169 (GOOGLE)
1 74.125.200.156 15169 (GOOGLE)
89 23
1    172.104.112.214 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-112-214.ip.linodeusercontent.com
k-bank.n-e.kr
1    139.99.89.153 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 153.ip-139-99-89.net
kisawarning.o-r.kr
5    139.99.90.56 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 56.ip-139-99-90.net
xn--220b31d95hq8o.xn--3e0b707e
1    74.125.130.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f97.1e100.net
www.googletagmanager.com
10    64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net
pagead2.googlesyndication.com
4    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
1    222.239.240.92 (Namdong-gu, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
cdn.megadata.co.kr
2    172.253.118.139 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f139.1e100.net
www.google-analytics.com
10    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
googleads.g.doubleclick.net
1    142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net
partner.googleadservices.com
10    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
2    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
2    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
imasdk.googleapis.com
3    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
www.gstatic.com
1    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
www.googletagservices.com
12    222.239.11.20 (Gumi, Korea, Republic Of)

ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
img.mobon.net
7    142.251.176.120 (United States)

ASN15169 (GOOGLE, US)
PTR: yucmhaa-in-f120.1e100.net
csi.gstatic.com
3    74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net
fonts.gstatic.com
2    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
bid.g.doubleclick.net
www.googleadservices.com
2    64.233.170.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f106.1e100.net
www.google.com
2    52.76.135.227 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-135-227.ap-southeast-1.compute.amazonaws.com
unified.adsafeprotected.com
1    172.217.194.102 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f102.1e100.net
gcdn.2mdn.net
2    142.251.85.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sin26s06-in-f10.1e100.net
r5---sn-npoldn7d.c.2mdn.net
1    74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
ade.googlesyndication.com Failed
301 KB
13 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
89 KB
12 mobon.net
img.mobon.net — Cisco Umbrella Rank: 129804
233 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
googleads4.g.doubleclick.net Failed
95 KB
5
function sub() { [native code] }.
132 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
136 KB
4 mediacategory.com
www.mediacategory.com — Cisco Umbrella Rank: 106005
13 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r5---sn-npoldn7d.c.2mdn.net — Cisco Umbrella Rank: 420910
s0.2mdn.net Failed
945 B
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1181
www.googleadservices.com — Cisco Umbrella Rank: 145
616 B
2 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 1595
dt.adsafeprotected.com Failed
pixel.adsafeprotected.com Failed
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
256 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
319 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
60 KB
1 megadata.co.kr
cdn.megadata.co.kr — Cisco Umbrella Rank: 163944
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
84 KB
1 o-r.kr
kisawarning.o-r.kr
645 B
1 n-e.kr
k-bank.n-e.kr
215 B
0 casalemedia.com Failed
dsum-sec.casalemedia.com Failed
89 18
Domain Requested by
12 img.mobon.net www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
img.mobon.net
10 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
10 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 csi.gstatic.com imasdk.googleapis.com
5 xn--220b31d95hq8o.xn--3e0b707e kisawarning.o-r.kr
xn--220b31d95hq8o.xn--3e0b707e
4 www.mediacategory.com xn--220b31d95hq8o.xn--3e0b707e
www.mediacategory.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.gstatic.com googleads.g.doubleclick.net
2 r5---sn-npoldn7d.c.2mdn.net xn--220b31d95hq8o.xn--3e0b707e
2 www.googleadservices.com xn--220b31d95hq8o.xn--3e0b707e
2 unified.adsafeprotected.com imasdk.googleapis.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.megadata.co.kr xn--220b31d95hq8o.xn--3e0b707e
1 www.googletagmanager.com xn--220b31d95hq8o.xn--3e0b707e
1 kisawarning.o-r.kr
1 k-bank.n-e.kr 1 redirects
0 dsum-sec.casalemedia.com Failed
0 googleads4.g.doubleclick.net Failed
0 pixel.adsafeprotected.com Failed
0 s0.2mdn.net Failed
0 ade.googlesyndication.com Failed
0 dt.adsafeprotected.com Failed
89 30

This site contains links to these domains. Also see Links.

Domain
letsencrypt.org
xn--c79as89aj0e29b77z.xn--3e0b707e
Subject Issuer Validity Valid
xn--220b31d95hq8o.xn--3e0b707e
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mediacategory.com
Thawte RSA CA 2018		 2022-11-29 -
2023-12-23		 a year crt.sh
cdn.megadata.co.kr
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-10 -
2023-12-10		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.mobon.net
Thawte TLS RSA CA G1		 2023-05-24 -
2024-06-14		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M02		 2023-09-18 -
2024-10-16		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-10-10 -
2023-12-19		 2 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://xn--220b31d95hq8o.xn--3e0b707e/
Frame ID: D0877331D22CB36C160372CA7C9841B2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: C6E380769F9FF05A3BD12B54A93276EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Frame ID: 15214AC1C98FE71C6D844B58F2FF424B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Frame ID: 764356A985B741631937D39B9F1DAF9A
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1699257670&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669951&bpp=2&bdt=1225&idt=267&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=277
Frame ID: 86A9413A154BB62EAEB074F897FD9F07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3C9E7EBB2E8C191AB735E76D6090D35A
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Frame ID: C885AD95EFC218701129C96604B65765
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Frame ID: 7A34E455FFFC23B996E034039E9A20CD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 1F203C60901B2121ED421C3670C1D4D9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0868648C0F7D029082DB4F5522C3CE14
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28D13F55F05C3519CA827227830B29B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

내도메인.한국 - 한글 무료 도메인 등록센터

Page URL History Show full URLs

  1. http://k-bank.n-e.kr/ HTTP 302
    http://kisawarning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

89 %
HTTPS

0 %
IPv6

18
Domains

30
Subdomains

23
IPs

4
Countries

1152 kB
Transfer

3837 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://k-bank.n-e.kr/ HTTP 302
    http://kisawarning.o-r.kr/ Page URL
  2. https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://k-bank.n-e.kr/ HTTP 302
  • http://kisawarning.o-r.kr/
Request Chain 43
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 49
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcmWmRp1IZb-0KLCkz7sPhsK72ALD987tc9-_rPaYEv_1kOPXAhABIMzUtyRgvwWgAYDY4f0DyAEBqQImQfRrTpGoPqgDAcgDywSqBOYBT9BKX2_Bv6Ob8IglZOV1ADGxjE762mzV4bEz7jlBuNdJ7MbzYCXvUO3_R2oV8FnWddM-RaTmLgKWROHt88g0hevBiZOxJhbt-HtU01-05NAXYvucpsgldWcxGnLsRyYXlUa1v-2TJIkRNDAwNt4vuB4pIeGcWfqjMAOVAaYjJ4kjKj-3GbRS9pZQuiens1cmTsHof1EWlx8pw-c_5waQRV26DTZ12IKgTs5TGlX94-XBgQ-YxX7ltbL4Q86UFPMcSBqZEYHnKHpTv-se-MZXmUNqG4Bhwm9N5cLrzUkvfYg8sNogZ1bABN-ztK3PBIgFhruTl02AB-inngKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD9sgXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJP2h0dHBzOi8vd3d3LmtpbmF4aXMuY29tL2VuL3NvbHV0aW9ucy9zdXBwbHktY2hhaW4tb3JjaGVzdHJhdGlvboAKAcgLAdoMEQoLENDgrYbVrb_e1QESAgED2BMD0BUBmBYBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=ERMBmJ_0TVw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNLRbiTv88M-80iEhrZKDMAx6G2akssOdB3vvyN8WPtIOKzaflKr4LISWXiSPZPhmkvUQ21DLiA3cghJFAK45NNThlztaZlBgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3dd09dada74f15660000000000000000%22,%222%22:%220xf62bfba06c511760000000000000000%22,%223%22:%220x57508933a8c715fa0000000000000000%22,%224%22:%220x5a54b4f7428579630000000000000000%22,%225%22:%220x157e861c0db6bf550000000000000000%22},%22debug_key%22:%221304938157659315605%22,%22debug_reporting%22:true,%22destination%22:%22https://kinaxis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069050880%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224247965727320956881%22}&andc=true
Request Chain 53
  • https://gcdn.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/92CFE8295E35E411AB6F648F187A6B87AB4E40.950A2A581CB332F87AB5673B2E4B82B0C3CD0A98/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03905D8B29CC5DE7324AA512991439F4F256D5D1.7F64266033866DF1125FC902C088EEB9884BE8FB/key/cms1/cms_redirect/yes/mh/nE/mip/116.88.182.175/mm/42/mn/sn-npoldn7d/ms/onc/mt/1699257395/mv/m/mvi/5/pl/20/file/file.mp4
Request Chain 74
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxNzkzMjE3IiwiY3VzdG9tOCI6Ijc2MjYzNzY3IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6InRydWUiLCJyZWdpb24iOiJzZyIsInhzaWQiOiIzYjIyNGZiMy1jMDFlLTRiMjMtYWQ0Mi0yYTgwYThlYzhjMTIifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjA3MzM1NTM2MjYiLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjk5MjU3NjczMDI1MjQzMjgyIiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1793217&pubEntityId=76263767 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b224fb3-c01e-4b23-ad42-2a80a8ec8c12&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 81
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfDChDb87oBGIbjr_wBIAEwAQ&v=APEucNUonjGnYvpt0bWFQWjijc1WSdZ32r9jygEFtsh5ewCY7SnIaM-iIvBhpQ1RAxhEiqSy106PLQKaAs-MtMpAE_T2hzeoZqRlevENyyz0qgkuLeeMrww HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kisawarning.o-r.kr/
Redirect Chain
  • http://k-bank.n-e.kr/
  • http://kisawarning.o-r.kr/
459 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
http://kisawarning.o-r.kr/
Protocol
HTTP/1.1
Server
139.99.89.153 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
153.ip-139-99-89.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 08:01:07 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Nov 2023 08:01:02 GMT
Location
http://kisawarning.o-r.kr/
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Primary Request /
xn--220b31d95hq8o.xn--3e0b707e/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/
Requested by
Host: kisawarning.o-r.kr
URL: http://kisawarning.o-r.kr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904

