surl.li Open in urlscan Pro
104.26.5.19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://surl.li/qywuk
Effective URL:
https://surl.li/qywuk
Submission: On March 14 via manual (March 14th 2024, 1:33:05 pm UTC) from SG — Scanned from SG

Summary HTTP 121 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 12 domains to perform 121 HTTP transactions. The main IP is 104.26.5.19, located in and belongs to CLOUDFLARENET, US. The main domain is surl.li. The Cisco Umbrella rank of the primary domain is 860867.
TLS certificate: Issued by GTS CA 1P5 on January 31st 2024. Valid for: 3 months.

This is the only time surl.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	104.26.5.19 104.26.5.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
4 5	142.251.12.147 142.251.12.147	15169 (GOOGLE) (GOOGLE)
1	74.125.24.147 74.125.24.147	15169 (GOOGLE) (GOOGLE)
2	172.67.192.234 172.67.192.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	74.125.68.138 74.125.68.138	15169 (GOOGLE) (GOOGLE)
2 19	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
2	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
1	64.233.170.97 64.233.170.97	15169 (GOOGLE) (GOOGLE)
5	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
4	64.233.170.95 64.233.170.95	15169 (GOOGLE) (GOOGLE)
19	64.233.170.132 64.233.170.132	15169 (GOOGLE) (GOOGLE)
11	142.251.10.101 142.251.10.101	15169 (GOOGLE) (GOOGLE)
3	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
3	142.251.175.95 142.251.175.95	15169 (GOOGLE) (GOOGLE)
2	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
6	142.250.190.67 142.250.190.67	15169 (GOOGLE) (GOOGLE)
1 1	64.233.170.138 64.233.170.138	15169 (GOOGLE) (GOOGLE)
3	74.125.101.38 74.125.101.38	15169 (GOOGLE) (GOOGLE)
2 4	172.217.194.148 172.217.194.148	15169 (GOOGLE) (GOOGLE)
1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
1	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
2 3	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
121	23

14 104.26.5.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

surl.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.10.157 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.147 (Queens, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f147.1e100.net

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.192.234 (United States)

ASN13335 (CLOUDFLARENET, US)

web-screen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.68.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.12.154 (Queens, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.170.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 64.233.170.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.10.101 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f101.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.175.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f95.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.190.67 (United States)

ASN15169 (GOOGLE, US)
PTR: ord37s34-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.138 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f138.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.101.38 (United States)

ASN15169 (GOOGLE, US)
PTR: sin10s19-in-f6.1e100.net

r1---sn-npoe7ney.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.148 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.157 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161 ade.googlesyndication.com — Cisco Umbrella Rank: 306	674 KB
27	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 bid.g.doubleclick.net — Cisco Umbrella Rank: 891 ad.doubleclick.net — Cisco Umbrella Rank: 158 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	161 KB
16	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647	75 KB
15	gstatic.com t3.gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	114 KB
14	surl.li 1 redirects surl.li — Cisco Umbrella Rank: 860867	527 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 imasdk.googleapis.com — Cisco Umbrella Rank: 479	139 KB
4	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1260 r1---sn-npoe7ney.c.2mdn.net — Cisco Umbrella Rank: 405795	35 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	22 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
2	web-screen.com web-screen.com	88 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
121	12

	Domain	Requested by
19	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	surl.li pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	surl.li	1 redirects surl.li
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	csi.gstatic.com	imasdk.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
4	ad.doubleclick.net	2 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google-analytics.com	surl.li www.google-analytics.com www.googletagmanager.com
3	dsum-sec.casalemedia.com	2 redirects
3	r1---sn-npoe7ney.c.2mdn.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	www.googleadservices.com	surl.li
2	web-screen.com	surl.li
1	cm.g.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net
1	ade.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t3.gstatic.com	surl.li
121	25

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua
chat.whatsapp.com
secom.com.ua

Subject Issuer	Validity	Valid
surl.li GTS CA 1P5	`2024-01-31` - `2024-04-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
web-screen.com Cloudflare Inc ECC CA-3	`2024-01-22` - `2024-12-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-27` - `2024-05-07`	2 months	crt.sh

This page contains 18 frames:

Primary Page: https://surl.li/qywuk
Frame ID: C501EACDBA0CCDC9F39488CA0C347FC6
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20190131/zrt_lookup_fy2021.html
Frame ID: 5B91272818DDBDA51A4B5383832550D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1710423178&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fqywuk&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178301&bpp=21&bdt=1424&idt=97&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7228561977332&frm=20&pv=2&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=118
Frame ID: 88B5A4AB79481827D64AC749F1BECC5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1710423178&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178322&bpp=2&bdt=1446&idt=105&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=108
Frame ID: 1A375C4CBE885CC9DA9DF956F2C0AE80
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6FA3518228655F1E9413CBABF8177056
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710423179&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423179479&bpp=1&bdt=2602&idt=-M&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db04fc3f537156a61%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYQqHh5cbckAy3OsFtbe_1hkpCqgw&gpic=UID%3D00000d379099bfaa%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYLBzOkEF2-s-BIThoM5O9ndshO8w&eo_id_str=ID%3Dbefa5e4c2fd6591b%3AT%3D1710423178%3ART%3D1710423178%3AS%3DAA-Afjaf365lC__dY7O2_yvkIMAg&prev_fmts=0x0%2C1110x280&nras=3&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&psts=AOrYGsnHhGRl6EWVOMQOKuFKZs-4bmYh2Q_PI4LJt4lwXFXd7Qt7EZtVg-42rrCqs5i3bXlaS-Oa6HH_SRWqU0bDt5900A&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=339
Frame ID: 521887D1696EE070A126DDDEC4FEE53C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710423179&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423179479&bpp=1&bdt=2602&idt=-M&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db04fc3f537156a61%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYQqHh5cbckAy3OsFtbe_1hkpCqgw&gpic=UID%3D00000d379099bfaa%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYLBzOkEF2-s-BIThoM5O9ndshO8w&eo_id_str=ID%3Dbefa5e4c2fd6591b%3AT%3D1710423178%3ART%3D1710423178%3AS%3DAA-Afjaf365lC__dY7O2_yvkIMAg&prev_fmts=0x0%2C1110x280%2C1200x90&nras=4&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&psts=AOrYGsnHhGRl6EWVOMQOKuFKZs-4bmYh2Q_PI4LJt4lwXFXd7Qt7EZtVg-42rrCqs5i3bXlaS-Oa6HH_SRWqU0bDt5900A&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=345
Frame ID: BF91DDED8A6667DF43D70F2700A4AE6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Frame ID: F77CE0FDF06BDE6CCC4A4D94A62C523A
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Frame ID: F4D01A1E546FE630357FA0C3A0A5CA2A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Frame ID: B247D7163B975F1CEF4F4F1DE5CF971C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ED439CCDB01C9D8AE96804D0A57A075D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E2B83C358EC5858F72F3F15F06D0ADC7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 32997602426A34A29C50644C9636004B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: 9C1CF1A22587613F8B7F88423AD5136E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js
Frame ID: E5F5023258428447067E9AE486D68AB3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3CB1C065886588F09D4090603018AA78
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C47C8679D62BA139310C2AF7A843A511
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0FD337F25A953EDB85168B9066994290
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surli redirect page

Page URL History Show full URLs

http://surl.li/qywuk HTTP 301
https://surl.li/qywuk Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

121
Requests

95 %
HTTPS

0 %
IPv6

12
Domains

25
Subdomains

23
IPs

2
Countries

1916 kB
Transfer

8374 kB
Size

18
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/en/vpn?utm_source=surl&utm_medium=menu&utm_campaign=menu_button&utm_content=menu_button
Title: Buy VPN

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC
Title: Go to site

Search URL Search Domain Scan URL

URL: http://hyperhost.ua/tools/terms/term-en.pdf
Title: The rules of usage

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/hosting
Title: Купити Хостинг

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vps-vds
Title: Купити VPS

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/uk/vpn
Title: Купити VPN

Search URL Search Domain Scan URL

URL: https://hyperhost.ua/
Title: Hyperhost.UA

Search URL Search Domain Scan URL

URL: https://secom.com.ua/
Title: Secom.com.ua

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://surl.li/qywuk HTTP 301
https://surl.li/qywuk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://www.google.com/s2/favicons?domain=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC&size=16

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 69

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CcmnXivzyZaOjLdK43LUPg56IsAzsxsaYdpePoNrrEdvZHhABIM_J3W9gvwWgAfirudMDyAEBqQJsupFLoDGpPqgDAcgDywSqBNQBT9A41s5ElYCzyZ5kdBVrSc5AMPmqMqT7_MkBinB7fntIG_-mxcJLtBiMhtXlEPBgebtMLhHf1RdTUuu0S81C3yZyPqLIJ6rDPJmAuBRo6XE4CHjMf1ZdytCNvMDsAXMVOZIKRxruB0Zu_apNOJXUi_MW9QAxQJ3ay35F4ZTwj-iLD90i1WIFCPAjv84YwJkQVO0GcHoYgoQOg_wJJuapVzTplQ4nwCrgBneoBtCJHuU_f5OQ8WERX1H2FQfVhCSDkblM3xAX4_Fd1MMUfiNLngmeDqXABNmnnNf1A4gFjPLjojySBQQIBBgBkgUECAUYBIAH8NPGLKgH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEP6WRNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljB8u_v7vOEA5oJamh0dHBzOi8vZGVtby5waGlsbGlwbm92YS5jb20uc2cvP3V0bV9jb250ZW50PU1UNSZ1dG1fc291cmNlPUdETiZ1dG1fbWVkaXVtPUJhbm5lciZ1dG1fY2FtcGFpZ249TVQ1JTIwSnVsSFOACgHICwHaDBAKChCAitr5p86jljcSAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTUyMTM0MDcxODg0MDY3OTAYALIYCRIC704YASIBAA&sigh=0RtHWT948As&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtq0Xhp39SsEtfuzC1LqdYtuJnmACCvHYynnjoJAkerPQhEqfyp4bj5ltWvBhpP9HhOyaWCGWo4MCeQYUAI6HfxK8MNM5S0nxxt0ncYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x347985d3d3231f040000000000000000%22,%222%22:%220xddbc702f72ae45d80000000000000000%22,%223%22:%220xab55d7dc9c7792330000000000000000%22,%224%22:%220xff90287f660e29e70000000000000000%22,%225%22:%220x97b9ef740d64c1b0000000000000000%22},%22debug_key%22:%22156100744026193910%22,%22debug_reporting%22:true,%22destination%22:%22https://phillipnova.com.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980309496%22],%2222%22:[%22true%22],%224%22:[%2203-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227489582229871268513%22}&andc=true

Request Chain 87

https://gcdn.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/AE233DCE46B035572359CBF72BEFE95CE59F48BA.8E4F4AAB92CFF0BCA2A852DA152A9CE108DBB3D5/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/47E54D5035CB72DCCB96C62966A05EBEFD2C0B03.469BB8271CEFC684A3A2A99937ACA9E06D4C2AB4/key/cms1/cms_redirect/yes/mh/V0/mip/103.224.116.133/mm/42/mn/sn-npoe7ney/ms/onc/mt/1710422703/mv/m/mvi/1/pl/24/file/file.mp4

Request Chain 111

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CMKKrvHu84QDFcekZgIdfnMMJQ;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima

