Submitted URL: http://shfo40.com/
Effective URL: https://shfo40.com/
Submission: On March 16 via api from NL — Scanned from SG

Summary

This website contacted 33 IPs in 6 countries across 26 domains to perform 184 HTTP transactions. The main IP is 143.198.193.121, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is shfo40.com.
TLS certificate: Issued by R3 on March 16th 2024. Valid for: 3 months.
This is the only time shfo40.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 143.198.193.121 14061 (DIGITALOC...)
1 142.251.12.97 15169 (GOOGLE)
2 74.125.24.155 15169 (GOOGLE)
1 23.44.5.179 20940 (AKAMAI-ASN1)
1 110.93.147.30 23576 (NHN-AS-KR...)
1 74.125.130.139 15169 (GOOGLE)
38 2404:6800:400... 15169 (GOOGLE)
4 142.251.175.157 15169 (GOOGLE)
3 172.253.118.95 15169 (GOOGLE)
1 22 142.251.175.132 15169 (GOOGLE)
5 142.250.4.94 15169 (GOOGLE)
2 11 2404:6800:400... 15169 (GOOGLE)
3 172.253.118.148 15169 (GOOGLE)
11 27 64.233.170.155 15169 (GOOGLE)
9 15 172.64.151.101 13335 (CLOUDFLAR...)
9 12 103.43.90.19 29990 (ASN-APPNEX)
15 2404:6800:400... 15169 (GOOGLE)
3 74.125.130.99 15169 (GOOGLE)
2 2 35.230.38.116 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 18.177.11.95 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
1 1 18.141.30.29 16509 (AMAZON-02)
1 2 93.158.134.90 208398 (TELETECH)
1 1 77.88.55.88 ()
1 2 23.199.246.27 16625 (AKAMAI-AS)
1 2404:6800:400... 15169 (GOOGLE)
3 74.125.68.95 15169 (GOOGLE)
9 2404:6800:400... 15169 (GOOGLE)
6 74.125.68.148 15169 (GOOGLE)
3 18.155.68.107 16509 (AMAZON-02)
4 142.251.10.154 15169 (GOOGLE)
5 172.217.194.94 15169 (GOOGLE)
4 216.239.32.3 ()
1 142.251.12.154 15169 (GOOGLE)
1 182.161.73.146 55569 (CRITEO-AS...)
1 1 222.230.178.26 ()
2 2 70.42.32.223 ()
1 1 51.79.154.9 16276 (OVH)
1 1 142.251.10.100 ()
1 74.125.164.136 ()
1 1 2404:6800:400... ()
1 142.251.88.73 ()
184 33
Apex Domain
Subdomains
Transfer
77 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 167
4 MB
49 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
ad.doubleclick.net — Cisco Umbrella Rank: 164
bid.g.doubleclick.net — Cisco Umbrella Rank: 929
278 KB
16 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 319
gcdn.2mdn.net
r3---sn-npoeenle.c.2mdn.net
r4---sn-npoe7nsy.c.2mdn.net
364 KB
15 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 626
9 KB
14 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
153 KB
12 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 269
13 KB
11 shfo40.com
shfo40.com
230 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
imasdk.googleapis.com — Cisco Umbrella Rank: 497
138 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 144
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 552
3 KB
3 researchnow.com
tag.researchnow.com — Cisco Umbrella Rank: 2771
1 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 7108
yandex.ru
3 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1422
649 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 844
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 705
443 B
1 gsspat.jp
rt.gsspat.jp
410 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 647
363 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 546
758 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 112702
739 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6300
654 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
250 B
1 naver.com
wcs.naver.com — Cisco Umbrella Rank: 22281
625 B
1 naver.net
wcs.naver.net — Cisco Umbrella Rank: 15079
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
94 KB
184 26
Domain Requested by
40 pagead2.googlesyndication.com shfo40.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
37 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
shfo40.com
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
27 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
shfo40.com
15 dsum-sec.casalemedia.com 9 redirects googleads.g.doubleclick.net
15 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
shfo40.com
googleads.g.doubleclick.net
12 ib.adnxs.com 9 redirects googleads.g.doubleclick.net
12 s0.2mdn.net shfo40.com
s0.2mdn.net
11 shfo40.com 1 redirects shfo40.com
6 ad.doubleclick.net shfo40.com
5 fonts.gstatic.com fonts.googleapis.com
5 www.gstatic.com googleads.g.doubleclick.net
shfo40.com
4 csi.gstatic.com imasdk.googleapis.com
4 www.googleadservices.com shfo40.com
4 creativecdn.com 4 redirects
4 fonts.googleapis.com googleads.g.doubleclick.net
shfo40.com
3 tag.researchnow.com googleads.g.doubleclick.net
3 imasdk.googleapis.com googleads.g.doubleclick.net
shfo40.com
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 r3---sn-npoeenle.c.2mdn.net 1 redirects
2 b1sync.zemanta.com 2 redirects
2 sync.teads.tv 1 redirects shfo40.com
2 an.yandex.ru 1 redirects
2 um.simpli.fi 2 redirects
1 r4---sn-npoe7nsy.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 onetag-sys.com 1 redirects
1 rt.gsspat.jp 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 yandex.ru 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 www.google-analytics.com www.googletagmanager.com
1 wcs.naver.com wcs.naver.net
1 wcs.naver.net shfo40.com
1 www.googletagmanager.com shfo40.com
184 37