Request headers

Referer
http://kisawarning.o-r.kr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 08:01:08 GMT
server
nginx/1.16.1
x-powered-by
PHP/5.4.16
style.css
xn--220b31d95hq8o.xn--3e0b707e/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/style.css
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:08 GMT
last-modified
Sun, 01 Dec 2019 03:38:47 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335c7-507"
content-length
1287
content-type
text/css
jquery-1.7.2.min.js
xn--220b31d95hq8o.xn--3e0b707e/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/js/jquery-1.7.2.min.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:08 GMT
last-modified
Sun, 01 Dec 2019 03:39:30 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f2-17278"
content-length
94840
content-type
application/javascript
loading.gif
xn--220b31d95hq8o.xn--3e0b707e/image/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/loading.gif
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:08 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-38ee"
content-length
14574
content-type
image/gif
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8471aec619053b6d621cc0e0c97235bfb0794e8394353a19d4ba073071524493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 Nov 2023 08:01:09 GMT
logo.png
xn--220b31d95hq8o.xn--3e0b707e/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/logo.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:08 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-2706"
content-length
9990
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
0925eb13ff5283382673fd7a3b38ff7330484567f2b84c5a06a522a00d126c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51908
x-xss-protection
0
server
cafe
etag
12590201950180076864
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 08:01:09 GMT
adMediation
www.mediacategory.com/servlet/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
b90f58f173dc59c336e85960a216ab573ad0efd532b9415ccce2f0b826ed7be0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:01:08 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=euc-kr
Cache-Control
no-cache
Connection
keep-alive
passbackWebServlet
www.mediacategory.com/servlet/ 		605 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/passbackWebServlet?s=132364&iCover=true
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
f9ba5f7f6019fd1aa120abd1a51260cebd0667901719a0ef8ed4252f43d6545b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:01:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
MBSHandler.js
cdn.megadata.co.kr/js/media/1.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.240.92 Namdong-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 May 2019 07:42:03 GMT
Server
Apache
ETag
"f4163a-25c6-587e2c51e28c0"
X-Cache-Status
MISS, HIT
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
2552
collect
www.google-analytics.com/g/ 		0
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3b11v867488053&_p=1699257668994&gcd=11l1l1l1l1&cid=1757354444.1699257670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699257669&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fkisawarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1927
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
9b7e898a34447f00b2932322dd87b701d0bf774864d89359f4dd6126b0b55ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138211
x-xss-protection
0
server
cafe
etag
9787308910034270555
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Nov 2023 08:01:10 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame C6E3 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
17110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 03:16:00 GMT
etag
251720774729838433
expires
Mon, 20 Nov 2023 03:16:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		427 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xn--220b31d95hq8o.xn--3e0b707e&callback=_gfp_s_&client=ca-pub-6586021537633126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
cafe /
Resource Hash
14965cb7c814c269e74049dbb9ee731438ae64f85fdafece2efd0e397c2fda14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
264
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1521 		132 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
3ab5fbc781a02e0b7c0e0befb31939b4828bd38228950eb4713802479a2c83d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45278
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:11 GMT
expires
Mon, 06 Nov 2023 08:01:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7643 		85 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
7642483f02347e32a803494b1aca3ba18879c3418d7b37f0554799769669e710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
27748
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:10 GMT
expires
Mon, 06 Nov 2023 08:01:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 86A9 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1699257670&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669951&bpp=2&bdt=1225&idt=267&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:10 GMT
expires
Mon, 06 Nov 2023 08:01:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adBannerFloating
www.mediacategory.com/servlet/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
cc608f32c6f09b074313bb43231dd14fae9f255941e58b29c0b176ee817a3e14