Request Chain 112

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CJKJrvHu84QDFaLIPAIdD2kM2w;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima

Request Chain 116

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDltvKkAxiAp5iIAiABMAE&v=APEucNV8HJEDxY_Q7962uCy-L_x2dbCuwpqFLmXL-kNW4Pr-pw_VjEXHR3gvOh23Gri2OXSDWGfCVRSmAMPkgj5PWX0ZpFegbx21zWKxZfRIs7vLRB1SUGk HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfL8josFVroAABA3ANFZzAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJ6QjM7YPee7RHDxX6OV4s&google_cver=1

121 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request qywuk Show response
surl.li/
Redirect Chain

http://surl.li/qywuk
https://surl.li/qywuk

13 KB
4 KB

940ms
606ms

Document
text/html

104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

e38b75194d069e248c44ce8b5d0228ceb8711888264092e8788a0ae343156ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8644a1f3bb7540aa-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 14 Mar 2024 13:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddozLiwUWNuo0WdaBb5iWqPx34dAmGGJWLRFeVWk8DCLweQ8edKQDbhsbwyqUuIG8OpyxSIdPyj%2FPAKdOvcylUu70So6i2eg0lmRv9gITVygVoEOKHOLxAg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.15

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8644a1ee2a938bca-SIN
Connection: keep-alive
Content-Type: text/html
Date: Thu, 14 Mar 2024 13:32:55 GMT
Location: https://surl.li/qywuk
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtGh7Q8ERLv8mAF7cWmiF5ZHWj6k%2BDVLQ%2FLE8rajj5WMo5XYfph7gcYf3r35yRdL99NqPjIT7fgZPUypafUYeQPw3Hj%2F2A0c9fHKGkTGRiwBXjkVzqhOA%2F4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 200 app.css
surl.li/css/ 158 KB
27 KB 23ms
22ms Stylesheet
text/css 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/css/app.css

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a2d6323ec235556eb2cd441c849220e38f271eea88d721083f05db92a155322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4292
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-2794f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFHEdX%2BA5fv%2FiN2XpduHv%2F2VBkLmcszLvCS7euDjhkUmeoQ%2FN8uayU8JmfBM71L6avDWILTzXFSJfRsnowfBClEYlBJSGfWbg%2FvWdE6g%2Fb0wKJChoe0YwO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7880240aa-SIN

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 1390ms
26ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

00e3415aa82adde0e8d553eec3bdee3acadca4cbdf77db6933608508e7f76d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51003
x-xss-protection: 0
server: cafe
etag: 15233611429169188701
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 14 Mar 2024 13:32:58 GMT

GET
H2 200 surli-logo.svg
surl.li/img/ 9 KB
4 KB 22ms
21ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/surli-logo.svg

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4277
content-encoding: br
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: W/"65dcc346-233d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KQyC%2FnFY9M1khKtyCrbgTuyjHQmp0dgsye0jTXD%2FkMbWOyOam4q6OLnzHm2p1C8oA73RKF8sjWkyuhA2kNUWLDGZuafN714%2FKQEkOun3iqnuj8he0BCtTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7880640aa-SIN

GET
H2

404

faviconV2
t3.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC&size=16

726 B
917 B

462ms
39ms

Image
image/png

74.125.24.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC&size=16

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Server

74.125.24.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f147.1e100.net

Software

sffe /

Resource Hash

59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/png
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726
x-xss-protection: 0

Redirect headers

date: Thu, 14 Mar 2024 13:32:58 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 361
x-xss-protection: 0
expires: Thu, 14 Mar 2024 14:02:58 GMT

GET
H2 200 plug.jpg
web-screen.com/img/ 13 KB
14 KB 1113ms
22ms Image
image/jpeg 172.67.192.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/img/plug.jpg

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.192.234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6297
alt-svc: h3=":443"; ma=86400
content-length: 13510
last-modified: Mon, 29 Aug 2022 13:27:44 GMT
server: cloudflare
etag: "630cbed0-34c6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1uy4nXgFpKlyWjIeUoQBxESdUb43cm4eYbynv5VbaOYBrj12sZ0VVFFe3tl4KTs8Q8DtnrSPVLSTnycJrL95B6DjocLQHnGQnMaHetLvlfMyKRSKMihTQq54efkQwnFog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8644a1fe5bd64118-SIN

GET
H2 200 pc-rouded-icon.svg
surl.li/img/ 20 KB
15 KB 24ms
20ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/pc-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4292
content-encoding: br
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: W/"65dcc346-4f3e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsTycCrYtPLIH31iClAKUmoiKy4kLsp5MOcAAo2%2FHRLvzuTpNREjnpm49%2B8F3l2OxYNiV8ZngTf0NZXHxhgTcNGSQ2fnaw8ykqRMsG1vqMgMmvtmd5MU%2BRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7a82440aa-SIN

GET
H2 200 gears-rouded-icon.svg
surl.li/img/ 4 KB
1 KB 23ms
19ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/gears-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4289
content-encoding: br
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: W/"65dcc346-e1f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vXPxexK8yKSc6F8Wr8HLWnnilawBl39Ieq7UW92AsiSiPsUsnRo%2F0C%2BRBQbHSf2RzisHs21ax%2FBOaPjMBwJEz%2Bn%2FSFV3JOj1oob5N0HlziWKh30sksfIdbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7a82540aa-SIN

GET
H2 200 planet-rouded-icon.svg
surl.li/img/ 5 KB
3 KB 28ms
25ms Image
image/svg+xml 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://surl.li/img/planet-rouded-icon.svg

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4289
content-encoding: br
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: W/"65dcc346-1574"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXkZATSdk1Hg2BCyrR6b9%2B3rgRzvopxfR%2BpFvBsXrUKj9kQNcc7ZQjL7PaPbiBLhm2sNWFjFPpMocPgSio2P%2B5La5nzlkVeJ%2BX0Ik6hLSdxNMvKU%2BLRV13w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7a82740aa-SIN

GET
H2 200 app.js Show response
surl.li/js/ 186 KB
61 KB 42ms
38ms Script
application/javascript 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/app.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ea30badf267e780878a8fdd63da55c8b8e6ea39d3f1b122855ac01c02d3db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4289
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-2e9ad"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2BXZNb4oq7aKX5HtlPJmEReg76Jz41ud6eysFFQITa%2B6IKfzOgA%2F5KqFkC16jwYRfwnG%2BI6eRSSLjhqeGc%2BtY%2Fx35TeJ7xLUSqAbqdb%2F9azhlsE2Bda8UVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7a82940aa-SIN

GET
H2 200 preview.js Show response
surl.li/js/ 88 KB
32 KB 28ms
26ms Script
application/javascript 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/js/preview.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6dfd360ccbae2e81dc8f69b9c561e99e7034b0417b2a0bcbc85c2ff629ab6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/qywuk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4291
content-encoding: br
last-modified: Wed, 17 Jan 2024 14:23:01 GMT
server: cloudflare
etag: W/"65a7e2c5-160f5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6EiWhM9Mn13SpVJVrw8YLzOLcLnrkyL32jFcAft9SsHis2awTx93rsq0bofycXsk5msWKgiLJxlB1xNc1uTNYcxhTdhDOJcfSoSLHGMhDmJ11HTClm6gvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 8644a1f7a82b40aa-SIN

GET
H2 200 NunitoSans-Regular.ttf
surl.li/fonts/ 136 KB
136 KB 37ms
36ms Font
application/octet-stream 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/NunitoSans-Regular.ttf?a427ddbe4dc20889d6e0ac752dce4bea

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7acb3e456d98d55be401bb07a32c9cb04e074de37bd58932b11bcf0fe9f59ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4277
content-length: 139168
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: "65dcc346-21fa0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDk5HdAK%2Fd0dRS5n7aZNGLzwy4C2Jpp2K%2FCgzeqg3cqCrNBgChA5d2Q1SunQCedQS2eLkJO3l4qoV7bBD858Wp6f1rs1ZapDUX7hHz8Ya1fy9Fl8N0Yxi2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8644a1f7c85040aa-SIN

GET
H2 200 Roboto-Regular.ttf
surl.li/fonts/roboto/ 127 KB
127 KB 59ms
57ms Font
application/octet-stream 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/roboto/Roboto-Regular.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4277
content-length: 129584
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: "65dcc346-1fa30"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJG9pyaPLGKIfbJ52kqFHsXztypeqnKSrl8KvVyjMrZ5Mu%2BaJjMRUY7GnubiNu2v0QSEeRzoBjbO%2FVlZldHO70n%2Fpr7kIiY4YoTYlrz2ZZKzydVSyvGp68E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8644a1f7c85240aa-SIN

GET
H2 200 Rubik-Medium.ttf
surl.li/fonts/rubik/ 113 KB
114 KB 76ms
74ms Font
application/octet-stream 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/fonts/rubik/Rubik-Medium.ttf

Requested by

Host: surl.li
URL: https://surl.li/css/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://surl.li/css/app.css
Origin: https://surl.li
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4275
content-length: 116056
last-modified: Mon, 26 Feb 2024 16:58:46 GMT
server: cloudflare
etag: "65dcc346-1c558"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmlmYBwNlLXIo2%2FP2fNl7Q86Yi5BwCNw5TwGrJLb%2FttmUqOG9InUjmhHne2ByAlBC2f5B1KZKZF2bZOjupx0nFOcSCPmfJMrx5iEXqkfdQrE6%2FZUpWDgoL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8644a1f7c85340aa-SIN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 1386ms
34ms Script
text/javascript 74.125.68.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Mar 2024 12:27:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3955
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Mar 2024 14:27:03 GMT

POST
H2 200 getPreview Show response
surl.li/ 100 B
1 KB 638ms
637ms XHR
application/json 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getPreview

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

14a1fbb8d1f3f20bf9b25fbd9f7f28be3c8d460a42f9614f4e0d8aa770315ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/qywuk
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: ekp8wdE85ev6bzdT2uDdzao0Jy1OtjJt6Ls2xxWu
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Mar 2024 13:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/8.2.15
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BtVn%2BUdyRjqIK%2BmDeaFOo0YF5o1Si56YqdPlr8hjZ03GNUVBdWgveys5GD%2F9dtLZbQAjTz3C8w8zj0AdatN%2FGpZkmrMzpgNngCGi0%2B8JCDfuaNUut%2B%2BKOuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 8644a1f8490440aa-SIN

POST
H2 200 getMetaInfo Show response
surl.li/ 22 B
1 KB 2586ms
2586ms XHR
application/json 104.26.5.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://surl.li/getMetaInfo

Requested by

Host: surl.li
URL: https://surl.li/js/preview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.19 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.15

Resource Hash

e30046945347abe51f6765fe7ad3aea9af756c51c70cc12eb0548c9f53696c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://surl.li/qywuk
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: ekp8wdE85ev6bzdT2uDdzao0Jy1OtjJt6Ls2xxWu
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 14 Mar 2024 13:32:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
x-powered-by: PHP/8.2.15
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8P01I3gzG5ToDdOrUuePxpxtvSg5sp5OHwRCwN2O4%2BQ%2FhaA4ojmS4osP05dFR7xlVf3r7GilkkUHaOt%2Bqtd523u67dm8Movlwdc4FOurdUe8Ute6fjUmvWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
cf-ray: 8644a1f8994c40aa-SIN