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
shfo40.com
R3
2024-03-16 -
2024-06-14
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
wcs.naver.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-12-01
a year crt.sh
wcs.naver.com
GeoTrust RSA CA 2018
2023-08-01 -
2024-08-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
www.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.researchnow.com
Amazon RSA 2048 M03
2023-09-13 -
2024-10-11
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-08 -
2024-05-07
3 months crt.sh

This page contains 30 frames:

Primary Page: https://shfo40.com/
Frame ID: 87D863E343A36BCE7BFAB81165457979
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&adk=1812271804&adf=3025194257&lmt=1710572072&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fshfo40.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072655&bpp=25&bdt=1013&idt=89&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1069886643591&frm=20&pv=2&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=111
Frame ID: F6E70E2FCA5E436648D5D0D37BD5E5CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Frame ID: 6F58B6BDA052002C978E8FFA38004AC9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Frame ID: AB2061C80BAF489BF63B9BC38FA6894F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Frame ID: A506288ADF0F4303A7A7AAD2DC8F34B7
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1208920853&pi=t.aa~a.1109992472~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=5&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=33
Frame ID: 95E4CB44D7245A822ECD881F34AD8236
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 83597A132363F8C6C8D285E8BA688369
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: D82F0E6DC5DA41B971F3A77783AD6577
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: C3FF436F7909147F2911D3B2EA9827A5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Frame ID: 4F05F56DD35A10E174A410F6D6D69EA4
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Frame ID: 83B2CA8C6C05113FBE40C3C2F35093AA
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Frame ID: D03B4FB43B2FE59068F7E64DEA8CC680
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 6A1A5AD44E90F4DB31519AC9BA418395
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Frame ID: 5E050063397EDE7FDFED9EA6B6C722DE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: ACD51BE991F4C599997E04D02B387CBC
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Frame ID: 93D0A4D9274074AF621B4E6EEDDC9ED0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: CDAE995A604E0C743DFE56F665632D2D
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0E4572FD0081C673DE2BB319573F0526
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85F49FE1F638EAB150587F150FC39E6F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Frame ID: EDDF70F46BA3E8E8736D13F9F065CF8B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Frame ID: 9C46D0F9C1470CD8DD33638B38BD1385
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Frame ID: 150D2E66A5B136891F94C5406AE3FE3C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
Frame ID: 8E2E738622D2AF09CA45BCCBC6174845
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Frame ID: 107E30E22995B1BD227B1B7809F1DE1D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7039F6BF6DB52D1DFAF8D72305A202C4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E9377DEFBA8542D69F6C5A90462BCA88
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C282735F3EC3C0C11CE28F8AE339ABAD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 30FC42861E0B1A931E4CF0E045A25ABC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 991F59E42ACE2826C98FBCA7B6CACD50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54098073D39E466295655CF191D840D4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

오info - 금융, 정부지원, 생활정보

Page URL History Show full URLs

  1. http://shfo40.com/ HTTP 301
    https://shfo40.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