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Nov 2023 08:01:09 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Content-Type
application/javascript;charset=ISO-8859-1
Cache-Control
no-cache
Connection
keep-alive
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 7643 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 22:56:36 GMT
css
fonts.googleapis.com/ Frame 7643 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 08:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 06:59:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 08:01:11 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame 7643 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 12:50:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 12:50:07 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame 7643 		374 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 14:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132916
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:40:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 14:12:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7643 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 22:56:36 GMT
8a6c58a25e971cfbc194f00dd2aa8ad4.js
www.gstatic.com/mysidia/ Frame 1521 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8a6c58a25e971cfbc194f00dd2aa8ad4.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 20:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3907
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 20:11:47 GMT
281c723aa683930efadfba50222cf93a.js
www.gstatic.com/mysidia/ Frame 1521 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/281c723aa683930efadfba50222cf93a.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:50:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375063
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4593
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 19:42:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 30 Jan 2024 23:50:08 GMT
css
fonts.googleapis.com/ Frame 1521 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Nov 2023 08:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 06:21:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Nov 2023 08:01:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1521 		2 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 23:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
30144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
798
x-xss-protection
0
server
cafe
etag
15713038447858168282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 23:38:47 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 1521 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9345
x-xss-protection
0
server
cafe
etag
15168757854195530193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 22:56:36 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1521 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 22:56:36 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1521 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 22:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
32675
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
server
cafe
etag
7739385728678230190
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 19 Nov 2023 22:56:36 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1521 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Nov 2023 08:01:11 GMT
ac1dbca482530a26bafc7a8c1241173a.js
www.gstatic.com/mysidia/ Frame 1521 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254516
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15099
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 17:23:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 01 Feb 2024 09:19:15 GMT
wp_rcFloat.js
img.mobon.net/mediaCategory/newAd/ 		22 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/newAd/wp_rcFloat.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:09 GMT
Last-Modified
Thu, 22 Nov 2018 05:56:29 GMT
Server
Apache
ETag
"f22405-16-57b3a872f5459"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
22
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lomm56zx&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7643 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:03:13 GMT
x-content-type-options
nosniff
age
439079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:03:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7643 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:14:48 GMT
x-content-type-options
nosniff
age
438384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:14:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7643 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C_DuSRp1IZaziKKejz7sPw8670A_uyP78c__Rmc-DEsSEhZ4LEAEgzNS3JGC_BcgBBakCWse94TLFtD6oAwHIA5sEqgSGAk_QIB7ArRBlAl9FQfmiOIX036orn5UArP9TXBvkQnmIIuDlrPtS02kkPEMjv1KRjXLqq4iuIahKXKhfYmAFNDpBvoQ_9BrtG1LVgH4XxrU5TaSUxjmpf7dQTHkx5_TucGLOQOWdB7oWkwSl91v0xV3u5e_w9lwwU-8iYzFQ_ED4kDwPktnexwtB1ftUzqid7iJcxh-Qdi9J6olvfSYYiSbHcOrucLxq2X2ZUIScc-HlfzodcizEravDkRm2rj76u-pfF_ry8QmTZaS02JVq_-cmzNiirkI2LYLUP4LC9TixA1kVsS2PpaOQTtyS1mGKzlVo-Jy0hfxpQXQiJGiRpgTqg3uFLjHABPvK_ujABOAEA4gF2tfDnk2QBgGgBk6AB9Ww5oUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CU0ewE6GarxXIE4-d_uMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1699257671865&ai=C_DuSRp1IZaziKKejz7sPw8670A_uyP78c__Rmc-DEsSEhZ4LEAEgzNS3JGC_BcgBBakCWse94TLFtD6oAwHIA5sEqgSGAk_QIB7ArRBlAl9FQfmiOIX036orn5UArP9TXBvkQnmIIuDlrPtS02kkPEMjv1KRjXLqq4iuIahKXKhfYmAFNDpBvoQ_9BrtG1LVgH4XxrU5TaSUxjmpf7dQTHkx5_TucGLOQOWdB7oWkwSl91v0xV3u5e_w9lwwU-8iYzFQ_ED4kDwPktnexwtB1ftUzqid7iJcxh-Qdi9J6olvfSYYiSbHcOrucLxq2X2ZUIScc-HlfzodcizEravDkRm2rj76u-pfF_ry8QmTZaS02JVq_-cmzNiirkI2LYLUP4LC9TixA1kVsS2PpaOQTtyS1mGKzlVo-Jy0hfxpQXQiJGiRpgTqg3uFLjHABPvK_ujABOAEA4gF2tfDnk2QBgGgBk6AB9Ww5oUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CU0ewE6GarxXIE4-d_uMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7643 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lomm570a&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1ao&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 7643 		26 