GET
H2 200 d3eaa1f5-9b34-46e9-8e5f-5e43378b5163.png
web-screen.com/storage/screenshots/2024/03/ 74 KB
74 KB 356ms
27ms Image
image/png 172.67.192.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web-screen.com/storage/screenshots/2024/03/d3eaa1f5-9b34-46e9-8e5f-5e43378b5163.png

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.192.234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa49a3d785fd3010ee8db1ccc1668f3e85f9d02d7af81cf3721b179aaff26fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 88
alt-svc: h3=":443"; ma=86400
content-length: 75690
last-modified: Mon, 11 Mar 2024 09:45:21 GMT
server: cloudflare
etag: "65eed2b1-127aa"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvHt2kK7hLEgr4fSxzjEl8X34V91hMjpgjGXjtBdjrI8rmTA9YcSfcarDYLH2AWzlk41aEsOjs5VMOuQGHWvfYQ7LPeMtGFNf%2F2vfiMQEsz%2BNliLO6sG2D2RjYe2zc%2FVVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8644a1fe5bd74118-SIN

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 405 KB
138 KB 43ms
43ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

e93c4f5313625a55b19278f7e50679bda986099c11319ec99030d697474fb296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140968
x-xss-protection: 0
server: cafe
etag: 10731477164207847035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 13:32:58 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240312/r20190131/ Frame 5B91 9 KB
4 KB 407ms
30ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240312/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 40780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 02:13:18 GMT
etag: 5035419970550746386
expires: Thu, 28 Mar 2024 02:13:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 11ms
10ms Script
text/javascript 74.125.68.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f138.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:17:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 949
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Mar 2024 14:17:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 88B5 450 KB
75 KB 941ms
647ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&adk=1812271804&adf=3025194257&lmt=1710423178&plaf=2%3A2&plat=8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fsurl.li%2Fqywuk&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178301&bpp=21&bdt=1424&idt=97&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7228561977332&frm=20&pv=2&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=118

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

08b17309573914f3840ee7930928df7758def2a992f55aaee830a53a7882bf3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 76688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:32:59 GMT
expires: Thu, 14 Mar 2024 13:32:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A37 130 KB
44 KB 863ms
579ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1710423178&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178322&bpp=2&bdt=1446&idt=105&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=108

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

db4bde54cdbec1a99bfbdfc0d12d8599cba8f30339a2514d474bad23a320a7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44527
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:32:59 GMT
expires: Thu, 14 Mar 2024 13:32:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
215 B 66ms
66ms XHR
text/plain 74.125.68.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1352280437&t=pageview&_s=1&dl=https%3A%2F%2Fsurl.li%2Fqywuk&ul=en-us&de=UTF-8&dt=Surli%20redirect%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhAAAAACAAI~&jid=1047649858&gjid=1204180583&cid=1800178077.1710423178&tid=UA-18721904-9&_gid=19702153.1710423178&_slc=1&z=396415559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:32:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
340 B 369ms
9ms XHR
text/plain 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-18721904-9&cid=1800178077.1710423178&jid=1047649858&gjid=1204180583&_gid=19702153.1710423178&_u=KGBAgEIhAAAAAGAAI~&z=1655665717

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Mar 2024 13:32:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 236 KB
85 KB 462ms
20ms Script
application/javascript 64.233.170.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4410a16b38295c24e7084172aa346f25ffc4d20cc2a0083a8e9a52ef65fb0f2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86372
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 13:32:58 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
47 B 12ms
11ms Ping
text/plain 74.125.68.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BVLF49G8NB&gtm=45je43b0v9124767006za200&_p=1710423178520&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1800178077.1710423178&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsurl.li%2Fqywuk&dt=Surli%20redirect%20page&sid=1710423179&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVLF49G8NB&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:32:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://surl.li
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6e6bd83b1ab90baf29df14fe71898cfa.js Show response
www.gstatic.com/mysidia/ Frame 1A37 9 KB
4 KB 349ms
14ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6e6bd83b1ab90baf29df14fe71898cfa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1710423178&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178322&bpp=2&bdt=1446&idt=105&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 06:53:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 06:53:10 GMT

GET
H2 200 d58f9ae6dab7fd31fc6f5125435dd154.js Show response
www.gstatic.com/mysidia/ Frame 1A37 10 KB
4 KB 350ms
15ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d58f9ae6dab7fd31fc6f5125435dd154.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4472
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 08:25:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A37 14 KB
2 KB 343ms
13ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 13:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 13:23:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 13:32:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame 1A37 2 KB
903 B 16ms
14ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 08:25:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/ Frame 1A37 23 KB
9 KB 17ms
16ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame 1A37 3 KB
1 KB 16ms
15ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 09:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame 1A37 20 KB
8 KB 349ms
11ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:14 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1A37 208 KB
63 KB 9ms
9ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:21:13 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 1A37 36 KB
15 KB 11ms
10ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 04:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:13:09 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ 166 KB
56 KB 28ms
28ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

53a50003a1a126ee7a58be33f2f1e0bbe3738c65f7acf37d815e6d3732b39860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57256
x-xss-protection: 0
server: cafe
etag: 227118696004997826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 13:32:59 GMT

GET
H2 200 ca-pub-5213407188406790 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 367ms
36ms Script
application/javascript 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5213407188406790?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

7adaca2df0768c50503d611103e7ca05a7d021f53bda69b2dee89a0a13c9410d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GicUDBKXt_D21mK0VKGQ8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-GicUDBKXt_D21mK0VKGQ8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPR_fP0-vZBE4s3viOCQD7by6T"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FA3 143 B
228 B 11ms
10ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5213407188406790&output=html&h=280&adk=1430589424&adf=1715028348&pi=t.aa~a.4189116640~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1710423178&rafmt=1&to=qs&pwprc=9566348750&format=1110x280&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423178322&bpp=2&bdt=1446&idt=105&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=145&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=108
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 12:52:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1A37 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f9d5f29005b76fbfa6a56082395c97c234b2a511bbbc4de4f72b974d024b35e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1A37 33 KB
34 KB 354ms
17ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:52:05 GMT
x-content-type-options: nosniff
age: 254455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 14:52:05 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6FA3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
147 B

10ms
10ms

Document
text/html

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:32:59 GMT
expires: Thu, 14 Mar 2024 13:32:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:32:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5218 436 B
510 B 444ms
444ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.2771321384~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1710423179&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423179479&bpp=1&bdt=2602&idt=-M&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db04fc3f537156a61%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYQqHh5cbckAy3OsFtbe_1hkpCqgw&gpic=UID%3D00000d379099bfaa%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYLBzOkEF2-s-BIThoM5O9ndshO8w&eo_id_str=ID%3Dbefa5e4c2fd6591b%3AT%3D1710423178%3ART%3D1710423178%3AS%3DAA-Afjaf365lC__dY7O2_yvkIMAg&prev_fmts=0x0%2C1110x280&nras=3&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1601&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&psts=AOrYGsnHhGRl6EWVOMQOKuFKZs-4bmYh2Q_PI4LJt4lwXFXd7Qt7EZtVg-42rrCqs5i3bXlaS-Oa6HH_SRWqU0bDt5900A&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=339

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

758a10e9c40e082f542dd834e0aec2e3252bdb9f3858ca1552600ab164f7527a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
expires: Thu, 14 Mar 2024 13:33:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF91 436 B
510 B 439ms
439ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-5213407188406790&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1710423179&rafmt=1&to=qs&pwprc=9566348750&format=1200x90&url=https%3A%2F%2Fsurl.li%2Fqywuk&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710423179479&bpp=1&bdt=2602&idt=-M&shv=r20240312&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db04fc3f537156a61%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYQqHh5cbckAy3OsFtbe_1hkpCqgw&gpic=UID%3D00000d379099bfaa%3AT%3D1710423178%3ART%3D1710423178%3AS%3DALNI_MYLBzOkEF2-s-BIThoM5O9ndshO8w&eo_id_str=ID%3Dbefa5e4c2fd6591b%3AT%3D1710423178%3ART%3D1710423178%3AS%3DAA-Afjaf365lC__dY7O2_yvkIMAg&prev_fmts=0x0%2C1110x280%2C1200x90&nras=4&correlator=7228561977332&frm=20&pv=1&ga_vid=1800178077.1710423178&ga_sid=1710423178&ga_hid=1352280437&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1948&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95322329%2C31080991%2C95325784%2C95326913&oid=2&psts=AOrYGsnHhGRl6EWVOMQOKuFKZs-4bmYh2Q_PI4LJt4lwXFXd7Qt7EZtVg-42rrCqs5i3bXlaS-Oa6HH_SRWqU0bDt5900A&pvsid=111206536618697&tmod=2087062836&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=345

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

1277804ad0a78865294a81b64a1c27919e940c7bb6d2911dbc455fa8e5d2fa51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
expires: Thu, 14 Mar 2024 13:33:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/ Frame F77C 9 KB
4 KB 10ms
9ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 40729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 02:14:10 GMT
etag: 5035419970550746386
expires: Thu, 28 Mar 2024 02:14:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/ Frame F4D0 9 KB
4 KB 32ms
31ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 40729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 02:14:10 GMT
etag: 5035419970550746386
expires: Thu, 28 Mar 2024 02:14:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/ Frame B247 9 KB
4 KB 30ms
29ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 40729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 02:14:10 GMT
etag: 5035419970550746386
expires: Thu, 28 Mar 2024 02:14:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUGFqNzSDIU6-RW4Z9_BY3w7Bhk3pUo65-XhRcFK-HidRIzavCwM1kuz6r9AONN7ARQjWnfRdZJDNwhmeXhrFhPWZa44Oed1KFBP_31oEzuVdzRRSwnkxI9DRO4PWbBcH9CWfcuSg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 44ms
43ms Script
application/javascript 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUGFqNzSDIU6-RW4Z9_BY3w7Bhk3pUo65-XhRcFK-HidRIzavCwM1kuz6r9AONN7ARQjWnfRdZJDNwhmeXhrFhPWZa44Oed1KFBP_31oEzuVdzRRSwnkxI9DRO4PWbBcH9CWfcuSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNDIzMTc5LDg2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zdXJsLmxpL3F5d3VrIixudWxsLFtbOCwiVjlnRXNobnZWYUUiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.V9gEshnvVaE.es5.O/am=wA/d=1/rs=AJlcJMx6alf6fpzZv0ZTQsmvDIRmi6HTBA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

5e441dbeaa5501113d4392f49eb3507da630cfc9f43125b4a0a22babfd5a92cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QTG5QksRMGonQ99-rT5JFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:32:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-QTG5QksRMGonQ99-rT5JFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPR_fP0-vZBB5cPbmUGQD8Zi6t"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/ Frame F77C 23 KB
9 KB 12ms
10ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F77C 9 KB
846 B 17ms
15ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 13:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 11:33:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 13:32:59 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame F77C 15 KB
3 KB 385ms
14ms Stylesheet
text/css 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 07:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 10:39:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 07:05:41 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame F77C 375 KB
130 KB 385ms
15ms Script
text/javascript 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

sffe /

Resource Hash

ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132877
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 10:39:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 08:21:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame F77C 20 KB
8 KB 11ms
11ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F4D0 14 KB
1 KB 16ms
16ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 13:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 13:22:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 13:32:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame F4D0 2 KB
856 B 10ms
10ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 08:25:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/ Frame F4D0 23 KB
9 KB 10ms
10ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:15 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED43 143 B
200 B 16ms
15ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 12:52:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame F4D0 3 KB
1 KB 16ms
14ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 09:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame F4D0 20 KB
8 KB 10ms
9ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:14 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F4D0 208 KB
63 KB 15ms
14ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:21:13 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame F4D0 36 KB
15 KB 21ms
21ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 04:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:13:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B247 14 KB
1 KB 28ms
27ms Stylesheet
text/css 64.233.170.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f95.1e100.net