184
Requests

83 %
HTTPS

14 %
IPv6

26
Domains

37
Subdomains

33
IPs

6
Countries

5154 kB
Transfer

10000 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shfo40.com/ HTTP 301
    https://shfo40.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCYkt2wrwEQsAkYsAkyCLlwzHn5sXus HTTP 301
  • https://tpc.googlesyndication.com/simgad/16673368006312664569
Request Chain 74
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Request Chain 75
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Request Chain 76
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Request Chain 77
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Request Chain 79
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Request Chain 80
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Request Chain 81
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
Request Chain 82
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Request Chain 83
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Request Chain 85
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY0NDAyMTMxOTg1OTY2OTc1NA%3D%3D
Request Chain 102
  • https://um.simpli.fi/gp_match?google_gid=CAESEI_y2L47N7cJ5IWkmMGgXl8&google_cver=1&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqyGyxoPWiB60Ug1hCFwB4N7QFA0uM5mCYQs-s1e_HkEOvIZT_n2X3T6B6V7oGu62yGP_-ScIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqyGyxoPWiB60Ug1hCFwB4N7QFA0uM5mCYQs-s1e_HkEOvIZT_n2X3T6B6V7oGu62yGP_-ScIw
Request Chain 103
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEG0JgKQE_mlKycOejRS0DH8&google_cver=1&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BLA9bDsM-afgs6aWwWbDHX6waAVPDhz0BqD-RA5FsstQAyNuZPNCX7Q2WszQfetoJw9_XViYhfkOkDrjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BLA9bDsM-afgs6aWwWbDHX6waAVPDhz0BqD-RA5FsstQAyNuZPNCX7Q2WszQfetoJw9_XViYhfkOkDrjA&google_hm=2m_6IEG8SRON15RE4aetER8
Request Chain 104
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEGFE3u-lVNufdctZds6CpCw&google_cver=1&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniIXc4RkUSq-eeQcP1jauhTo_nWrx_qZpVnxUftfja6a72xMitlGuE5Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniIXc4RkUSq-eeQcP1jauhTo_nWrx_qZpVnxUftfja6a72xMitlGuE5Q&google_hm=NTlLNnNaMDFDQkRETDAwN1VrWDI
Request Chain 105
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUmOP386BzcJ5LYkXbayZTOYGh7zKpXam8fubmAmbl2DY7nOGFDuqlcg6u-8U8zuNKlj9d_xerP311QTAUzobmGfi79WQ HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUmOP386BzcJ5LYkXbayZTOYGh7zKpXam8fubmAmbl2DY7nOGFDuqlcg6u-8U8zuNKlj9d_xerP311QTAUzobmGfi79WQ&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUmOP386BzcJ5LYkXbayZTOYGh7zKpXam8fubmAmbl2DY7nOGFDuqlcg6u-8U8zuNKlj9d_xerP311QTAUzobmGfi79WQ&tc=1
Request Chain 106
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIYesyHOhKErYmFpg-5KnFE&google_cver=1&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNyJeN4ZBIUodTVDP_4ldxo-MwbsoQMBo4Syj0o_DEOUTsHjg1EwjBrz5VDJWaE2pQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNyJeN4ZBIUodTVDP_4ldxo-MwbsoQMBo4Syj0o_DEOUTsHjg1EwjBrz5VDJWaE2pQ&google_hm=eS1SN2tXUHUxRTJwSF9yY2JpUmJWTlBnQ1NrR0JySHBOdH5B
Request Chain 107
  • https://an.yandex.ru/mapuid/google/CAESELUr8-J4fP-E-7PxfxTGE9w?ext-param=AXcoOmS_9ZQvN77PEddXa5vkbPZF51cK5UZ-Mm-9__1LwxZEZmiCG0MWa8IP8pQ5JRUUiBt546QtVgRWRB1qJcWqzG7uhMsEPwjKxDzFPfaDzSjrmCI71cOAZWBCDTyCtZOZsC_HjlbxahHJ4Ru-41zJQcZe7sU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://yandex.ru/an/mapuid/google/CAESELUr8-J4fP-E-7PxfxTGE9w?redir-setuniq=1&ext-param=AXcoOmS_9ZQvN77PEddXa5vkbPZF51cK5UZ-Mm-9__1LwxZEZmiCG0MWa8IP8pQ5JRUUiBt546QtVgRWRB1qJcWqzG7uhMsEPwjKxDzFPfaDzSjrmCI71cOAZWBCDTyCtZOZsC_HjlbxahHJ4Ru-41zJQcZe7sU&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELUr8-J4fP-E-7PxfxTGE9w&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 108