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D21vsBF8oi-b9KqxQDKe5_E3iW50hTkM9DBpSKbgRUD_it30QM4d0GnRuAxzMK7CIU9pictDHuxMi7TH9cp_w6Y2-f9w&dbm_d=AKAmf-CPG5sl-hLwdHHHMFTvunyez-ErsZNdCuuMgh8Q0Ew-2-LBLe922Ebf9uWFucFHUbIpKMcgLDN1wLCSjNknI2hLPNYGV4Ip087NbWH8TB9O-heu1XCODNfCV5m8s8flX2Qyn9xF3-mZLg1rp1Cv9kUeNDfKaaaFih7QW5I6yIm6WC8ENyE1mP0rAwgtT3xMc99_SSaYEu6M6JQv0xfn4_BEClIJ5P-Aax13f9jFsq77QJTCyS2rfnyq0RINy5qY0avyJuh3IYK_BrcgBbxRDW8oiZANa6vRcLPXWkWi_k_nlwta4886Ly9GjLlePITsCKuzo4MrO9S4R6ahhPcNQTrp_4so_KQr-DLGFGjTd9G9Rq2SGi33WX1f3ZTNH7a4EubEXq3q1ub4zg5CcQsENlCUdzX4W_C1Z-LSfsZ4Ng0zCBvsRaHMHhMRlXyoKLRWGuzvAlCGLc5Efo9O_gxZbZBT6gk6A85lsxP089Zxl_DolFVami9RgJ6OdQ8zHC8tiVJezhr3Fl7wAnKn9msUu1lh1q70XzCWAyiE4EES9TYZpBLFW3y9Y8WJonirCN8pN8TotnazK8dwQzg-o6c58wanUzv2orLsoZPI9E5niR2t8OyCIFb6S47TtQxYDvElsMUQeKny-qBPL2Z586OGU8B4NX_rU4AUs7JSxRnGUHVn6fukJykIulWJOSaeOP2JPgG4OxAQNGyeCf3CjrryXphkQVIAXxADRp5PB9bBYn0MJxuraeHIbnoevh8-qm9tBUv-KAauHJ66-C0QHvblytlEtdeK8OT8ngwu6tbrS6LAETXAnDXIiJveskB8sNyZizCYkglmUKKrn3W3eWGqFrRLpmWxxBO8dcLJRHygHko1VZebilDYfkSWBkn4OwI5KfAIf3VWzPCt9HRJmxU3ogww05MwZJ2OKhoZzDvmYjmn-FbRTGyOpm0_KX--ReOiCYdIhMa9rKZQTkiVO_5M4NNs4cX7WpWeXDhZjJrQpw_5sSRTlcaEZuf6U03jOm9xelfGR44Fa0rUC-OwdiEpFHXLk9VxYgbpmEXzAwohkTbFzKHlB9bxZeG8xmfxufmCX_mdxBlWBcNjN4PmrSGqeVcoSeFfjABjt241iB_YmVMk2G2pHr83hCGDeDin2pTjjkKVp9pswKg1gglvQ3GAZpxqT8FkAGZgV5qj4Cvg27vus8GzinhkrRzxR4HnYaeuJfy-NBxouhha8UJYTCuC1SCHZEespiATqM5fSXf9jar-wTQmLHHWsy_rj7yTA3sGilHyIR6Fi4Q-brmX9mV_jkx1c-C8r6aG0vTSmvGctOfq2Zul7BW12bt7hujegftngx633Z_izunHBkKtFZnQ7p_y3fTgqPTWG2lQQoJqhyIa-R330h0o8PY_atIaguCnuo23MJAeETKQIWjfb72W6wWzwamYtP8X7yCkkyJi-X45ApvPDO3YBDWIrGjIbRHfnaGnxeMqYGfFBzVZgIdEkOB575ZuSBLwAz0BwHz-RdSBz1lRZjcXgdVXVwEiYH-MYADnbgTOlU5isIzRVpw6DeKwxOGv9qEzmPaBgsyqB9p_UsW1m11KoA7Qk9UIRXTMLebMWrhEiTkn8axdmhBhBO3MoyOMbtYMuC0Pe4QjWkS6TGOOdpaJ1-PlyN0WmIQ8dCmcm-6IcKuzo5XASXmgvi32enCib66TsBPm5lYfPpIqYgsXcXAfHkh74BMZvtYAZGcCnOdziG6PhHqrsOyO6Roj1_pZ6qnE8hmywv2xMgDsb4xvs0AKcnHqOQiC0r1qjG1mBItIDj2OZwN3NMhdY6izhOZTk5IvsKXOiBrpgKhD7h27k0EXbD-Xp31ZYSzj01ftqre_OrCgNcNG6LuhK-8pJauXuSyw5HWFoYqWW3mHWIHE-tMYDwFKPzabH6HYBSs64EVOyUWBgRbbe0n7lUNfBnT6MhpjGKjKK1pLujXOTHLhem8pdWkRICAZXJN3LvB7sXv8szVNjExDK0X7SryhnQmgqLdm0pdcZgsGok7VgTR7W87AjmSyH2EdJlMToIcF85MHljay7dp6kTZ3snJHoJvYKIdZnZpi-bBQAiuLqBH8AS_xtLTsnyrL9LS3DAR-yk7PvUjG2Q5VYYlcOjBGVJ4asRrGl22wFEADCyWRNRAmJaqFg_mw2dPVRMdtM7yW9G6kwi2nqYdiZKYe9PEvaDCE-ANmZFo_pHqNeDmHMEe8RHjMThHo7n_M1HA-41H0xkqCs9DP331T2tmcmPseIxk9IQqRq9w2ewnc97bUoNFhpNgyAtcm-lJOaRn8LZHGcBbvSS_HEZAjZeKatmz1ijgNH0tuDW6rZ48a8eAKeZwVkRhd6D6eeRmu9gGQlyJpfowD957mmEeqxYKMPUdEMfkGtoRMwHR-5AmR2Zph5V3Vc8QUabN94gszzkWxlM6HIzxSi0P31reWu66pxOEpFtHYQLPnn5TPT07X1Otr23ma7KWJbDLrbcvfkk3xuFZedCRZKBT3PXa-SHAybv8dzFUrRa0qQyBmhZBdHBHipORJBSpOv566hivv-S4bLIzuQPIKXyMBLU8uvj_NAH_IyOd1m5sSGfiKTcIXwkbMOy5rc860mMPbJTtHNezGFU7JSDR6ESfBeQknVA0MUukgjPLGgOQEffD5ov3tdur4UNx6doTWK_LzqW9CJ9AkL0-TdO8X-TVyc3ZSANlrkLh_SlvbX2tXzPHgpa6tmyOuTc9nJgKBXEgmBjnUMGxpRQInlqW4STZMyDlNZdPvxvCZOzNNrAjYLjjYqurq21e96BgstsMCPHaBsN2hmUMqYEXPvJFzGS0rdJGAOo4kfB4RfCRXmcr3h6D3ytRCgLqfcjWHmK0B2QGdGCezZ-BX5FrTM10l4yKp7u_Wsc16AdqmNPmvk9XeHsuGGH10UsqqnczrArhrhrWCzBp3rDNr1IBtlRRbmqRRBTxJYCYdWl7DqfOsIKJRnQl79d3GUP37kcEpT5PAOxgHPID3K5jFf9y3tQhApOSl2-4GQdKH1WsYh7BysUodc_i9rq7OkwkswY56UNlKJJSOfx3LWCMAxACVRzfg0PcAAsjuUvsiPkB3PmvJzKClQiFBsnYvERWgdd2bP7Z1AQQa3u-aHsN6ajBodNzD33Kz6qHLZVu-21hdutN-7JK0Kkx-LWjGDPWjIauIyafkCMYAYx7rR2NFZtMh4l0nLbMsoPbCuJfbhz9Qq7kvP0sEg_Xmb4pzWvq7zh2ry4EVUm7_vG_X7-B5cTpGzlRUZ9iGhWpqC8xY1HaMwdVgwdChdnKCVuchORdtzkEWAa7gLUPmSWZUkYP0S-aZwnMPKzWmkhfcj4kLJAssPYMFnn0ljvFjEMX67y3FOoKFFl8&cid=CAQSSwDICaaN6rVTv17FsPAd0IyJbhDM_JTt0WIvZvfK-hVSMB7hFxQVswLemx0N3j_HpjFFbu6ZJz-uyQ6UXjRfPsNiJ9PynKfp7WdlyBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
adfeed5d00f3eea271a43d70feaf34e830a26bfebd45ecdf8a0c86b27563fe8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16544
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3C9E 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
3271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 07:06:40 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1521 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0fa249958e23f79029a4350ebbb6021a77035fa69e049c8c50109e1930abe6e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7643 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2d5da4a3353029516cc726ea69ad61ecea6e0517d1e4a08b3eadeb3c25814ae9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1521 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 06:06:44 GMT
x-content-type-options
nosniff
age
438868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Oct 2024 06:06:44 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C9E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:12 GMT
expires
Mon, 06 Nov 2023 08:01:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:12 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lomm5718&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
76263767
unified.adsafeprotected.com/v2/1793217/ Frame 7643 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1793217/76263767?omidPartner=Google2&apiframeworks=7&bundleId=&ias_xsid=[TIMESTAMP]&ias_dspID=3&ias_campId=1014992527&ias_pubId=pub-6586021537633126&ias_chanId=1&ias_placementId=20733553626&bidurl=https://xn--220b31d95hq8o.xn--3e0b707e/&ias_dealId=&xsId=ABAjH0iMRph_ZiI-9ot1b6BW1IfU&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0iMRph_ZiI-9ot1b6BW1IfU&originalVast=https://ad.doubleclick.net/ddm/pfadx/N958828.3665442DV360/B29471756.380046063%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://xn--220b31d95hq8o.xn--3e0b707e/%3Bdc_ves%3DdGltZXN0YW1wOiAxNjk5MjU3NjcyMzYyCg%3Bdc_cid%3D204119739%3Bdc_adid%3D570625143%3Bdc_vpaid%3D0%3B
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.135.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-135-227.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
94439e385c37d9681d52be2012dbda51207f39988a3fa35fae4d89db19cefc7b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:13 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
cl49qi4v59us1s87aq4g
Content-Length
4681
adview
googleads.g.doubleclick.net/pagead/ Frame 7643 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKu1YRp1IZaziKKejz7sPw8670A_uyP78c__Rmc-DEsSEhZ4LEAEgzNS3JGC_BcgBBakCWse94TLFtD6oAwGqBIMCT9AgHsCtEGUCX0VB-aI4hfTfqiuflQCs_1NcG-RCeYgi4OWs-1LTaSQ8QyO_UpGNcuqriK4hqEpcqF9iYAU0OkG-hD_0Gu0bUtWAfhfGtTlNpJTGOal_t1BMeTHn9O5wYs5A5Z0HuhaTBKX3W_TFXe7l7_D2XDBT7yJjMVD8QPiQPA-S2d7HC0HV-1TOqJ3uIlzGH5B2L0nqiW99JhiJJsdw6u5wvGrZfZlQhJxz4eV_Oh1yLMStq8ORGbauPvq76l8XovNr_AD34iYWPcS_bojnSS2q57lBfX1TfUPSH7uHUDypig8ypzXjf7z4eUUT5AQHFxer0HGN6ZRk4co1v1XB68AE-8r-6MAE4AQDiAXa18OeTZIFBggbEAMYAZIFCwgiEAMYAUi4zpQCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfVsOaFAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPPpBRiG46_8AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBsBOhmq8VyBOPnf7jA9ATANgTCogUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi02NTg2MDIxNTM3NjMzMTI2GADoFwU&sigh=tf9R8HR1H9A&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN6rVTv17FsPAd0IyJbhDM_JTt0WIvZvfK-hVSMB7hFxQVswLemx0N3j_HpjFFbu6ZJz-uyQ6UXjRfPsNiJ9PynKfp7WdlyBgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
Attribution-Reporting-Eligible
event-source
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 08:01:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adBanner
www.mediacategory.com/servlet/ Frame C885 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=http%3A//kisawarning.o-r.kr/&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
3dff5f06712829857f111430f58881d44d26a44678d63438edd61eca51f9961c