Software

ESF /

Resource Hash

f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 13:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 12:44:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 13:32:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame B247 2 KB
856 B 19ms
18ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 08:25:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/ Frame B247 23 KB
9 KB 32ms
32ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:15 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2B8 143 B
200 B 32ms
29ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 12:52:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame B247 3 KB
1 KB 32ms
28ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 09:10:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 09:10:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/ Frame B247 20 KB
8 KB 30ms
27ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240312/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35385
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Mar 2024 03:43:14 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B247 208 KB
63 KB 32ms
30ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64315
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:21:13 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame B247 36 KB
15 KB 34ms
32ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 04:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 04:13:09 GMT

GET
H2 200 AGSKWxXem-QJNXklwErCXqDdhNMWRm3neqnjBDtpPE60moXGxmEeEd0JOIVudriSiGbE6LBq8PqbnRnlOag_y6CANf2yTHTNgNOgPyH9upAEsQKMAEafKgvDBUW6nw9F8cuH42j29ZhewQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 41ms
40ms Script
application/javascript 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXem-QJNXklwErCXqDdhNMWRm3neqnjBDtpPE60moXGxmEeEd0JOIVudriSiGbE6LBq8PqbnRnlOag_y6CANf2yTHTNgNOgPyH9upAEsQKMAEafKgvDBUW6nw9F8cuH42j29ZhewQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNDIzMTc5LDk3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc3VybC5saS9xeXd1ayIsbnVsbCxbWzgsIlY5Z0VzaG52VmFFIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

dae4144dd217c5f3a403412ded30d07991c8d2bb8ed70fce614d12d176295760

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Sduk4OBC7qJX2frehN1HUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Sduk4OBC7qJX2frehN1HUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRA3R8_P0-vZBB5cW8ACAMuALd4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED43
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
159 B

17ms
14ms

Document
text/html

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
expires: Thu, 14 Mar 2024 13:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E2B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

17ms
17ms

Document
text/html

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
expires: Thu, 14 Mar 2024 13:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3299 51 KB
20 KB 12ms
12ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 20:42:03 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1A37
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcmnXivzyZaOjLdK43LUPg56IsAzsxsaYdpePoNrrEdvZHhABIM_J3W9gvwWgAfirudMDyAEBqQJsupFLoDGpPqgDAcgDywSqBNQBT9A41s5ElYCzyZ5kdBVrSc5AMPmqMqT7_MkBinB7fnt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x347985d3d3231f040000000000000000%22,%222%22:%220xddbc702f72ae45d80000000000000000%22,%223%22:%220xab55d7...

0
0

82ms
55ms

Fetch
text/css

172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x347985d3d3231f040000000000000000%22,%222%22:%220xddbc702f72ae45d80000000000000000%22,%223%22:%220xab55d7dc9c7792330000000000000000%22,%224%22:%220xff90287f660e29e70000000000000000%22,%225%22:%220x97b9ef740d64c1b0000000000000000%22},%22debug_key%22:%22156100744026193910%22,%22debug_reporting%22:true,%22destination%22:%22https://phillipnova.com.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980309496%22],%2222%22:[%22true%22],%224%22:[%2203-14%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227489582229871268513%22}&andc=true

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x347985d3d3231f040000000000000000","2":"0xddbc702f72ae45d80000000000000000","3":"0xab55d7dc9c7792330000000000000000","4":"0xff90287f660e29e70000000000000000","5":"0x97b9ef740d64c1b0000000000000000"},"debug_key":"156100744026193910","debug_reporting":true,"destination":"https://phillipnova.com.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980309496"],"22":["true"],"4":["03-14"],"6":["true"]},"priority":"500","source_event_id":"7489582229871268513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Mar 2024 13:33:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x347985d3d3231f040000000000000000","2":"0xddbc702f72ae45d80000000000000000","3":"0xab55d7dc9c7792330000000000000000","4":"0xff90287f660e29e70000000000000000","5":"0x97b9ef740d64c1b0000000000000000"},"debug_key":"156100744026193910","debug_reporting":true,"destination":"https://phillipnova.com.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980309496"],"22":["true"],"4":["03-14"],"6":["true"]},"priority":"500","source_event_id":"7489582229871268513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C1C 51 KB
20 KB 21ms
21ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 20:42:03 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 121ms
51ms Preflight
text/html 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Mar 2024 13:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame E5F5 51 KB
20 KB 39ms
38ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: surl.li
URL: https://surl.li/qywuk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 20:42:03 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
234 B 967ms
221ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ltr9ssix&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F77C 9 KB
10 KB 11ms
11ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 08:31:33 GMT
x-content-type-options: nosniff
age: 277287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 08:31:33 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F77C 15 KB
15 KB 11ms
11ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 10:10:27 GMT
x-content-type-options: nosniff
age: 12153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 10:10:27 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F77C 0
121 B 72ms
72ms Image
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C3GhyivzyZfyyLaPK3LUPy6u5wA_xmKX2ddaUl4SyEufjor3AARABIM_J3W9gvwXIAQWoAwHIA5sEqgTtAU_QvpsYN-53GxaTgPwF-0BTdCShdwUKJXzgkQt0dDsQ12pV5AG8-CBKm4x3g0TB2eVFW5JAcP-FZJCMr79sWA5C5JPwwlnmH3gamWL481H64M0y6Q9mY01l-Bo14Kr9KVT6DUn3G1Q-JCQycyUXJQYBpOfQYEEhbiHhZp3EoKOQWR4AQSsh7TeO93HqRmbjZUYPZQAMAnB83Uk7a_XqQl9QpdjW-MTK8LMTpYck3d1c37iZMlqUloX12gD4QNz6AAQ3B9Regz-ZnV1r7mHjqfURg71LAkXZOx8aXCh4ajTJpo5NqanFD0ZAh9NcUcAE0Lqm79EE4AQDiAWlseCsTpAGAaAGdoAHw9X6oQOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WNT07-_u84QDgAoByAsB4AsBgAwBqg0CU0ewE-iJ5xbIE9XbsOQD0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcFshgJEgLBXBh2IgEA&eventType=clickstring&clientTime=1710423180407&ai=C3GhyivzyZfyyLaPK3LUPy6u5wA_xmKX2ddaUl4SyEufjor3AARABIM_J3W9gvwXIAQWoAwHIA5sEqgTtAU_QvpsYN-53GxaTgPwF-0BTdCShdwUKJXzgkQt0dDsQ12pV5AG8-CBKm4x3g0TB2eVFW5JAcP-FZJCMr79sWA5C5JPwwlnmH3gamWL481H64M0y6Q9mY01l-Bo14Kr9KVT6DUn3G1Q-JCQycyUXJQYBpOfQYEEhbiHhZp3EoKOQWR4AQSsh7TeO93HqRmbjZUYPZQAMAnB83Uk7a_XqQl9QpdjW-MTK8LMTpYck3d1c37iZMlqUloX12gD4QNz6AAQ3B9Regz-ZnV1r7mHjqfURg71LAkXZOx8aXCh4ajTJpo5NqanFD0ZAh9NcUcAE0Lqm79EE4AQDiAWlseCsTpAGAaAGdoAHw9X6oQOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WNT07-_u84QDgAoByAsB4AsBgAwBqg0CU0ewE-iJ5xbIE9XbsOQD0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcFshgJEgLBXBh2IgEA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
45 B 1164ms
434ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ltr9ssjc&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1jk&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame F77C 38 KB
19 KB 96ms
89ms XHR
text/xml 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DRxigfw8ZeN96LYMDeBttiUxtxnEg5QZfYMApgFWgGiQxvwJyzea8bq4VsUpD4kqMBxznd-DHuKEyIREAr8ojTNCknJQ&cry=1&dbm_d=AKAmf-AJI8ayCWzKW8noc10eyf4uMk1og8iniaQsKLSv_ZwA1AEpK5Cw_PdfcXRf7yFA1MGFgaN5izHmWx05q-LxBV-75xQaDYj4IQUSHVKyyYvdyfVqdky86FR5AxElsWihS8pkA9J49-Vv3yvZfjV6626VVNV1ij2oE-p_BXzNRcwqfBWySsw2uzsz4hMLC_nxDGX-6KLhwVq2ScAZI5d__oFkRw8-YeeIPNGGHqBEBD77LnNNV-dWJRFCviOZrHsv4rQsgZacScOZVgruklpNJ18IE_kP8XqWmQzHDvZFGL6gsvTNhOr2V65lIUcc8klWUpwv1fifTRLApC0UEE70i4BbTfE52SrixS03OiLQeiY5DKPaCqhlOOYszB3tPynzsmeMYeMjMejG2hKb5PsDzsIRWMz3fhm_1G2WJLTEimCCX1A8jLv_Gme8hP12FaQ_d9ruRwk5MZ9LzWUCXazp5iAHlPkNFPrYKFi6MpvwDG_CfTyIALZwzs17DCN8gfLGX7q6uEb7lwvS26fMNP6QP7iKK1vbtp_aKe2_3JeCnSV6Qp0T9D3zFq5RvkRhkcmdeeWPLjKRVsQs3JL7ubnvJXYW9NwreU3P2_ubfA_5c8iNDgjCYDrIz9UNapZGNkFvgtj_rrz1UxY-fOrCkd6O7x9cwgFOvQ6BUPlA5W2O2CYe-Ump0KHLwxTSacegsUziMfdMUx0N7sKY1EnTd6Dth5wXk3vA2tzMC0hOFrIKWpycED6T5BujtCip4L4OTYH45vAvfU3zw82eqgJiLXEKSuSIlSp27sRjwTFU-UqwN54g8x18dGoXvQDn7mvQTAdN54hGB1xpLIRL1negjCTX-WW1_YGV4UIMHMjyDpYrASRTpxr9FIyOUIT_Trcl9O4amUHfSmHCrZSUlA9aue2qPNkGMWKJle5itFPyyGsANC0vDezZUQi8VAlpuMBy2eWXkFkEYxZeZOfLuStIITsC6Q8mVxdInKguaj5feLr8ug8L2Z6QakznXnJzpEObXc2G0ybxhHsUw4TcmgPtBoMof5usWIzx90UuZjHZ8mgCfCYg8u5ewmTA9mANwErOGUkzC4KgPLRHYUwEz9PuCs-0hBd4A5Tf1-3ElA0Vi-NotAuXem3Y2-u75hM2bYdQT4fzI82oCfbA7Rk3DYrsWEOnho2jO1gQZ89jlNSwaF2gFBGGawcUu7GeQaTzMsjxwQ2X_RBPEvekP_xcnFAhXjdUmHTaeroB3vayuCNzLO4hV0U2XW9NeX1YhOnjF7wcC9bwzGlGWPExlkSwagFeisVaU3TNXx8N-zy19Pr4lS1SvQipdi9zQs7kEjuyE-NbMjiEe_E42Dy8uKfuI6vH-ja68KH4dmaokJYZiOv9yCyMggcQsRwVws07CTdLSXeaHkSDiH4xTtK7cdxWpDgSsT2z73gvpsDgALBCmTlukhSnoHk7JBrMq7F7-VRtcIyA5NVmPomypzxL8aak5QRBnqYRdO__mO4fk2aRrxoc4t-smCTStf6FiZsLCwxlA_RvK9C0C28f8qyuybndwIuD1NdSCHDi4YR2JkZS4wygkuQ1pgE5orGm-UlUGnMwgN09SWCNrxX8Via20yCSA-GYwHD3yVGm1JtrTqXlqrsl4wgZbWPxZ3RBND72Lys0PYwU9Fm-8_Jy5w7zjw6vyjsv5fI2AnSQDlnJB3MltEdU7p23DOB-C8MLqOXmAQlG3EaTzHNFm8CQTACISksBR6Wu3QOtbdW97KExogzHq8nxSL12mhA-uluOAc0_Zj2e9GpCVEgBil9nDPDuMYH5cAQONt3TAqnTfRQLN3Re12ZRuoS42wd8m2kPO4IioWTlTsMProVV2-aO9WBWPZxTbDZ8QP_aYeJwfOyVZtCgOsAC0WL9mLARhhWIEZ0mWxZ5OiJLOYhCV5D7IL2rduNyKuXmUHVqjCjNhzNlhuEx0mL1XYW_YkIW8Z1NR0Gtlr3Ej2DnvpmaI3Yo7ARq0H4vZ93Ng6BAcL-lqESTkOUiDWL0cHn_OoA2DzGz2Zcc7JpnU7gcSle41ij90mWRJowjdmbi0Zvo7zopPrLto6jOzG022xSzmkJ8b5_cVDFeHiAnxF0xxoN-ynCbTJ1n4C-gQN9eVdjJy2RW15wCNsUbxYLVsBGczBGr0BILk1J_LjXA7fTmKC3Q1juXYsZ-ed-UzArZT57ELJ8HscnxnPagUgTI5WXxo1GyI50xtcEvJCCKSonRZ2fgOv_ILD-rQBLH5_JnQNEfEc9QJuzxvZAv8YZEiI5cWJ3mNZvBTaTTZ9nMct0A61MY2soExTHCo8L2kJkuaa-skODyIU4BHwUnm78IfU7EEpX0hEXKcLRxcRBDIx87cDwRF9KTiuprFHx4vB2FoeispHbqyWIVuQaIK56hNcvxB5oEnpXIrgoAjBnVT2WCHPD-r0Dwj9wR_OoeiRWYJUQT_PrHoMMab6SUlTnXK0A9oOY_3ovtqmgwEryFYJrfqUVCClrJ_AKfsWNcp2AWvLfysbXQdBnn1si6sTaZX9OzP2xGXkzGY38hPHdb2wh1B7yMcoo4gWmVR8vji8VgSinDMi27KIdWlbvQ2eTzeH2sDSObgdA6f4INvyoRxO3aNSNBWkZutmlH4SCBjM2vDdVxbADcVw9IkxObwmxDT2s-b4kIxw49GjpFqcWcdBEs7AA-nKqlhTxpw94_Cljb_H75j62sDbI3322s91VoUfn7dkVURJStOI9E3eG5geL7b3yXP-FHvUPek50itaiu1e-MvDZ7QrXZuotYniYh96MQXGcmyJvNEVvePEPw60jrfWUkfMBqLXLQCb_3CKWoStV83K1qYIjXa6L06whDYvLBfZEInpy-8UibYEUutb39PclspeqcF-Jrk6mxpd6vX9_p2AeJABT0Y5PFn8ciKgqeR2tHVieU_DSpIHu628ZRPQH_GFHnGWUGkE4le_BWZAUBKtWTHxjKfmS8VuVJ7Rcs4PdPblffQxiVSiwKZWFoJw1FNjMUotllc8EAne5FAHzNoqoDT6nFLeVt0DF4ZYqN9hdzzqIHhqlrDYTCWXAfYiREXwIAIwyh73FO26tJfQs9t-qz14fJJUiECnDf5PA5IuO3osjkpd9F6K-G0onn1LRpV5dJKjMaT82wAVZMZ1ITWPa4Xqv1jE_NHk9t8eK-5M1ZcFBwT_QFs_ylfXf8rYOYq341RA_GK3lv3XNVvG6FJTMfH7F_A1TnqjiNSF4f8emo1TZOlC8K_JMLH5AOVymaQ6iMBqn0t6ZF0q5UdrmnSkTWFoQBfo0m8d-zOEk08p-f_YKGkmEX5a8WRTDlyg3sYcIuu0BNDuFHmgVpDBe9STpy03N6HUlYueXk3SB2eAw_-yeSiN4PDa6dAwJvqz5ap5-5iEHG7cKX3iGTzAHWVJRpNh9ozUvGSdnexppArbhknkGBS0r_EZs6Q_20oL9sbtYkTc6QaLsk3W4dtHBmsc3SBM08-62A-Gu1MvP4ItehYv43gYqEdZcZcUmQkgUenmN5zVPpfHnAVdiUNTDMYMAeay03czt-rUKiRm3VYLwvsQxBMPfQb0zf4tWrUCbvYmgXEO2y4WG12nM_TKRKscxPDP6vhJWnNBRntsSr1MOXZooK7doJrYujbCihezlZvWtZc9nv9K_bZk2c0VfuYbJFKzh-JqZEsvrarWRobcxDOnS7NNETLBF8BtSNVauGZq9bn31dtCrrqfv7eU37btLhzO3-DfE1u68KIm2cMtrXhXYLmAuCnjM3TGEkdFaUbJSQmeB6FMuiRmUDt481nk0HjSuI94bqywRYCeMRqbbj27IVLQbeuSa1IgiFooOEoxX4Ycr1ya5ZHWXX8gsosrrO6WpyZq4NL37mS0fojq_9kVCL23BaYapAkUWFCt3-07daQL0Mt0SulATPpJTOGpMH2CL7Swol7LxCE3ejazVfo4qDWyD_pLpgCviG1xOPVT03eIDBeNFvIDZP9ytwrpCaoJS1yD5fj8Vs9RhNqhedlFxhF95qDQG8rWU73UjG-g1dq-SEQ4xfdZdWb7iiY36iAVoKPr5qFtvF8nEwFUbda9xZeWyCXjlvgKXvWRAMYkeTiVB6z4UBnaUYf1dOV_rkUHta3_NH1o-QJ0KDcEmuZivvkFsrmMiAQR8xPN4fiXgvzkkkS3IOwZAH__1DymMonzVMeh4Ha64EGZ_Ci-oonO4ZOdfmfksoW0D6tZ0y4E-UfrzNkPbHyjR-50Zy0kRbTWt-ymD1w19Vt9QquVy_b3Y43N1p86E5vQGY4xZ2Fb1NzmQzLT8_Kp0NB67-QyG2VYhPVg&cid=CAQSTgB7FLtq_GkadKlI_VKeDHe1f5lZlTat7j2lyAa-QY9csC6JKLFfSPZcAOviVK949YIQbWGtqijGed6DXcje0ex09JykGphmaNsoKBVWkhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