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK_0MpGd0GG-ikBdrHMd89E&google_cver=1&google_push=AXcoOmSkOQE_2d4zJbCjGaFEmxD1BvijxbkssR9DeAprTOeZGbrSffTHCJCOyWcEtdVULyySejL92qRuflMnTbx68fAH-u9zgzeNEBaDFyWKJCQYPkTLsePTYPDrjtQ9EyRoMjR7hUNu6p_fonYsDPKSRS2LfQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YmYxY2Y1ODgtYThmNi00YmFlLTgxMjAtNjY1M2FhZjY3M2Mz&google_push=AXcoOmSkOQE_2d4zJbCjGaFEmxD1BvijxbkssR9DeAprTOeZGbrSffTHCJCOyWcEtdVULyySejL92qRuflMnTbx68fAH-u9zgzeNEBaDFyWKJCQYPkTLsePTYPDrjtQ9EyRoMjR7hUNu6p_fonYsDPKSRS2LfQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 135
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_a39KUL1ZZqTPIq09fwPmsGZkAiKkIKzdu_WsvGnEtzZHhABIN3b56ABYL8FoAHqkvHhAcgBCakC1llPK6kVqT6oAwHIA8sEqgTIAU_QKz5qO4ybQKrON2RSIbCyWQHuwgG3Ac1I7D_TOYuhWRmMlmaF9LbwBsLLvhhoJrM3RA4-eemzVNe7kcqMLuTuv-KgGRIeoKhSXgLxbB1tZEn0arhU8i4B9k-66XwRAR7f2y81Tin4nfDG7ZB_ot4sBBBlu20QAq3G7ZL4OqyUjgcVeL6olc3zNH7R-u3mt2itOAIJJe5JPMRZAjIpbr42KbmYmMuPW2-55oqX2rZfaVe88sEgkQH9932CfXa0mUsGyTdCxzVSwATZ39Tw3QSIBZCZ_shOkgUECAQYAZIFBAgFGASgBi6AB_GQ3K0CqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQzO8C0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WO6k1MaZ-IQDmgmIAWh0dHBzOi8vc3RlcnJhLnNnL3Byb2R1Y3RzL3N0ZXJyYS1tb29uP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249MTYyNjM5NzIwNDA5JnV0bV9jb250ZW50PTY5MzYxNjI3MDA1MiZ1dG1fdGVybT2ACgHICwHaDBEKCxDgjK7Dif7v8P0BEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zOTA1NDYzNjA0MjA5MjUwGACyGAkSArFkGC4iAQA&sigh=GffgxlaP4RI&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwB7FLtqeDop8EcD8T4zRspYR5OLfgnBwi1Z124-vCwVjb_imbZ10TTTRwhUSasrdycgfIR-IzA7VJaQGAE&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf29c54fe8f1877c40000000000000000%22,%222%22:%220xf8f6d883a4e014920000000000000000%22,%223%22:%220x472882d40d965f1d0000000000000000%22,%224%22:%220xce992b4cdcbeb4f40000000000000000%22,%225%22:%220xb0dc16f8312b043d0000000000000000%22},%22debug_key%22:%227305062994581305021%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229263008943627700849%22}&andc=true
Request Chain 152
  • https://um.simpli.fi/gp_match?google_gid=CAESEEXADNmYFXuZOrNPmNvOBds&google_cver=1&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQycpX-11Nd2qqXqKI-pt6-ipbVEXNuu4UUdX7E7an8kNZ83LHG8gJTZaQL59OBuHJIVi-CaYbA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQycpX-11Nd2qqXqKI-pt6-ipbVEXNuu4UUdX7E7an8kNZ83LHG8gJTZaQL59OBuHJIVi-CaYbA
Request Chain 153
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmSjEgo1XoG_RePGpH6tZwLP1SjzolaOlPQwKBJKo6QP4x6OJR9p4z6wbjQn30UosgRahR3AIOYsBUgEPEqBJoIjEjG6VNES1X3ArJN8lml49fFeWXOjji_1kJmwDZyOYv54St-Ej70OjOLKuVF3_91F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmSjEgo1XoG_RePGpH6tZwLP1SjzolaOlPQwKBJKo6QP4x6OJR9p4z6wbjQn30UosgRahR3AIOYsBUgEPEqBJoIjEjG6VNES1X3ArJN8lml49fFeWXOjji_1kJmwDZyOYv54St-Ej70OjOLKuVF3_91F
Request Chain 155
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTWp3ywjC47NdiUOe80mw4tsShDOG4bpUunD9uDqIMararzjDickLhdT4iXSsA&google_gid=CAESEKyEZJqE0guIHDHdiXSAz4I&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=SxTdPIyUG2pCf6TRniS08Q&google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTWp3ywjC47NdiUOe80mw4tsShDOG4bpUunD9uDqIMararzjDickLhdT4iXSsA
Request Chain 156
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENVaDCWFnKZujkL0Q3OS3cw&google_cver=1&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhyfMl2KHauffnvw11bGh8m_zTJh HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENVaDCWFnKZujkL0Q3OS3cw&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhyfMl2KHauffnvw11bGh8m_zTJh&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhyfMl2KHauffnvw11bGh8m_zTJh&google_hm=OHVnaURwSWtUcmM4bUY3aFpoVTI=