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Date
Mon, 06 Nov 2023 08:01:11 GMT
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Pragma
no-cache
Transfer-Encoding
chunked
vary
accept-encoding
close_video_bt.png
img.mobon.net/mediaCategory/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/mediaCategory/image/close_video_bt.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:09 GMT
Last-Modified
Thu, 22 Nov 2018 05:59:00 GMT
Server
Apache
ETag
"f0427d-bec-57b3a902d2dc9"
X-Cache-Status
HIT, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3052
/
www.googleadservices.com/pagead/ar-adview/ Frame 1521
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CcmWmRp1IZb-0KLCkz7sPhsK72ALD987tc9-_rPaYEv_1kOPXAhABIMzUtyRgvwWgAYDY4f0DyAEBqQImQfRrTpGoPqgDAcgDywSqBOYBT9BKX2_Bv6Ob8IglZOV1ADGxjE762mzV4bEz7jl...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3dd09dada74f15660000000000000000%22,%222%22:%220xf62bfba06c511760000000000000000%22,%223%22:%220x5750893...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3dd09dada74f15660000000000000000%22,%222%22:%220xf62bfba06c511760000000000000000%22,%223%22:%220x57508933a8c715fa0000000000000000%22,%224%22:%220x5a54b4f7428579630000000000000000%22,%225%22:%220x157e861c0db6bf550000000000000000%22},%22debug_key%22:%221304938157659315605%22,%22debug_reporting%22:true,%22destination%22:%22https://kinaxis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069050880%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224247965727320956881%22}&andc=true
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x3dd09dada74f15660000000000000000","2":"0xf62bfba06c511760000000000000000","3":"0x57508933a8c715fa0000000000000000","4":"0x5a54b4f7428579630000000000000000","5":"0x157e861c0db6bf550000000000000000"},"debug_key":"1304938157659315605","debug_reporting":true,"destination":"https://kinaxis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069050880"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"4247965727320956881"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 06 Nov 2023 08:01:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 06 Nov 2023 08:01:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3dd09dada74f15660000000000000000","2":"0xf62bfba06c511760000000000000000","3":"0x57508933a8c715fa0000000000000000","4":"0x5a54b4f7428579630000000000000000","5":"0x157e861c0db6bf550000000000000000"},"debug_key":"1304938157659315605","debug_reporting":true,"destination":"https://kinaxis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069050880"],"4":["11-06"],"6":["true"]},"priority":"500","source_event_id":"4247965727320956881"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
pagead2.googlesyndication.com/bg/ Frame 7A34 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hxCSxfMv2iBFhjrGrLs7kA8KHsgt38HzDym5Fkm1vio.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669932&bpp=4&bdt=1206&idt=251&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&correlator=1942697667256&frm=20&pv=2&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&xpc=VQMVLFE9pZ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 13:51:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
324590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19628
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Nov 2024 13:51:23 GMT
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lomm57gs&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 7643 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 11:16:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 11:16:55 GMT
file.mp4
r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7643
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03905D8B29CC5DE7324AA512991439F4F256D5D1.7F64266033866DF1125FC902C088EEB9884BE8FB/key/cms1/cms_redirect/yes/mh/nE/mip/116.88.182.175/mm/42/mn/sn-npoldn7d/ms/onc/mt/1699257395/mv/m/mvi/5/pl/20/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Server
142.251.85.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin26s06-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:14 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4237551
Last-Modified
Thu, 26 Oct 2023 10:10:48 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 06 Nov 2023 08:01:14 GMT