b9f35a9a3cc297a189c37db337f9c360256bba2ec2e55756e53af03b5a391302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19217
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F77C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d9b3f0a1503cbfd71d982f8b73af88d15941981341c45da4c931b9445ae5dd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F77C 0
0 56ms
56ms Fetch
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4_gtivzyZfyyLaPK3LUPy6u5wA_xmKX2ddaUl4SyEufjor3AARABIM_J3W9gvwXIAQWoAwGqBOoBT9C-mxg37ncbFpOA_AX7QFN0JKF3BQolfOCRC3R0OxDXalXkAbz4IEqbjHeDRMHZ5UVbkkBw_4VkkIyvv2xYDkLkk_DCWeYfeBqZYvjzUfrgzTLpD2ZjTWX4GjXgqv0pVPoNSfcbVD4kJDJzJRclBgGk59BgQSFuIeFmncSgo5BZHgBBKyHtN473cepGZuNlRg9lAAwCcHzdSTtr9epCX1Cl2Nb4xMrws0ukbSDVr9LtKiryipt7Vbkv1vGMCqLi9W_lDXWlNUmUdHNNpwrxF8J4kmUatzb1Ftao01dGLHhTRkJEjGSusnICwATQuqbv0QTgBAOIBaWx4KxOkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfD1fqhA6gH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcKELfOHRiAp5iIAtIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljU9O_v7vOEA4AKAcgLAbAT6InnFsgT1duw5APQEwDYEwqIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItNTIxMzQwNzE4ODQwNjc5MBgA6BcFshgJEgLBXBh2IgEA&sigh=6edaNI2yLGU&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq_GkadKlI_VKeDHe1f5lZlTat7j2lyAa-QY9csC6JKLFfSPZcAOviVK949YIQbWGtqijGed6DXcje0ex09JykGphmaNsoKBVWkhgB&vt=10&cbvp=2&vis=1&nis=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
Attribution-Reporting-Eligible: event-source
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 659ms
27ms XHR
application/json 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240312&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

37294ab44edbbc2da4d18c3a5eafe7c07c6b66817fc06a7d588c0982e1be1034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12332
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
54 B 844ms
221ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ltr9ssjs&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame F77C 41 KB
15 KB 11ms
10ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Mar 2025 03:12:10 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,i... Frame F77C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/ip,ipbits,expire,id,itag,sou...
https://r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,exp...

0
0

356ms
15ms

Fetch
video/mp4

74.125.101.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/47E54D5035CB72DCCB96C62966A05EBEFD2C0B03.469BB8271CEFC684A3A2A99937ACA9E06D4C2AB4/key/cms1/cms_redirect/yes/mh/V0/mip/103.224.116.133/mm/42/mn/sn-npoe7ney/ms/onc/mt/1710422703/mv/m/mvi/1/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.101.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin10s19-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 13:33:01 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3802396
Last-Modified: Fri, 16 Feb 2024 13:47:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 14 Mar 2024 13:33:01 GMT