Request Chain 157
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECJ7wr_UeI6y6if0GJ2D6dI&google_cver=1&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9uLZ056pFXV6w8MdtVTMkeI0_i_gZioGjVUgdkQ7JgAugBJaseQIS-87SxHDOurAbtVcMobJS7bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9uLZ056pFXV6w8MdtVTMkeI0_i_gZioGjVUgdkQ7JgAugBJaseQIS-87SxHDOurAbtVcMobJS7bg
Request Chain 158
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmQojm-GDKgjpnXdXm0wYyH2sR6rvElkH4NaqetiTGRADxO6c3BeQTygozOTAK52tWqfROZx-ecdoUHpydY_QzWZ_Y8rIoCrjlMVFwDNQSmRxiOyX4aYat4jBfC5Hju14WYqcTiWeJcnfoNIMEz0ArGC8g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmQojm-GDKgjpnXdXm0wYyH2sR6rvElkH4NaqetiTGRADxO6c3BeQTygozOTAK52tWqfROZx-ecdoUHpydY_QzWZ_Y8rIoCrjlMVFwDNQSmRxiOyX4aYat4jBfC5Hju14WYqcTiWeJcnfoNIMEz0ArGC8g
Request Chain 161
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYJbOKUL1Za3cCofI9fwPy8eZqA_urd2wdp7nx86dEmQQASDd2-egAWC_BaABmcuEngHIAQapAtZZTyupFak-qAMByAMCqgTFAU_QxnD86GCrfCsSXf5YJlgp0Bzjmb06J-VD85RIs5ujFbeMriSBzH2fAGLqXARfIdjtBy2PdICQBJdO2OESg86NKL7TXRMYLUcSAAb5B2LeqQN_kROQbbwzrya8VrskaHzUwHfypCKDLNzGQ7kYfEvTBmajFQIGzA3LTTQGRnWblJBGH3uF26RYslFTFN6E2gIqg0xollzDsMNDvq1kFnl_KiudtvyWC4GJCKDf5Dfc85QosqR7Max7nDpQc8Z80QvYDpLSwATvntWcxwSIBavy98RNkgUECAQYAZIFBAgFGASgBjeAB7DxvNsBqAfZtrECqAevvrECqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEJPgJNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOliu9aLGmfiEA5oJHGh0dHBzOi8vd3d3LnBlbGFnby5jby9lbi1TRy-ACgHICwHaDBAKChDAqazLifOs0zQSAgED2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTM5MDU0NjM2MDQyMDkyNTAYALIYCRICoU8YNyIBAA&sigh=DXA8rVk0_v8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqayN2g4WxsxWAnE3T8wbe257BwEE2hSEvwltDwXano_B-TlHAw3pqCGZuSHCFtnSdwj47Wqq3PWhZnrPLMoHw1pvcynoDCTpL9yEYAQ&template_id=493&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3f0035636567dcc30000000000000000%22,%222%22:%220xaf0ed84d50e239f40000000000000000%22,%223%22:%220x2a3b0697fcb20c420000000000000000%22,%224%22:%220xe8895548518c36be0000000000000000%22,%225%22:%220x3a90e2e09949ddcf0000000000000000%22},%22debug_key%22:%223955973126973640298%22,%22debug_reporting%22:true,%22destination%22:%22https://pelago.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22331425177%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217378579751373309441%22}&andc=true
Request Chain 165
  • https://gcdn.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/523E2273CB46A2212AD59220F2CDD276F1025758.11817568E99AF8F328CE55F1A2C25A11AAD12B74/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6D2A9BACACBCB42C286676841479C9CAC247CC6A.6796B556503C568771AF7871D915E5D0EE193B58/key/cms1/cms_redirect/yes/mh/Qy/mip/116.86.254.31/mm/42/mn/sn-npoeenle/ms/onc/mt/1710571724/mv/m/mvi/3/pl/21/file/file.mp4
Request Chain 183
  • https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6D2A9BACACBCB42C286676841479C9CAC247CC6A.6796B556503C568771AF7871D915E5D0EE193B58/key/cms1/cms_redirect/yes/mh/Qy/mip/116.86.254.31/mm/42/mn/sn-npoeenle/ms/onc/mt/1710571724/mv/m/mvi/3/pl/21/file/file.mp4 HTTP 302
  • https://r4---sn-npoe7nsy.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/287EABE64F03815B494BB7C1B20068A5B4A082B2.80EC263790986D5F5A8DD7C3F3E0CB0E49FB782F/key/cms1/mh/Qy/pl/62/redirect_counter/1/rm/sn-npozz7s/req_id/524bbdebbd536e2/cms_redirect/yes/ipbypass/yes/mip/2400:6180:0:d0::1519:8001/mm/42/mn/sn-npoe7nsy/ms/onc/mt/1710570925/mv/u/mvi/4?file=file.mp4