Redirect headers

date
Mon, 06 Nov 2023 08:01:13 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03905D8B29CC5DE7324AA512991439F4F256D5D1.7F64266033866DF1125FC902C088EEB9884BE8FB/key/cms1/cms_redirect/yes/mh/nE/mip/116.88.182.175/mm/42/mn/sn-npoldn7d/ms/onc/mt/1699257395/mv/m/mvi/5/pl/20/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lomm57y5&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2052&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.27r~videopreviewvisible.286&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3dd09dada74f15660000000000000000%22,%222%22:%220xf62bfba06c511760000000000000000%22,%223%22:%220x57508933a8c715fa0000000000000000%22,%224%22:%220x5a54b4f7428579630000000000000000%22,%225%22:%220x157e861c0db6bf550000000000000000%22},%22debug_key%22:%221304938157659315605%22,%22debug_reporting%22:true,%22destination%22:%22https://kinaxis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069050880%22],%224%22:[%2211-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224247965727320956881%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 06 Nov 2023 08:01:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 1F20 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
158400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 12:01:13 GMT
expires
Sun, 03 Nov 2024 12:01:13 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame 1F20 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 06:26:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
5667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 05 Nov 2024 06:26:46 GMT
mobon_reset.css
img.mobon.net/Frtb/common/css/ Frame C885 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Mon, 29 Aug 2022 05:49:42 GMT
Server
Apache
ETag
"f0265d-238b-5e75ad48a2078"
X-Cache-Status
HIT, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
9099
jquery.js
img.mobon.net/Frtb/common/script/ Frame C885 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/script/jquery.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0272e-16b3b-5935d7c543da4"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
92987
mobonStorage.js
img.mobon.net/js/ Frame C885 		508 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Thu, 21 Apr 2022 07:04:20 GMT
Server
Apache
ETag
"f08574-1fc-5dd24b81768e7"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
508
webutil.js
img.mobon.net/newAd/common/ Frame C885 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/common/webutil.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Wed, 18 Apr 2018 04:47:59 GMT
Server
Apache
ETag
"f40c8c-dd0-56a1828c66b1a"
X-Cache-Status
MISS, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3536
frame_default_script_S.js
img.mobon.net/Frtb/js/ Frame C885 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/js/frame_default_script_S.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Wed, 10 May 2023 08:12:42 GMT
Server
Apache
ETag
"f011c6-76c6-5fb526fa391c8"
X-Cache-Status
HIT, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
30406
nr_type1.css
img.mobon.net/Frtb/common/css/ Frame C885 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/nr_type1.css?122
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
Apache
ETag
"f0116e-436-5935d7c53fb3c"
X-Cache-Status
HIT, HIT
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
1078
bounceRate.js
img.mobon.net/js/ Frame C885 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/bounceRate.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Thu, 04 Feb 2021 05:36:00 GMT
Server
Apache
ETag
"f07ff5-bf1-5ba7c14227b88"
X-Cache-Status
MISS, HIT
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
3057
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F20 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BAnOoSJ1IZeOJFc2dssUPspqayAIAAAAAOAHgBAI&bg=!V1SlVBvNAAb4oU7C2KE7ADQBe5WfOOCVBsr_8UOqFx67aSWMLW7Wq_fzajKHzs5byoEgipdRvyI1PESNR4m-88LiCuDAAgAAAFdSAAAACWgBB5kDIqbXkbpvXooghBqtetPUNOooTFude55HkUfC9kf7TkInQn393XmaYYhMJdzdYnkBqA_RtxSnSFCktRylCLb0FpjqOGBXiqilS8OQSqBd3jgG5MBnIB09eltYiUTuofXYR_jmatw-cuxDaEjuYAO6k4BO0M-yJrtS7JwfBGyKoiBqX_LshVCaJj0CJj8Ti8HRpFDOGkGAGWe-qvMTdl7DE1SMc4NmQ9joVAKFtDBurpsge_W6UjIOKqv4c2LGO_PJBjsY_Ln8M4ATYs4bI5d8VR6F_J7cf7Qe0dDpoubuthSeNJ_lzjyiDDHwelZ83SoLEaoQntg0GyI8rvraTgkVGTMoY3mvPdrwSOaylICapJPuaa8gd5z8olA3cY6UJgoagaqyJw1UuECExa4VAFQgrZyutCplZtCPuvVGRs3TRLm4NhdmUJQIK9SuvR_ioBaC9-3xomDOQ2uysGM-_i2MJAFJwdj4t65DoFworr9X5Y7bcEYsuknudmOgLuy7U8NweIkEe6STu-auIbasPMXMYpTHCasyHVVAQWxipDqXQB_h9L87wvKYZVDmfm5-OSvHYS5Q_i0jX9QTQh3Hsrrn2A5YW9aAkx5Oa3mGt9Ef-jOwtJppQBe8D-q02yhoryg9sK8WXUkvzir8Nz5rKXp-XxCR5d5-Mt9m3X7Ya87ZeUCLVEojWbKkBYoKCP5sVqnyX5Ii1LAoGYRANsDBBbnzS4Op5nRO-3g6RAsoQgE_P8BgMkn2ifD7M5k6pvP0-kRM4U0YD_pd8zVet_lxtkVHRcOHF5tYJ5hNT6wFg20ykJRmenOCPKK-Iju1y18ErUCcz29EVqllzbCs_6NJIYGWgsUbVrwhxv4kisPEnrsaknzqDWqUOpxNkd4-L0dVBsfkpBweqtqFpRqJTV53O5UZl6p5okOGS-dsCXwIIQ5kQFCS3no0gEtq-WqGOQymxPh4T_eQ2gjqbai7dagFf38DKKoqu9X_beFuUyG6aGtjPTZ3mNwLxKuSBG0qWhc-4kMVhjOysOzLYi8Wr0ETsCWT9VXo5dMZ-Rf7Z4s4mKfOR4KwIm0
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lomm57ym&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2052&mt=video%2Fmp4&vs=1024x576&ple=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1521 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWo7ATHHf6CVV0nB2Ywzzxt1C2SwTczEIQkKUNU-4KnFjklCdIzcWNALCJoxVwAi0COpMb2i6sMl61maWI0M6vFESWYkXHpPDjo98QrZB17NfFDR5ak9uNwHaYP9XZDhjypy67M_Jv0dYd2F4Tz5mC1HURx4cG5m_w2nvm5HqaTo5T8JOSu8ZuxLlyJr-RKUNyEmNbvf-OfyX_8WOfT2gKm1r39DzXks-ykvs5QQf8bg1CnxiNI-IQMaYHdl1IkUq8jRtcsVoL8qXOo5A91D2-YhXhEAgjX65as7tJzWUndBsv_r45AsdQN1wJTtMmWRCFlxuk5Ci4WYz9_apc7nM7KRlKNH9q5K-Ypoan28afrt50Z_1YyoQQquvLv46vaSwi78SXkoHnGh-EwCUxCHqmBafhinlL6UThZ34VQWqLoHPw39QOZSzl8P5Yv_m4eQv0nKSQXVatNn2_60SqrmeFU0CZKxGWatikW3Rrn4dyRb_06544SB5ASxRTI2sZ1qZ_3nYPtEXrBMiN3Vo_9qRlr6pqfzs2ITW0wxim8VTZGc0uPWcmUFlyf0vjcc4kHOVvVbQKlcvxNS3OobipjofC5z_vdXKx71EY4ITVeu9ifH1_OLRl68QKePQ-R7olOPXU-MKQjKSGYVDf0YwHgkfs5w35BMPL4sJmcMrTYO2W8TBtE2T3cI1kBWTBhRqjC9YB_7wxJo1-_2G3uoMHb7iFzX3f8yLWo9G3jocElZ7fGIfl27p4-Y14dTAyEBmf1UoAzMKp8XUHD0JQuQHHMR6vBMafOULnyDu5M3CZMQdf2Onyu9D7Nb5kiV2ytQiLVcRl1A7i14ho-VfuD9AMhywpy9ldI_oApc4Kam7LOxbP0PUdYCz11BbTKGpCXUPzNL3NDzzGPQfTOJUC_y4IjDSqAQx4n496liM2Ww6iP6CQmWYIKlI3Ky2_BwPKe3YuBW0F6ouY-ko6StGkQ91RIhFiAljzmr_34IagRcs8fWmxO7HW_ujmpOOc4tOMOWELQoA5HGe3iHMeZszDS76xnf6ESyplwBRtqcGRA18hBdVmsC2ZQmW_YWjBcLuKMI0wQjNl8ke-q8_8DExuh9qltmiZv1XynhQPxcjGd4QbpRq4zh7Zg1txrtoFHRK-zbq345FuV4NpaXAuOVtdH6OjuE2PSMR4BBO5UvxsqCM&sai=AMfl-YQeotYjI6Li8wnPMJOOxFlkqPcsrkr5bdSt0Mo9x1PTWzWHVjPQapbzTs8sPPjzK-EB_q-Q3nG6zMyD1_tuxsQVsDFnowHjB8faeSB4_1Cag66met-tEP5cPcuuvynTalFX43Z4nsXl8woWRXm6Pb5gnUCqC30qhg&sig=Cg0ArKJSzGDqIP0WC0MBEAE&cid=CAQSSwDICaaNLRbiTv88M-80iEhrZKDMAx6G2akssOdB3vvyN8WPtIOKzaflKr4LISWXiSPZPhmkvUQ21DLiA3cghJFAK45NNThlztaZlBgB&id=lidar2&mcvt=1000&p=0,0,280,938&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=826057586&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699257670204&rpt=2845&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mobonLogo02.png
img.mobon.net/newAd/img/logoImg/ Frame C885 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/newAd/img/logoImg/mobonLogo02.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Thu, 16 Aug 2018 00:58:34 GMT
Server
Apache
ETag
"10010c6-287-57382f14d9e5f"
X-Cache-Status
MISS, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
647
ic_location.png
img.mobon.net/Frtb/images/ Frame C885 		264 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/Frtb/images/ic_location.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/nr_type1.css?122
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
eb40338042d0deac1119cd0e91aad83ecae0de04dc0c2895d1780959cfd7eb4c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/nr_type1.css?122
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Last-Modified
Tue, 26 Jun 2018 06:38:35 GMT
Server
Apache
ETag
"f01143-108-56f85bf584a76"
X-Cache-Status
MISS, HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes, bytes
Keep-Alive
timeout=10
Content-Length
264
20230921170357-aBylhtvCnB-336x280.jpg
img.mobon.net/ad/imgfile// Frame C885 		88 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//20230921170357-aBylhtvCnB-336x280.jpg
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=http%3A//kisawarning.o-r.kr/&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
222.239.11.20 Gumi, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache /
Resource Hash
27c42c52c4a1ad727e22d0d87ecb67dda1307a2ab6eb6a490d6488a38401dd95