Redirect headers

date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 669
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/47E54D5035CB72DCCB96C62966A05EBEFD2C0B03.469BB8271CEFC684A3A2A99937ACA9E06D4C2AB4/key/cms1/cms_redirect/yes/mh/V0/mip/103.224.116.133/mm/42/mn/sn-npoe7ney/ms/onc/mt/1710422703/mv/m/mvi/1/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame F77C 453 B
590 B 11ms
10ms Image
image/png 142.251.175.95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-5213407188406790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.95 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f95.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:20:51 GMT
x-content-type-options: nosniff
age: 729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:10:51 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
54 B 828ms
222ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ltr9ssmr&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1591&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1mq~atrd.1n1~videopreviewvisible.1n4&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3CB1 23 KB
8 KB 12ms
11ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 25877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 06:21:43 GMT
expires: Fri, 14 Mar 2025 06:21:43 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CB1 51 KB
20 KB 9ms
9ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XdwUeZDdhrHObxdF2PyJ1Nts2up4nGuVc7o-G_aJoG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20251
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 20:42:03 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CB1 0
56 B 54ms
53ms Image
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BB09CjPzyZaf_Hf3B3LUP5JmKKAAAAAA4AeAEAg&bg=!MDOlM3zNAAb_2pXa39o7ADQBe5WfOLulI-vpvAWj7atO7WyA61L1SdtEHe244iHPT3UeHw1yJuyksj6H9SgwqGUdcswXAgAAAF9SAAAABGgBBwoASqr040l5ZgI4wxFFVcsQF6bezJymWGKUK3oS65k6mGS-tz3D-DVBfX9KykVYI_n8d84EKkOmxBFRg5qBfi4NXatgFq_5BckuoNZxmQLey6cjrZglERZ_XRMU56MyxI3rh8hWMZUaqrfZMK-8cXwjodyWQgatZ5DakY9OKB8aqYV5vNRlSxkxuTOpF-CJoKv89ihSQte8nv30Op0dgiAj1_3kCHFv8WX4ktfYhllsGyLBv7Bnh66vVCkXFCY08_epLQDZOk6vHIrT-hHblxNm6ujD_oKBXC5HNT53mwd8ciOvkawKRfTx69ZG_OWtVoRgHKx7Dz52UB955PuNq9boc_wReP3ur_39TMxqebGdX8x91er78PcscSTpZJD3NXJLdrnkrXRsgSColDu_may2ANkSeHIHWsDHPdaBj2kv0K1gSzwpZLTXBjBFCxXGNKEjR4uBJyz-fTLVvK_yFwI-0SKqTTE1-iU67V93HLSiNDakki-cdAu6HBkbVZBrlrt3JG1dZ-x3MUrbjHKetDXqoM0tPyCjvhmdwazLshHlEVoJtb__-WzKrocXQoeh6w2ugJNr9Nmu_e9xvYeW4FC9P2ryEs1YjBeFIG00Rvyg5t2N4U3uxw_2Z6xCnIZDFVL_cvvOQf6YUvKMuegDkEpVUM4Lwyg52SWQbiBTQvxdZ8XAxNpWKiHQ41avmEVIprGSJGKeE6kc5GQlGop9wAhOMzjBslro_I4esssBdc-i-KEag7FoWMA2EjLvjvWY6BKGsm-rm6ejr3BCZT-y-vnXihTc2WJbc5e7nO41uNWIbDUE4C1brchMpC4Ns4A6WSYSIgxej15-P3QW-hvbajYvH5KhlhBjsURlu3aXbINnIt6ZNLJphGpKoStb5ezvGoh2Qwa8XbD0_nUDa2e60Vv_k2M_dW0eL0PCIrsCDYxb9tZgi0DZ89L8E6BQJO7qpPP6WOGehp_8NoTl41YbXknH_bVTdrE9ElFkbJq-jmE4t0B7rPihRGjLg8qOgBm1kZz6-vv12uyRSOO5mNMmz116Au0NldmEEVY6D6v7fK9Hw95ulkPZ1mqcv02UYsQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adfactory-_728x90a_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVH5ZdmXODef0gFeXdLYMapMRrwDYa8XZdN-FRgtxfIxRoYYpbV0Ok8JAYBb0X2ICGs038DLQ24hfOV24BhRPihsTF_urxxhTyY29pk0Bb7a47q2J1hEvjMwonuVqGgTu7ZvapY5-Wx2rqCcNI8vMUkjJE9G... 54 B
475 B 24ms
24ms Script
application/javascript 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVH5ZdmXODef0gFeXdLYMapMRrwDYa8XZdN-FRgtxfIxRoYYpbV0Ok8JAYBb0X2ICGs038DLQ24hfOV24BhRPihsTF_urxxhTyY29pk0Bb7a47q2J1hEvjMwonuVqGgTu7ZvapY5-Wx2rqCcNI8vMUkjJE9GEGgR4TlZ8dVTkkxqhfn0gl6ti9iGuCl/_/cornersmall.swf/vnads./adfactory-_728x90a_?adunitname=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.V9gEshnvVaE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyjU9lUlfz0vz2YbYc6XwO1YIdL4Q/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

a5599a0a90dab12673a1ff19271066e18ce27b8e3b0b2bb69bc9f73ca7f48b53

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ovFGxano3URt4F3HRlqNiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ovFGxano3URt4F3HRlqNiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw15BiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4h3-Hiw8K2bzqoCxIbrp7NGAnHM8-msKUDslD6DNQSIfepnsMYB8ckF51kvArEQD0fPz9Pr2QRm3Nz8nQkANIMzrQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 14ms
13ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

41184d45ee0190e745df94776022442ab923bc979486aee54db3aef923747b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24270
x-xss-protection: 0
server: cafe
etag: 1848696431517659579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Mar 2024 14:01:44 GMT

POST
H2 204 AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 648ms
19ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j8wtqICwdejNs7ce3r7mKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-j8wtqICwdejNs7ce3r7mKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEPuw_cJwRAPv1Dj0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA== Show response
fundingchoicesmessages.google.com/el/ 0
298 B 672ms
68ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cPQbNhiHxENX9Hy9-N2jGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cPQbNhiHxENX9Hy9-N2jGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw0pBiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEGvYtPc0IAPgiDaw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA== Show response
fundingchoicesmessages.google.com/el/ 0
290 B 624ms
23ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tsCjWXKWMxmLZ9NSMmUHMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-tsCjWXKWMxmLZ9NSMmUHMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw05BiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEHkxac4oRAPjNDeI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://surl.li
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA== Show response
fundingchoicesmessages.google.com/el/ 0
299 B 626ms
26ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GrvmDMkBsY-xZFBtnJh9lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GrvmDMkBsY-xZFBtnJh9lw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0ZBiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEPjxbfpoRAPoUDkA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW1j_pYmbh-10PhyvP37WsugQgbwW54009hk-NN4TddLNXLr3gaxkJM3NtfET9P2f4h1orDl1OwU7zJpJlsh7_B2JtuYzlCk879I6vUfMUFPZJlfJarrPQEufAJnY0T5zdaDYME1g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 27ms
27ms Script
application/javascript 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1j_pYmbh-10PhyvP37WsugQgbwW54009hk-NN4TddLNXLr3gaxkJM3NtfET9P2f4h1orDl1OwU7zJpJlsh7_B2JtuYzlCk879I6vUfMUFPZJlfJarrPQEufAJnY0T5zdaDYME1g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNDIzMTgwLDgwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zdXJsLmxpL3F5d3VrIixudWxsLFtbOCwiVjlnRXNobnZWYUUiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

6f22620bc87e69172f91f30055b808fc8e419d6abea0701d661999e81037c3cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YI6h7G1sEWQajyGt2azpEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-YI6h7G1sEWQajyGt2azpEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPR8_P0-vZBHas3N3NDAD1BS4l"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUl6FkteKiEDVS-xc9ceimlyelBukZwD2tRYNdUAcHYImA9Brjqvu7T3g4KjrmaNnJHqfwjkAVbIq_6W9NubMlc2pmwVd9bbL1MWnTaeKpgQWJfo1WcD_lk8aSRp2v2itUIoesW1w== Show response
fundingchoicesmessages.google.com/el/ 0
289 B 591ms
24ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUl6FkteKiEDVS-xc9ceimlyelBukZwD2tRYNdUAcHYImA9Brjqvu7T3g4KjrmaNnJHqfwjkAVbIq_6W9NubMlc2pmwVd9bbL1MWnTaeKpgQWJfo1WcD_lk8aSRp2v2itUIoesW1w==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7B_MnFzV8HjVopuAhJgBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7B_MnFzV8HjVopuAhJgBCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEJlzefYoRAPpcDe8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA== Show response
fundingchoicesmessages.google.com/el/ 0
290 B 587ms
20ms XHR
text/html 142.251.10.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUpHYXcoVn6Z6rSAzzyeZuTHsQEqE8b7TZNoyhxcl8g3LgnACjdbFAQswrsr5clwDkjm4tmnsDMN_YH327ACTlVDaPiAdZaCb6BG0G_HvTG1OvEvhr5HRuGxjJQMuTngFjdJFKmdA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3dglCFjYI3gLSSR8F5dvRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-3dglCFjYI3gLSSR8F5dvRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw0JBiqGV4xtQKxDt8PFic0mewhgCxEA9H78_T69kEOn4tOckIAPe3DeM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://surl.li
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1A37 42 B
174 B 60ms
60ms Fetch
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_EbMwuS94-xpTDHquN54upMmJEKts9K4mDd_clEAXHnmTcIRRebGFMc8OmLfHUzOiwN3fdRMCul4bx624-pfCxp1HEg1dKXm0k-Bz96ZUu_RDxsHu2LXeuP7kIzOQubF80tlqI8jbqHjMBFe2FRmRd3lWhIc6VgY&sai=AMfl-YS9wyKGXWly_969UO4y74fOvDJkEmgv_rp9A9mO-A6pTc4MQKJPvr6ilbOJS8ShJF4AuLUQW4UJfEU07pnhjpd0-44YOFkhCb77wto-PtSz6dyu3kpLttDcqhXEnf-AssbUExiDiwFfnjAZieMTEw&sig=Cg0ArKJSzPOcL9CM-DZlEAE&cid=CAQSTwB7FLtq0Xhp39SsEtfuzC1LqdYtuJnmACCvHYynnjoJAkerPQhEqfyp4bj5ltWvBhpP9HhOyaWCGWo4MCeQYUAI6HfxK8MNM5S0nxxt0ncYAQ&id=lidar2&mcvt=1000&p=0,0,280,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1430589424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=635597900&rst=1710423178431&rpt=1696&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 13:33:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C47C 13 KB
5 KB 20ms
19ms Document
text/html 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 1219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:12:42 GMT
expires: Fri, 14 Mar 2025 13:12:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0FD3 829 B
996 B 23ms
23ms Document
text/html 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.147 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

GSE /

Resource Hash

1df39d94c0d8fedfa879bb7f15907b88e5b3d2335e4bdc0340c8f1e50d55546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nUteMGghhL0zWRqa0ha_7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surl.li/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nUteMGghhL0zWRqa0ha_7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Mar 2024 13:33:01 GMT
expires: Thu, 14 Mar 2024 13:33:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0FD3 0
0 52ms
52ms Image
text/html 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240312&jk=111206536618697&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response
pagead2.googlesyndication.com/bg/ Frame C47C 40 KB
15 KB 12ms
11ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

sffe /

Resource Hash

27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 19:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 152714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15583
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 19:07:47 GMT

GET
H/1.1 206
Partial Content file.mp4
r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,i... Frame F77C 4 MB
0 317ms
16ms Media
video/mp4 74.125.101.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.101.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin10s19-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 14 Mar 2024 13:33:01 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-3802395/3802396
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3802396
Last-Modified: Fri, 16 Feb 2024 13:47:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Thu, 14 Mar 2024 13:33:01 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame C47C 0
40 B 11ms
11ms Image
text/plain 64.233.170.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QwGU5Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:33:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
54 B 452ms
451ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ltr9ssn8&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1591&mt=video%2Fmp4&vs=1280x720&ple=0&umsem=0&event_name=first_play&asset_bytes=199610&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B31579008.388440706;dc_pre=CMKKrvHu84QDFcekZgIdfnMMJQ;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/ Frame F77C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CMKKrvHu84QDFcekZgIdfnMMJQ;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid...

42 B
441 B

50ms
49ms

Fetch
image/gif

172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CMKKrvHu84QDFcekZgIdfnMMJQ;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?

Protocol

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CMKKrvHu84QDFcekZgIdfnMMJQ;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

B31579008.388440706;dc_pre=CJKJrvHu84QDFaLIPAIdD2kM2w;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_... Show response
ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/ Frame F77C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CJKJrvHu84QDFaLIPAIdD2kM2w;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid...