184 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
shfo40.com/
Redirect Chain
  • http://shfo40.com/
  • https://shfo40.com/
151 KB
43 KB
Document
General
Full URL
https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
965b411183ec072ba1ae3fef5b2d6ef52e7bb484a20a9e1e02032dc110bfdf5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
5016
content-encoding
gzip
content-length
43757
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 06:54:31 GMT
link
<https://shfo40.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache
HIT
x-ua-compatible
IE=edge

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 16 Mar 2024 06:54:31 GMT
Location
https://shfo40.com/
Server
nginx
style.min.css
shfo40.com/wp-includes/css/dist/block-library/
108 KB
14 KB
Stylesheet
General
Full URL
https://shfo40.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
content-encoding
gzip
last-modified
Wed, 31 Jan 2024 13:30:25 GMT
server
nginx
etag
W/"65ba4b71-1ae43"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
main.min.css
shfo40.com/wp-content/themes/generatepress/assets/css/
19 KB
5 KB
Stylesheet
General
Full URL
https://shfo40.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 05:28:09 GMT
server
nginx
etag
W/"65a4c269-4c6e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/
282 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-W178DSWYMY
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8a98904a34b24d113983fe400402af063a3fbcdd0cce65c90fbd5dcbf029fcc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96327
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Mar 2024 06:54:32 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
149 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3905463604209250
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
99fd8bd2e64cedb731459286a1ec8d699b9384cfbc82dfa14575e8d3d8548e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Origin
https://shfo40.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51142
x-xss-protection
0
server
cafe
etag
13620607963170880215
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 16 Mar 2024 06:54:32 GMT
cropped-favicon-2.png
shfo40.com/wp-content/uploads/2024/01/
167 B
317 B
Image
General
Full URL
https://shfo40.com/wp-content/uploads/2024/01/cropped-favicon-2.png
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
62dda1d909ce6ffab874d8d4e71af65d147a0214ec6dc82aa6bc82cd05fc7665

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
last-modified
Mon, 15 Jan 2024 05:56:03 GMT
server
nginx
etag
"65a4c8f3-a7"
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
167
230311_01w.webp
shfo40.com/wp-content/uploads/2024/03/
30 KB
31 KB
Image
General
Full URL
https://shfo40.com/wp-content/uploads/2024/03/230311_01w.webp
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
cc16e0f8da29595df961566e50883260229cea4dbb21132134068e40761a3f3a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
last-modified
Mon, 11 Mar 2024 01:57:12 GMT
server
nginx
etag
"65ee64f8-79c8"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31176
240306_03W.webp
shfo40.com/wp-content/uploads/2024/03/
56 KB
57 KB
Image
General
Full URL
https://shfo40.com/wp-content/uploads/2024/03/240306_03W.webp
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
7911a7817b524f49f06433c5bd6589cb3e1b83ce88bd8de36f10182ea007ccbe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
last-modified
Wed, 06 Mar 2024 06:50:07 GMT
server
nginx
etag
"65e8121f-e1fc"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
57852
240306_02w.webp
shfo40.com/wp-content/uploads/2024/03/
47 KB
47 KB
Image
General
Full URL
https://shfo40.com/wp-content/uploads/2024/03/240306_02w.webp
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
3036c598025b480e2c87981c4799a5154999b57413eb03370a697239de1a8b45

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
last-modified
Wed, 06 Mar 2024 04:35:59 GMT
server
nginx
etag
"65e7f2af-bb16"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
47894
wcslog.js
wcs.naver.net/
23 KB
8 KB
Script
General
Full URL
https://wcs.naver.net/wcslog.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.5.179 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-179.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b1228dcc9ae2c01d31fb43e531c1f73923d994a751ba7a63da63cac8c755e7ca

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 06:54:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Feb 2024 07:03:21 GMT
Server
nginx
ETag
"65bb4239-5b7d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=363
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7641
Expires
Sat, 16 Mar 2024 07:00:34 GMT
menu.min.js
shfo40.com/wp-content/themes/generatepress/assets/js/
7 KB
2 KB
Script
General
Full URL
https://shfo40.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 05:28:09 GMT
server
nginx
etag
W/"65a4c269-1b3f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
1c7bbacc-6198-4eb3-a650-25f2bf3fb5f7
https://shfo40.com/
1 KB
0
Other
General
Full URL
blob:https://shfo40.com/1c7bbacc-6198-4eb3-a650-25f2bf3fb5f7
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
240306_01w.webp
shfo40.com/wp-content/uploads/2024/03/
27 KB
27 KB
Image
General
Full URL
https://shfo40.com/wp-content/uploads/2024/03/240306_01w.webp
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
ad4809de1d19fbf4714d6383b9eb46e508311559a1a11d91edb8dad65d8c7724