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Sep 2023 08:08:38 GMT
Server
Apache
ETag
"4b3a68c3-15e53-605d9ffd2d47d"
X-Cache-Status
HIT, HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=10
file.mp4
r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7643 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-npoldn7d.c.2mdn.net/videoplayback/id/c747f1c084258d86/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3842763138/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/03905D8B29CC5DE7324AA512991439F4F256D5D1.7F64266033866DF1125FC902C088EEB9884BE8FB/key/cms1/cms_redirect/yes/mh/nE/mip/116.88.182.175/mm/42/mn/sn-npoldn7d/ms/onc/mt/1699257395/mv/m/mvi/5/pl/20/file/file.mp4
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.251.85.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin26s06-in-f10.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 06 Nov 2023 08:01:14 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-4237550/4237551
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
4237551
Last-Modified
Thu, 26 Oct 2023 10:10:48 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://googleads.g.doubleclick.net
Expires
Mon, 06 Nov 2023 08:01:14 GMT
csi
csi.gstatic.com/ Frame 7643 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lomm58jk&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2052&mt=video%2Fmp4&vs=1024x576&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1793217%252F76263767%253FomidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xsid%253D%255BTIMESTAMP%255D%2526ias_dspID%253D3%2526ias_campId%253D1014992527%2526ias_pubId%253Dpub-6586021537633126%2526ias_chanId%253D1%2526ias_placementId%253D20733553626%2526bidurl%253Dhttps%253A%252F%252Fxn--220b31d95hq8o.xn--3e0b707e%252F%2526ias_dealId%253D%2526xsId%253DABAjH0iMRph_ZiI-9ot1b6BW1IfU%2526ias_xappb%253D%2526adsafe_par%2526ias_impId%253Dv4~~ABAjH0iMRph_ZiI-9ot1b6BW1IfU%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN958828.3665442DV360%252FB29471756.380046063%25253Bsz%25253D0x0%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fxn--220b31d95hq8o.xn--3e0b707e%252F%25253Bdc_ves%25253DdGltZXN0YW1wOiAxNjk5MjU3NjcyMzYyCg%25253Bdc_cid%25253D204119739%25253Bdc_adid%25253D570625143%25253Bdc_vpaid%25253D0%25253B&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.176.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yucmhaa-in-f120.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231101&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
4d10cd04c4eb9e2d6cc793e7db9cc09e2923675c857d3ca4a17f9162c347fe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12179
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 7643
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=3b224fb3-c01e-4b23-ad42-2a80a8ec8c12&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
0
0
dc_oe=ChMI483Ej_SuggMVzY6sAh0yjQYpEAAYACC7vaphOhoI4cKEhgEQ-8r-6MAEGI-d_uMDIP_Rmc-DEkITCKyd3o70roIDFafRcwEdQ-cO-g;dc_rmcid=CAQSSwDICaaN6rVTv17FsPAd0IyJbhDM_JTt0WIvZvfK-hVSMB7hFxQVswLemx0N3j_HpjFFbu6...
ade.googlesyndication.com/ddm/activity/ Frame 7643 		0
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7643 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_DuSRp1IZaziKKejz7sPw8670A_uyP78c__Rmc-DEsSEhZ4LEAEgzNS3JGC_BcgBBakCWse94TLFtD6oAwHIA5sEqgSGAk_QIB7ArRBlAl9FQfmiOIX036orn5UArP9TXBvkQnmIIuDlrPtS02kkPEMjv1KRjXLqq4iuIahKXKhfYmAFNDpBvoQ_9BrtG1LVgH4XxrU5TaSUxjmpf7dQTHkx5_TucGLOQOWdB7oWkwSl91v0xV3u5e_w9lwwU-8iYzFQ_ED4kDwPktnexwtB1ftUzqid7iJcxh-Qdi9J6olvfSYYiSbHcOrucLxq2X2ZUIScc-HlfzodcizEravDkRm2rj76u-pfF_ry8QmTZaS02JVq_-cmzNiirkI2LYLUP4LC9TixA1kVsS2PpaOQTtyS1mGKzlVo-Jy0hfxpQXQiJGiRpgTqg3uFLjHABPvK_ujABOAEA4gF2tfDnk2QBgGgBk6AB9Ww5oUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CU0ewE6GarxXIE4-d_uMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF&sigh=8itDHphcYyc&label=part2viewed&ad_mt=6&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D833398321%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257674904
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 7643 		0
0
pixel.png
unified.adsafeprotected.com/ Frame 7643 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0LyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiMi4wIiwiY3VzdG9tMyI6IjIuMCIsImN1c3RvbTciOiIxNzkzMjE3IiwiY3VzdG9tOCI6Ijc2MjYzNzY3IiwiZGF2M19kZXZpY2UiOiJERVZJQ0VUWVBFX1VOS05PV04iLCJkYXYzX291dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwiLCJkYXYzX3VhIjoiIiwibW9uaXRvcmluZyI6InRydWUiLCJyZWdpb24iOiJzZyIsInhzaWQiOiIzYjIyNGZiMy1jMDFlLTRiMjMtYWQ0Mi0yYTgwYThlYzhjMTIifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEwIjoiMjA3MzM1NTM2MjYiLCJoZWFkZXIxMSI6IkRDTSIsImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjcmVhdGl2ZUlkIjoiMjA0MTE5NzM5IiwiY2IiOiIxNjk5MjU3NjczMDI3NDgwMjEyIiwiYWREdXJhdGlvbiI6LTEsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1793217&pubEntityId=76263767&iris_id=[IRIS_ID]&ss_iris_id={{IRIS_ID}}&fw_iris_id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.135.227 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-135-227.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Mon, 06 Nov 2023 08:01:15 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.gif
pixel.adsafeprotected.com/rfw/st/1793217/76263767/ Frame 7643 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7643 		0
0
rrum
dsum-sec.casalemedia.com/ Frame 7643
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CPfDChDb87oBGIbjr_wBIAEwAQ&v=APEucNUonjGnYvpt0bWFQWjijc1WSdZ32r9jygEFtsh5ewCY7SnIaM-iIvBhpQ1RAxhEiqSy106PLQKaAs-MtMpAE_T2hzeoZqRlevENyyz0qgkuLeeMrww
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7643 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7643 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU0hyyexXirqRpWIcgZDg6ia3hEK5R-o4tGFC1R1mh9-EHcNOUte-iZ8LidTfb2lEat6PHxEeH7ABmFacR9W0pnTRGaUC78qylchO3lQbvdOv1H_9RQ1-Z-uQkLixU&sai=AMfl-YTdsGI_mXUoOXfzJkHOMYXTDCsEW-H6vwzkjmjcFgCclR5pM42GzzCAiBhcnRHtgDPvPn_mQ4PiVwlK5fVSH7aPFpCTQ24AaqKIxZvcSvjltSmNdmUbkDWuenGQ1XWAzecPuID7_i5hGV3L&sig=Cg0ArKJSzDEkoRBBh39TEAE&cid=CAQSSwDICaaN6rVTv17FsPAd0IyJbhDM_JTt0WIvZvfK-hVSMB7hFxQVswLemx0N3j_HpjFFbu6ZJz-uyQ6UXjRfPsNiJ9PynKfp7WdlyBgB&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D833398321%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257674904&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7643 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_DuSRp1IZaziKKejz7sPw8670A_uyP78c__Rmc-DEsSEhZ4LEAEgzNS3JGC_BcgBBakCWse94TLFtD6oAwHIA5sEqgSGAk_QIB7ArRBlAl9FQfmiOIX036orn5UArP9TXBvkQnmIIuDlrPtS02kkPEMjv1KRjXLqq4iuIahKXKhfYmAFNDpBvoQ_9BrtG1LVgH4XxrU5TaSUxjmpf7dQTHkx5_TucGLOQOWdB7oWkwSl91v0xV3u5e_w9lwwU-8iYzFQ_ED4kDwPktnexwtB1ftUzqid7iJcxh-Qdi9J6olvfSYYiSbHcOrucLxq2X2ZUIScc-HlfzodcizEravDkRm2rj76u-pfF_ry8QmTZaS02JVq_-cmzNiirkI2LYLUP4LC9TixA1kVsS2PpaOQTtyS1mGKzlVo-Jy0hfxpQXQiJGiRpgTqg3uFLjHABPvK_ujABOAEA4gF2tfDnk2QBgGgBk6AB9Ww5oUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoBmAsByAsBgAwBqg0CU0ewE6GarxXIE4-d_uMD0BMA2BMKiBQB2BQB0BUB-BYBgBcB6BcF&sigh=8itDHphcYyc&label=vast_creativeview&ad_mt=6&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D833398321%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699257674904
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1699257670&rafmt=1&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699257669936&bpp=1&bdt=1209&idt=276&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1942697667256&frm=20&pv=1&ga_vid=1757354444.1699257670&ga_sid=1699257670&ga_hid=540303730&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079345%2C44798934%2C44806921%2C44807047%2C44807336%2C44807454%2C44807463%2C31078301%2C44806139&oid=2&pvsid=4289749258852049&tmod=1593402103&uas=0&nvt=1&ref=http%3A%2F%2Fkisawarning.o-r.kr%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=xipvf4A708&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=279
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7643 		0
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMMPJ6F50B&gtm=45je3b11v867488053&_p=1699257668994&gcd=11l1l1l1l1&cid=1757354444.1699257670&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699257669&sct=1&seg=0&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&dr=http%3A%2F%2Fkisawarning.o-r.kr%2F&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6938
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMMPJ6F50B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Nov 2023 08:01:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 08:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 06 Nov 2023 08:01:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0868 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
170908
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 08:32:47 GMT
expires
Sun, 03 Nov 2024 08:32:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 28D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f106.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KVBEfX26YKX529tadsEy6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KVBEfX26YKX529tadsEy6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Nov 2023 08:01:15 GMT
expires
Mon, 06 Nov 2023 08:01:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=3b224fb3-c01e-4b23-ad42-2a80a8ec8c12&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Domain
ade.googlesyndication.com
URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI483Ej_SuggMVzY6sAh0yjQYpEAAYACC7vaphOhoI4cKEhgEQ-8r-6MAEGI-d_uMDIP_Rmc-DEkITCKyd3o70roIDFafRcwEdQ-cO-g;dc_rmcid=CAQSSwDICaaN6rVTv17FsPAd0IyJbhDM_JTt0WIvZvfK-hVSMB7hFxQVswLemx0N3j_HpjFFbu6ZJz-uyQ6UXjRfPsNiJ9PynKfp7WdlyBgB;eps=CIBhEAEYHzICigI6AoBASL39wTo;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D833398321%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699257674904;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/dot.gif
Domain
pixel.adsafeprotected.com
URL
https://pixel.adsafeprotected.com/rfw/st/1793217/76263767/skeleton.gif?xmtp=v&xmapp=0&xsId=3b224fb3-c01e-4b23-ad42-2a80a8ec8c12&bidurl=https://xn--220b31d95hq8o.xn--3e0b707e/&ias_campId=1014992527&ias_pubId=pub-6586021537633126&ias_placementId=20733553626&ias_chanId=1&ias_dealId=&ias_impId=v4~~ABAjH0iMRph_ZiI-9ot1b6BW1IfU&ias_dspId=3&ias_creativeId=204119739&ias_=&ias_xappb=
Domain
googleads4.g.doubleclick.net
URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssBlHek2n57jV04nZ604hMThGkrVx1zohFCwbLcExudQQyzSMC2MXS03uKRdpa0KtCloJdJC0UygO7Lkn7zYri6IXMl8auH1r2aHHJeUwj7rjUMz4tTkVMkPNBniQhQtqf74rzcrylhuOq1QwbDGl_6Ln0OdwOopLONT1gSjEkzuv8IQhFLkKyJRF-8ifyeKukGYB_FZICybjrb5Pcj_ZxG20VG2VVDBmLwRHCuIM9mC2EFVIjwbjvLr4MZV5X6Yhkxq-yuqPQsOQzV62uOopOAHQldACvW89kVxWdCc6oVol4JUMeEPX0mG4bAQTLnpyauIqhweBaZ2R-QhNfeqzmr51yA0MNITfg86ZcpRJyI5lzslixEcSlibdoLf0rwL4ctAB4prsiZrpVj1tA856UDShWJnL3LjmlwEA58YDoQ5YrlBmiF3acJnBqX5GSsHKXNDalBdBdg-W8UfJkMZV3i6Q1skvLAhRR_edeFU9GG3RQPXEdaXGvpVmomwXIaqjRiWDJLzoH9qFTWIgPaxJoDjCg9oo5lOF34D4ANMQvRZJHvjrF-WJUOUDKud0xSeXu0nFgZGZBxy1tjQrpzWETAwIQmDBg5e9ImdIXPoPpJDrzQ9x4TATU0HWVk0EwdoHrujblU82miMTvAxKDwBOZz6gxO5xKeF2eByAeaNbjyhD8TqMdQ-gw5PW3CyCcAe1dUpMoSE5i9jl5T2NyVWEpSx7ubfiikgyfakGi2lNqzf4nfCBQXW30gmaZ0k2_DMHro0ki16k3ZfkGJHyTJLWwzxrokbjr6QtEYNENXc_ccIHz1rEt2G6aLVNQwCjeO_5GasxAJkKCovedtK0y_iClNQ1urjAFqrm63aLJX6cf4ivR96d-IVkH9wAcqgoAOl4OstXflBAiDBw921pwMwU5jIRFocexVlOwS5DonGTmLF82u_4dUqFTQ11BjHQj69MBgPdzXzi8e_UUxzqoMiqPdL-QgsuVByvhf3Zc9-8bRBOHxCn34-AAUCx0IitzRgKuUuLPztp4cc0NLquGuFmZ5UPb6rjSKBBAtg3TwcW-gUawFwz2LZn7dwpp0NGGE2a_6IJ87XdSSkJDWRsnntZD9bjzZSg8HBV4xRtTC8oVVG21bMZ7qRjrpIfKOOydBQwmhxIqnz9BwTh9J8MpqlaT92rOe-Vh4rwO8iDchIpim0kyLvX6-9qBMFbLAbPCjBxG0ZA-EgxgWLzuIu5RtQqiLjdRxfrun89gB_mHdoWnhCzgCgNwYT4tVw&sai=AMfl-YS0MFVRnyvCX5C0JJmHNjq-f3j-rcGuGTNUamA8-f-KTh53AkWLJiZBStcB_7LGGDTxt47_87wdfKnCboO-pRz3P2UBBHQlp00lY5wsDicMLwIHcxtd3cdiM2Rb6OEL1-GS4qgDU-Wx6ZfcCS9Y6xolEKJpZXfKzcGSOAIW8NqZugLGBCCTL5Lq0kr_Bje0TzfGpRqWK3UL05stWEAZh5PvxUcr9xiYk2W5DNmwr7gES9K0m1Q1-DJ93Zlp055lg1wuRRzONFYqR0fJ0JXmhbA_enmAJ0El&sig=Cg0ArKJSzCrheJvsaPBWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=8~lomm5952&c=5835613061468&slotId=2917806530734&qqid=CKyd3o70roIDFafRcwEdQ-cO-g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2052&mt=video%2Fmp4&vs=1024x576&dm=15000&event_name=first_play&asset_bytes=196963&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.3m7~ff.3ml~videopreviewstarted.3mn