42 B
429 B

52ms
50ms

Fetch
image/gif

172.217.194.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CJKJrvHu84QDFaLIPAIdD2kM2w;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?

Protocol

Server

172.217.194.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f148.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N4021.2000900AFFIPERFDISPLAY0/B31579008.388440706;dc_pre=CJKJrvHu84QDFaLIPAIdD2kM2w;dc_trk_aid=579691874;dc_trk_cid=210201829;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1;tpsrc=ima?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIp_Xa8O7zhAMV_SC3AB3kjAIFEAAYACDkzqJkOhoI5bbypAMQ0Lqm79EEGNXbsOQDINaUl4SyEkITCPyf8O_u84QDFSMltwAdy1UO-A;dc_rmcid=CAQSTgB7FLtq_GkadKlI_VKeDHe1f5lZlTat7j2lyAa-QY9csC6JKLFfSPZcAOviVK949YIQbWG...
ade.googlesyndication.com/ddm/activity/ Frame F77C 42 B
401 B 297ms
157ms Image
image/gif 74.125.24.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp_Xa8O7zhAMV_SC3AB3kjAIFEAAYACDkzqJkOhoI5bbypAMQ0Lqm79EEGNXbsOQDINaUl4SyEkITCPyf8O_u84QDFSMltwAdy1UO-A;dc_rmcid=CAQSTgB7FLtq_GkadKlI_VKeDHe1f5lZlTat7j2lyAa-QY9csC6JKLFfSPZcAOviVK949YIQbWGtqijGed6DXcje0ex09JykGphmaNsoKBVWkhgB;eps=CIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WNT07-_u84QD;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F77C 42 B
108 B 105ms
103ms Image
image/gif 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3GhyivzyZfyyLaPK3LUPy6u5wA_xmKX2ddaUl4SyEufjor3AARABIM_J3W9gvwXIAQWoAwHIA5sEqgTtAU_QvpsYN-53GxaTgPwF-0BTdCShdwUKJXzgkQt0dDsQ12pV5AG8-CBKm4x3g0TB2eVFW5JAcP-FZJCMr79sWA5C5JPwwlnmH3gamWL481H64M0y6Q9mY01l-Bo14Kr9KVT6DUn3G1Q-JCQycyUXJQYBpOfQYEEhbiHhZp3EoKOQWR4AQSsh7TeO93HqRmbjZUYPZQAMAnB83Uk7a_XqQl9QpdjW-MTK8LMTpYck3d1c37iZMlqUloX12gD4QNz6AAQ3B9Regz-ZnV1r7mHjqfURg71LAkXZOx8aXCh4ajTJpo5NqanFD0ZAh9NcUcAE0Lqm79EE4AQDiAWlseCsTpAGAaAGdoAHw9X6oQOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WNT07-_u84QDgAoByAsB4AsBgAwBqg0CU0ewE-iJ5xbIE9XbsOQD0BMA2BMKiBQD2BQB0BUB-BYBgBcB6BcFshgJEgLBXBh2IgEA&sigh=BEnxSgcSRuY&label=part2viewed&ad_mt=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F77C 0
674 B 411ms
109ms Image
image/gif 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXrl9fEA8Du00b6IblwvXulwLcXbIA9Se5A4AF6LyDICR62jxsn46pjsM9sZjzAL9Jx4GqUWOo5y8WOVn8qZFn9I4mLbftjNObdJsTVcyiIZDut3-bRiRbUueMqR4jqYEAVsqH9G_B9TCvGrAGau5XH_dgKuG_irg-zl0n9waiRPOUq_mcSlGVVZqAQ-UPEnqWXqy4_gLKEWsJ-r66MbsLshuFF3f7DbzNMFsbrgCplTP3kAK3TrrcI0GDshhf85-aLXdy782gogmAa-_drCCbwB0LMGfYzc5ZI42979OXlh0_cCDIYjR7U4O3NeFUDSUuO2Ly2RzYUX1UZKsVZZq6-vshw7iQspFqPh-HN73PETOkFs4e4-g4zouzTFYGUjkxumVHTN-nqbWojsVoRgt5nhZgauvwE5D9Iw9ruzVlOxh3bC7z6tiCpYXKmX3btU7KPd9_Y6LJTrHKdmI6aN2yVqtYFlyaH5lK65SAbDvActe0hYSHLPRRDs4DcOpdSDttTs0_JI551MXHVHCs6QOtLzqgdQq_w4s4f6KcVJk7LzF8i6rfkgcg6YIDmXwZlcEbNvmXS2ii7IQDw60xhyKW5uF_p_up9aXKajw0XolfLPG8QMjVMe5oi9yYggV6OVAgigaxDB0oumKsPki3Tw8Xc0fYLwL9KVqBA4NnGP9Jc5koST9ZSFyIMntGAC6Pbe4ve2DtDVemQhEa-D921PNVjnKjFgvnjn2GPpaByR_pOEmguVZCnHJ45KSm_yvcOKdKA7N7eIsjSZzGDiLlV0IlZ8K8zQvE4P9LuqXqHB_sHblenw-HZcje9ogJ7n6ZoGj23pV708PJdc_SpEoeQ8OGC8jHiL5DvAae-sl9AXa3cXu4uouyB1wVKkDHiDooM3dACtTIfn0AkVzgy1AHUTd3rmezeEC3XrZcu8-aV8NY04sE5pzaKiJYKmndLhGmCcGVG5kQvQAxz1FPmxbzWUPQrTpXb772Ywl0Dg_i-NGSfoykhOG_s5iAHx3d5XQ3b_lVq8H3vs7xk7UggZWqrRL5PmhMdfb4y6BBWQSOsZOZ1lx1lTDialMMuzRu-RJXsBOJ16tMl6DStEJ6kGgoZfhcMfWLbwARI3bsVp1kg1I7Bsit4VwLEahczB5gIMlVj47WljsfttSKdQ0mj-I6E-SnIOt180GnIFEM875cEkO1pww3XnaskNQGFx_Svoqws5Q0DMxA7T4O5uS7QpwgNLKFfMlgrgj02d44NJkLNuyL-CJTp_FwoKP7e8mEPAxuPk8&sai=AMfl-YSst3sWPel_kJskRmecKCSbJ6A32QNVsa3Iqv2OhjGt_3SKcbPgDrr2o2D44grHMbGI86ueYB8YO5L-4QuAc33M1G6__wX8m8gja2s2rL7KrSezPG_U6y6ljltrqdFtvjpunb6uydNlzGKwjKfMFRQ7YCcNQ5yaGaEWekaLo_b4XtbFge0vsaO5exxhUc07D-sKvY82IqC3hgm886lfvfuPpKih_ZV_nnKQ6ZvcabcirmawnXFchg7DXLH6Yxwhg2DO9_Fy9Ql0XRgpsSM2brzaiBaIIg0kXadM4TIXsswUIOMizrZMqFCJ7zITk2Ow&sig=Cg0ArKJSzH0qIOpmlW0WEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Mar 2024 13:33:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 14 Mar 2024 13:33:02 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F77C
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDltvKkAxiAp5iIAiABMAE&v=APEucNV8HJEDxY_Q7962uCy-L_x2dbCuwpqFLmXL-kNW4Pr-pw_VjEXHR3gvOh23Gri2OXSDWGfCVRSmAMPkgj5PWX0ZpFegbx21zWKxZfRIs7vLRB1SUGk
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfL8josFVroAABA3ANFZzAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJ6QjM7YPee7RHDxX6OV4s&google_cver=1

43 B
854 B

56ms
55ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJ6QjM7YPee7RHDxX6OV4s&google_cver=1
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PIkspQEbDddZSXgxLRcp6a4lManMGGHffT3UgQP0uK64mbLdczXhL3svKE5HhMH2IrAw0zlutGCD1CjzvtO6EkKaOh5TNptO1E8noj4wdyjs7tO1PrtETzq0lTauB8iGqC9yfGPj4R2LA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8644a2199f5549d8-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMJ6QjM7YPee7RHDxX6OV4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F77C 0
56 B 103ms
101ms Image
image/gif 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F77C 42 B
174 B 103ms
102ms Image
image/gif 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240312/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F77C 0
54 B 356ms
355ms Ping
image/gif 142.250.190.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ltr9stgb&c=7463432824596&slotId=3731716412298&qqid=CPyf8O_u84QDFSMltwAdy1UO-A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1591&mt=video%2Fmp4&vs=1280x720&dm=17000&met.4=vil.2id~ff.2it~videopreviewstarted.2iu&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.190.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ord37s34-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 13:33:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 136ms
135ms Image
text/html 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240312&jk=111206536618697&bg=!Pj2lPXLNAAY_ejuoH3o7ADQBe5WfOAuLUXt0FBxsA2-aDnUYmt6zc55mIg5EJG0Al0FROuzXSnmrRBaZoSbTsHhZSnXYAgAAAFlSAAAABGgBBwoAcJbsk3ub5vbT9Z8gOI46paAa66rnBhiTQykNKygQK_GObwQPT_ryRyHhAAvuajgyeWGuUqwZFbpwSY3rjgLBi862PL5ltaqJZG8R9Pf7bHl_HjXMBsXMS_AL18IH4mxfHOVVZKzYHMWN900iH7uIuXiZAsW_hMEnGdDUQO-n98wYPdtpxIBCTtEKpDOVCsMQu60z0srUnG6tNsBQHQEze0yTqvyedS8YpSchsaXuPJksTNqWGqiZQH2X5a-eli7KKYdTtc897cem-S9X8Knj7xb8S_Fl2T4PoprVenJHGHKXnIM7_bVM2fpAMkkgHD6tO0RoqW1O7GBEasJOerulREetRv1vOoKtFe2eJS5p_9LMuussZwyUqmVDw0LKQnIhd3wlbUWbCjNJciTWVipfzX_kJGJPL-2MNqZVMCK6frWiYZ4w2Vcur6f06b5fuZsSuAEXedf13xwDaSInhO1gH-qyeBwVgAWcWApzjVPxnzxTYQD4hKiyMLlWM-N9S3rn-E24YVkPmKi5JEc7MhYVCVKD7fT5imHmqpU6Izx0uZuX8qGpeJapGI_CVAiLJqvQr6x0pPcLSjUTJKCdwtvFuSe2nHH50N5BlsAgEAFJpu4Pmfp1PndgYTJNpt-D_4AOUVQMafoFFm-ccBDjHbj1xGicB0n6SJ4Gfjq_C08oSVfShGJ1DSS7TQ3RcHkQVeUsQok3XGdXz9Zr1_XvAkdhYm2FRu7fpSsh4I7pUzWG4q3QEgiMW7mmeVrPv6JGM5Jo8bTv-9apzbUTXsbxUciM21yPeH1sTWFkskW9CYLxu6AFUkZhw_XVZGUebRzuUwm0ydmeiR4gXDvcEvpupSG-HRba6HWkyaP-jaRiWLL1PlNV6IhBojv-_x_cteN3ZitphAvazm_HK1QSkkoPukIPEB_-8PETC7vR8e4MdafnLCLD--horRCvEGmkcp-Ridil9Su_xrNqOk806vxpFqG0EMT9-dxGp0N_d6NlmkS9qS28fFZSGcDsxZbFzr774HAaGX8P0UD6WSG6_dvAvllKUcFxoNzsk2Bu5NB75B-0ETQIdohrlj86fTlNVxhkhUAGvvzlYhwkvQKJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://surl.li/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content file.mp4
r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,i... Frame F77C 33 KB
34 KB 655ms
27ms Media
video/mp4 74.125.101.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.101.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin10s19-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