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
last-modified
Wed, 06 Mar 2024 01:37:48 GMT
server
nginx
etag
"65e7c8ec-6a4a"
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27210
b
wcs.naver.com/
0
625 B
Ping
General
Full URL
https://wcs.naver.com/b
Requested by
Host: wcs.naver.net
URL: https://wcs.naver.net/wcslog.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software
wcs /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shfo40.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:32 GMT
x-content-type-options
nosniff
server
wcs
accept-ch
Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
p3p
CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
access-control-allow-origin
https://shfo40.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Tue, 01 Jan 1980 09:00:00 GMT
wp-emoji-release.min.js
shfo40.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://shfo40.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
143.198.193.121 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1197658.cloudwaysapps.com
Software
nginx /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:31 GMT
content-encoding
gzip
last-modified
Mon, 15 Jan 2024 05:14:20 GMT
server
nginx
etag
W/"65a4bf2c-4904"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
collect
www.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-W178DSWYMY&gtm=45je43d0v9176079780za200&_p=1710572071722&gcd=13l3l3l3l1&npa=0&dma=0&cid=645619822.1710572072&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710572072&sct=1&seg=0&dl=https%3A%2F%2Fshfo40.com%2F&dt=%EC%98%A4info%20-%20%EA%B8%88%EC%9C%B5%2C%20%EC%A0%95%EB%B6%80%EC%A7%80%EC%9B%90%2C%20%EC%83%9D%ED%99%9C%EC%A0%95%EB%B3%B4&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W178DSWYMY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shfo40.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/
405 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3905463604209250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06273225802809c5c47bf182073746482465fda819537a3b4a1a7d67839074a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140967
x-xss-protection
0
server
cafe
etag
661652182071464200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:54:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F6E7
659 KB
134 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&adk=1812271804&adf=3025194257&lmt=1710572072&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Fshfo40.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072655&bpp=25&bdt=1013&idt=89&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1069886643591&frm=20&pv=2&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=111
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
1ba63e575ffbcec703b1631a9c2e7ec94a59e41513b0ea9ae156e9661b1e0488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
137152
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:33 GMT
expires
Sat, 16 Mar 2024 06:54:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6F58
105 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
a65bdb5d5aabde0ed69a39955b77b134b859c8fbee4f0cffa536f0f168860787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
30083
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:33 GMT
expires
Sat, 16 Mar 2024 06:54:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6F58
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 06:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 05:35:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 06:54:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 6F58
2 KB
856 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 6F58
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 6F58
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 6F58
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6F58
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1444
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame 6F58
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 22:04:52 GMT
8703076720532270682
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6F58
3 MB
3 MB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8703076720532270682
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
e3174ee174dcc3e6b86d177764176633605f578388c5e39f6551a64684263f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 16:06:35 GMT
date
Fri, 15 Mar 2024 16:06:35 GMT
x-content-type-options
nosniff
age
53279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2852741
x-xss-protection
0
last-modified
Tue, 09 Jan 2024 08:02:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
16673368006312664569
tpc.googlesyndication.com/simgad/ Frame 6F58
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCYkt2wrwEQsAkYsAkyCLlwzHn5sXus
  • https://tpc.googlesyndication.com/simgad/16673368006312664569
44 KB
44 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16673368006312664569
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=2109194325&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=728&fwrn=4&fwrnh=100&lmt=1710572072&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572072680&bpp=2&bdt=1039&idt=94&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=97
Protocol
H2
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
a1e378d105ff2a8f2a33a4d576a2f9a61f69c870de0e086c7d9f29a8ec55b02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 16:06:35 GMT
date
Fri, 15 Mar 2024 16:06:35 GMT
x-content-type-options
nosniff
age
53279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45337
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 09:20:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Fri, 15 Mar 2024 07:51:35 GMT
x-content-type-options
nosniff
server
cafe
age
82979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/16673368006312664569
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 14 Apr 2024 07:51:35 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/
166 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aa0b43e7042bbe1531a03ddf8a3756c7d46b749de0149ab0485bf1f4c4ce99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57254
x-xss-protection
0
server
cafe
etag
979232730578256507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:54:33 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AB20
130 KB
44 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
3e74ee67e00a02f0f88ef3d34c8f3c9d96c627dbec1c49cc0a45cd30bf37e7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
expires
Sat, 16 Mar 2024 06:54:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A506
104 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
7939a381bf80b502fb288f508f09510a4fea2452605c664c7f3374f40394f171
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
30441
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
expires
Sat, 16 Mar 2024 06:54:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 95E4
843 B
426 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1208920853&pi=t.aa~a.1109992472~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=0&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280%2C728x280&nras=5&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=33
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c74835e24d130e2b89f3a7e0fb541b80d4f836c072f55ed2ac2fa799f10333c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
expires
Sat, 16 Mar 2024 06:54:34 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&hl=ko&pvc=3100344024596999
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 8359
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