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| $ function| jQuery function| Ajax function| captcha_get function| gtag object| dataLayer object| adsbygoogle object| mobonMdScript object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| ad_data function| mf_close function| mobon_postMessage function| mobon_animate object| wp_util object| wp_Toast undefined| wp_adbn_object function| resize object| defaults object| options object| productTypeValues object| platformTypeValues function| enlipleMBSHandler object| googletag string| wp_rcFloat

18 Cookies

Domain/Path Name / Value
xn--220b31d95hq8o.xn--3e0b707e/ Name: PHPSESSID
Value: unnctqpqcclf151cbpd9pk8ku1
.mediacategory.com/ Name: Start_Time
Value: "2023110617"
.mediacategory.com/ Name: s_IP_info
Value: "116.88.182.175.50731"
.mediacategory.com/ Name: s_au_id
Value: "cf397723e76abb3b-3774d25118ba3a5178b569a"
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga
Value: GA1.1.1757354444.1699257670
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga_FMMPJ6F50B
Value: GS1.1.1699257669.1.0.1699257669.0.0.0
.mediacategory.com/ Name: dsck
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_1_47_____"
.mediacategory.com/ Name: site_code
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_1_47_____"
.mediacategory.com/ Name: mob_ad_grp
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_dumy_dumy_dumy_dumy_dumy_99"
.mediacategory.com/ Name: dsck_frame_matr
Value: "132364_1b2606a5a88f49ad9daca1befa2bf7a2_AD_ico_dumy_dumy_dumy_dumy_dumy_N_dumy"
.mediacategory.com/ Name: ad_click_time
Value: "20231106170109"
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gads
Value: ID=37850847576b12cd:T=1699257670:RT=1699257670:S=ALNI_MaPMv-i3jB0j0MJflTJsblMqj_sYQ
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gpi
Value: UID=00000c80d177861b:T=1699257670:RT=1699257670:S=ALNI_Mbg_4ZtmsG69a9eD55Z3Q3As3jTfA
directauto.samsungcard.com/ Name: JSESSIONID
Value: OKeQfqfOHbHT2Tn0AG9739KqO0wA4TabhylK4nbWuah0IZIfWtkA!-1627176040
.doubleclick.net/ Name: IDE
Value: AHWqTUmX1B3mgbSTa25Ib21Eowc5tkQWPMJDWxne-FTCpisX_-ihS0Ow4Uewvm69azc
.doubleclick.net/ Name: APC
Value: AfxxVi4zMqitJXZCDUj8ZAryyoGA6ariD65cOxHm0h8Uw3GyG46kHg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1

2 Console Messages

Source Level URL
Text
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://xn--220b31d95hq8o.xn--3e0b707e/(Line 351)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.mediacategory.com/servlet/adMediation?from=http%3A//kisawarning.o-r.kr/&s=132364&platform=W, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cdn.megadata.co.kr
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
img.mobon.net
k-bank.n-e.kr
kisawarning.o-r.kr
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
r5---sn-npoldn7d.c.2mdn.net
s0.2mdn.net
tpc.googlesyndication.com
unified.adsafeprotected.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
ade.googlesyndication.com
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
googleads4.g.doubleclick.net
pixel.adsafeprotected.com
s0.2mdn.net
119.205.238.29
139.99.89.153
139.99.90.56
142.250.4.157
142.250.4.95
142.251.10.155
142.251.10.95
142.251.12.155
142.251.12.94
142.251.176.120
142.251.85.138
172.104.112.214
172.217.194.102
172.217.194.132
172.253.118.139
222.239.11.20
222.239.240.92
52.76.135.227
64.233.170.106
64.233.170.156
74.125.130.94
74.125.130.97
74.125.200.154
74.125.200.156
0667e955cab54a1fb06cfc1746d31f4b4c5ec474132f2392e866eeea1869c767
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca
0925eb13ff5283382673fd7a3b38ff7330484567f2b84c5a06a522a00d126c92
0b703915a7fb91a4d7ee229a8acdedc6105fc640fe99372b66dec92fc01c6904
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
14965cb7c814c269e74049dbb9ee731438ae64f85fdafece2efd0e397c2fda14
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c30b155dfd38c9b4bde9b4862b0525d8af0ce6db7f4f068624f4579a9d2a50e
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1ecc69f757f53d0d49e14758d786e73d8585f88d1ae4ce8dab61df1d7a5533c6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
27c42c52c4a1ad727e22d0d87ecb67dda1307a2ab6eb6a490d6488a38401dd95
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d5da4a3353029516cc726ea69ad61ecea6e0517d1e4a08b3eadeb3c25814ae9
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1
3ab5fbc781a02e0b7c0e0befb31939b4828bd38228950eb4713802479a2c83d7
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a
3dff5f06712829857f111430f58881d44d26a44678d63438edd61eca51f9961c
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4d10cd04c4eb9e2d6cc793e7db9cc09e2923675c857d3ca4a17f9162c347fe6f
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6230d463437f9f212ff5a23e3242981dbb9a3d79711a688f1651d35d08990f0c
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4
6cfdeb9af1badf5af62f77edb7c808ae8c86d9db16864cf96751d32854387d68
7642483f02347e32a803494b1aca3ba18879c3418d7b37f0554799769669e710
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
8471aec619053b6d621cc0e0c97235bfb0794e8394353a19d4ba073071524493
871092c5f32fda2045863ac6acbb3b900f0a1ec82ddfc1f30f29b91649b5be2a
94439e385c37d9681d52be2012dbda51207f39988a3fa35fae4d89db19cefc7b
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9b7e898a34447f00b2932322dd87b701d0bf774864d89359f4dd6126b0b55ea2
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
adfeed5d00f3eea271a43d70feaf34e830a26bfebd45ecdf8a0c86b27563fe8d
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5
b90f58f173dc59c336e85960a216ab573ad0efd532b9415ccce2f0b826ed7be0
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c
cc608f32c6f09b074313bb43231dd14fae9f255941e58b29c0b176ee817a3e14
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d0fa249958e23f79029a4350ebbb6021a77035fa69e049c8c50109e1930abe6e
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb40338042d0deac1119cd0e91aad83ecae0de04dc0c2895d1780959cfd7eb4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9ba5f7f6019fd1aa120abd1a51260cebd0667901719a0ef8ed4252f43d6545b