84d8e77077a455adef8a229d582940264362bc3e1b357992109259379c0d2022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=3768358-

Response headers

Date: Thu, 14 Mar 2024 13:33:04 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 3768358-3802395/3802396
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 34038
Last-Modified: Fri, 16 Feb 2024 13:47:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Thu, 14 Mar 2024 13:33:04 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.surl.li/	1970-01-21 04:43:03	Name: _ga Value: GA1.2.1800178077.1710423178
.surl.li/	1970-01-20 19:08:29	Name: _gid Value: GA1.2.19702153.1710423178
.surl.li/	1970-01-20 19:07:03	Name: _gat Value: 1
.surl.li/	1970-01-21 04:43:03	Name: _ga_BVLF49G8NB Value: GS1.2.1710423179.1.0.1710423179.0.0.0
surl.li/	1970-01-20 19:07:10	Name: XSRF-TOKEN Value: eyJpdiI6Ik8rWDlIcjY2VVpjdlQ4MjdKL3FZUkE9PSIsInZhbHVlIjoibFZJRmlhU3V5UXBhdkFxUGlHUzFkOWdyUTlZZGtlZmtGZ2RUTVIwWWVOWXNqU3NPRWhDMmtUeC82Qm93cnlndTRzUGpRNTBHWkZWOUxiSW40TE81OUNTcHFjQTAwK3Z4cE05cVZzSXkwTUp3c2NhUUZVQkljbEIxcklsNFJJKzIiLCJtYWMiOiIzNzIyZjE5MDc3ZTQ5NGYzNjUzNzdiMzY2Y2I2M2FkZDI3NTdmODhiMzFiZTY3NDJjNzhmNTZkMmE2NDUzMGM3IiwidGFnIjoiIn0%3D
surl.li/	1970-01-20 19:07:10	Name: surli_application_session Value: eyJpdiI6IjVYWXlWbGUyZG9Wd1FPMnBZTVF4Zmc9PSIsInZhbHVlIjoiS1p0akwrL3pRa3RuYTVwMnNEM3ZQb1ppckZpZVpCZlBqOWhxdU9uQ0RHY240K1ZqbEcvYjlkU3VwdzJ4Q0pLeU5VU1ZOTXYvMjdKSEltbHZzVXl0azNZclBiNFpWOGNKbUY4MERVMTRrWHBRdW90N0FtTGVmck5taWdFdFhUMjEiLCJtYWMiOiI0ODdiM2ZkYzY0MTM0ZWYzMjIxYTNiMDZkNzI1NjhkZjU1ZjlkZjlhZTc2ZjQ3MzY0OWI3OTVmMWZmNmJmNWZjIiwidGFnIjoiIn0%3D
.surl.li/	1970-01-21 04:28:39	Name: __gads Value: ID=b04fc3f537156a61:T=1710423178:RT=1710423178:S=ALNI_MYQqHh5cbckAy3OsFtbe_1hkpCqgw
.surl.li/	1970-01-21 04:28:39	Name: __gpi Value: UID=00000d379099bfaa:T=1710423178:RT=1710423178:S=ALNI_MYLBzOkEF2-s-BIThoM5O9ndshO8w
.surl.li/	1970-01-20 23:26:15	Name: __eoi Value: ID=befa5e4c2fd6591b:T=1710423178:RT=1710423178:S=AA-Afjaf365lC__dY7O2_yvkIMAg
.doubleclick.net/	1970-01-20 19:07:06	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:43:03	Name: IDE Value: AHWqTUkULkgjjx6-okLs2wrH7PuwsEaodBrgREiHLKhHOl7pxBOgBdY-Eg2Q62R_-lE
.googleadservices.com/	1970-01-20 21:16:39	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 23:26:15	Name: APC Value: AfxxVi5RBoZLtVq_Tc8L2VoBZrAe2L5WwBaNADWes7vFSbypUJO2vQ
.doubleclick.net/	1970-01-20 23:26:15	Name: receive-cookie-deprecation Value: 1
.surl.li/	1970-01-21 03:52:39	Name: FCNEC Value: %5B%5B%22AKsRol9F1QRk0H8chVOxdOU9t-YJWy6HnnQFgpmMrbus90_K_mWqMlYcBnWfLo2_I6dWx7oXDAxFroyhX4cqwL3JMl4Rc5UMPgWuwEQ4oAVYQicIeExLZRlxD-VbPtXVCLlwNUTiarY72k1Pg6YtCkYmJqL8O0FMcg%3D%3D%22%5D%5D
.casalemedia.com/	1970-01-21 03:52:39	Name: CMID Value: ZfL8josFVroAABA3ANFZzAAA
.casalemedia.com/	1970-01-20 21:16:39	Name: CMPS Value: 4716
.casalemedia.com/	1970-01-20 21:16:39	Name: CMPRO Value: 4716

65 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://surl.li/qywuk Message: Mixed Content: The page at 'https://surl.li/qywuk' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://surl.li/qywuk(Line 272) Message: Mixed Content: The page at 'https://surl.li/qywuk' was loaded over HTTPS, but requested an insecure element 'http://web-screen.com/img/plug.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://chat.whatsapp.com/ELAIb6rgUva9eb7xe9XsMC&size=16 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://surl.li/qywuk Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://r1---sn-npoe7ney.c.2mdn.net/videoplayback/id/3390c8eeba310263/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741959180/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/47E54D5035CB72DCCB96C62966A05EBEFD2C0B03.469BB8271CEFC684A3A2A99937ACA9E06D4C2AB4/key/cms1/cms_redirect/yes/mh/V0/mip/103.224.116.133/mm/42/mn/sn-npoe7ney/ms/onc/mt/1710422703/mv/m/mvi/1/pl/24/file/file.mp4 Message: Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
r1---sn-npoe7ney.c.2mdn.net
stats.g.doubleclick.net
surl.li
t3.gstatic.com
tpc.googlesyndication.com
web-screen.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.18.36.155
104.26.5.19
142.250.190.67
142.250.4.156
142.251.10.101
142.251.10.157
142.251.12.147
142.251.12.154
142.251.175.157
142.251.175.95
172.217.194.148
172.217.194.157
172.217.194.94
172.67.192.234
64.233.170.132
64.233.170.138
64.233.170.94
64.233.170.95
64.233.170.97
74.125.101.38
74.125.24.147
74.125.24.154
74.125.24.156
74.125.68.138
00e3415aa82adde0e8d553eec3bdee3acadca4cbdf77db6933608508e7f76d06
04d9b3f0a1503cbfd71d982f8b73af88d15941981341c45da4c931b9445ae5dd
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
08b17309573914f3840ee7930928df7758def2a992f55aaee830a53a7882bf3d
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
1277804ad0a78865294a81b64a1c27919e940c7bb6d2911dbc455fa8e5d2fa51
14a1fbb8d1f3f20bf9b25fbd9f7f28be3c8d460a42f9614f4e0d8aa770315ba6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1df39d94c0d8fedfa879bb7f15907b88e5b3d2335e4bdc0340c8f1e50d55546b
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2a2d6323ec235556eb2cd441c849220e38f271eea88d721083f05db92a155322
2f9e711abfb70ec1515ded7f4c18c9208b1325f53b551698b90fa4664542ceed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
37294ab44edbbc2da4d18c3a5eafe7c07c6b66817fc06a7d588c0982e1be1034
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41184d45ee0190e745df94776022442ab923bc979486aee54db3aef923747b76
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
4410a16b38295c24e7084172aa346f25ffc4d20cc2a0083a8e9a52ef65fb0f2f
53a50003a1a126ee7a58be33f2f1e0bbe3738c65f7acf37d815e6d3732b39860
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
5ddc147990dd86b1ce6f1745d8fc89d4db6cdaea789c6b9573ba3e1bf689a06d
5e441dbeaa5501113d4392f49eb3507da630cfc9f43125b4a0a22babfd5a92cc
5f9d5f29005b76fbfa6a56082395c97c234b2a511bbbc4de4f72b974d024b35e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c847af4400d327ad6a64ae87c50f6990011348f1cbbe293de44b7bc283eb379
6f22620bc87e69172f91f30055b808fc8e419d6abea0701d661999e81037c3cf
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
758a10e9c40e082f542dd834e0aec2e3252bdb9f3858ca1552600ab164f7527a
7acb3e456d98d55be401bb07a32c9cb04e074de37bd58932b11bcf0fe9f59ab0
7adaca2df0768c50503d611103e7ca05a7d021f53bda69b2dee89a0a13c9410d
7c4dd0bd84759808f306ef41c14dc423f219e09d984ab235ea5433aa5934bcfe
84d8e77077a455adef8a229d582940264362bc3e1b357992109259379c0d2022
856f999ea580bfa2f03ce5872b848246a66492f17675693e2f429938250d231a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9d6dfd360ccbae2e81dc8f69b9c561e99e7034b0417b2a0bcbc85c2ff629ab6d
a5599a0a90dab12673a1ff19271066e18ce27b8e3b0b2bb69bc9f73ca7f48b53
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
b08ee81fa51d661b5c24460f41bb2ee09eeb5157c9426c6b3b83d7ada262473d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9f35a9a3cc297a189c37db337f9c360256bba2ec2e55756e53af03b5a391302
ce40d27c6c90b990229510c46115ec852237276e1aa09cdebffc6ae085b1d1e2
d03b8dbcc23821d74a8f91c60b2c1ca1141a23c1d51680572626ae4b0fcec1fe
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
dae4144dd217c5f3a403412ded30d07991c8d2bb8ed70fce614d12d176295760
db4bde54cdbec1a99bfbdfc0d12d8599cba8f30339a2514d474bad23a320a7d7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e30046945347abe51f6765fe7ad3aea9af756c51c70cc12eb0548c9f53696c98
e38b75194d069e248c44ce8b5d0228ceb8711888264092e8788a0ae343156ce4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e7ea30badf267e780878a8fdd63da55c8b8e6ea39d3f1b122855ac01c02d3db9
e93c4f5313625a55b19278f7e50679bda986099c11319ec99030d697474fb296
eaa49a3d785fd3010ee8db1ccc1668f3e85f9d02d7af81cf3721b179aaff26fc
ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f179eba989a5d55300cbb2fbb9381421109c1ab9b099ebacb3dc91f6e62a1e
f389fb51afbd8077d4e8e260bf820115f7111c246e02cc4aab081c5317c56db6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

surl.li Open in urlscan Pro 104.26.5.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

121 Requests

95 %HTTPS

0 %IPv6

12 Domains

25 Subdomains

23 IPs

2 Countries

1916 kBTransfer

8374 kBSize

18 Cookies

8 Outgoing links

Page URL History

Redirected requests

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

surl.li Open in urlscan Pro
104.26.5.19 Public Scan

Screenshot
Live screenshot

Full Image

121
Requests

95 %
HTTPS

0 %
IPv6

12
Domains

25
Subdomains

23
IPs

2
Countries

1916 kB
Transfer

8374 kB
Size

18
Cookies

121 HTTP transactions
2 data transactions