39124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 20:02:30 GMT
etag
5035419970550746386
expires
Fri, 29 Mar 2024 20:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame D82F
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
39124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 20:02:30 GMT
etag
5035419970550746386
expires
Fri, 29 Mar 2024 20:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame C3FF
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
39124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 20:02:30 GMT
etag
5035419970550746386
expires
Fri, 29 Mar 2024 20:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/ Frame 4F05
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
39124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 20:02:30 GMT
etag
5035419970550746386
expires
Fri, 29 Mar 2024 20:02:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 83B2
2 KB
662 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
2c162014c40274a84cbce7373aca4aadecd99078a3d274668e812e3244a8da01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 06:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 05:01:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 06:54:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 83B2
2 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 83B2
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
4942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 83B2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 83B2
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 83B2
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame 83B2
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 22:04:52 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame 8359
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:22:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
5524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6460
x-xss-protection
0
server
cafe
etag
5807243554008179978
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:22:30 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8359
205 B
295 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 11:49:22 GMT
x-content-type-options
nosniff
age
241512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 13 Mar 2025 11:49:22 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8359
604 B
919 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 08:45:02 GMT
x-content-type-options
nosniff
age
79772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 15 Mar 2025 08:45:02 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame 8359
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:45:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
29355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
server
cafe
etag
3566326672948847535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 22:45:19 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D03B
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
expires
Sat, 16 Mar 2024 06:54:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 6A1A
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 18:51:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame 6A1A
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 11:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
68468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 11:53:26 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 6A1A
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 03:30:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6A1A
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 02:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
102767
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 02:21:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 6A1A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 6A1A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6A1A
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A1A
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANSPe1Wu2Sra-SMPtGtkgol1HtllzpaNumAmhvpnyvmI7AF4hjBSGhLMuHeJUTalN04UOkIdQRSy34YBB-0lCnwhESCQyugBf6qPk848CMEha_fA8
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5E05
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame ACD5
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 18:51:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame ACD5
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 11:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
68468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 11:53:26 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame ACD5
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 03:30:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame ACD5
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 02:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
102768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 02:21:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame ACD5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4939
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame ACD5
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ACD5
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ACD5
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B0KoWyqeWf9U0qkye7kMqHGz-Yfh4dGsoKIn5RP4D3mw2PKNIcDSyHujAkQnDRSd008Qxo6-Ii6Bh_xCRmPFHTOAFKIY6E-ifXeHclUGXAhrh11ws
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 93D0
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame CDAE
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f148.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:51:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 18:51:10 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame CDAE
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 11:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
68468
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 11:53:26 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame CDAE
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 03:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
12245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 03:30:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CDAE
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 02:21:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
102768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 02:21:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame CDAE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame CDAE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f132.1e100.net
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 05:32:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
4944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Mar 2024 05:32:10 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CDAE
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CDAE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Drypy6c2Ap6G9JUobF0bLQwghAw3DPgP5cfmjCtM1Q-PafhJFXeYkF8ongBtn1q13rpE30btb3D99a83RmPXB8Qgm11AegjOTx9GunQS_1Ug74EOw
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D03B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
43 B
564 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nq91bTA0Kl%2Fi8OAQO97RbTyKcw3R4qyPhwxOKRPUOnIBELpGOV0fv9SVyN8%2FyIJsoHQsqgEniN%2Fa8iDgzHXuLMlSpzGOxs1zaVpauCUeStW5VQfpAkU7IDXlh9W7fGdfW%2F5tfR9%2B9K%2B6lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52cbc2e5f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PU55AjyUrnbIzQoBdVqdzqZrzQuj2X9q%2Fw7q76vQbK9JjxwGk2nzbwr7Bwdt8NIl9iifku7c2q0SwwMj5Y63Vn26e7wHTxXPWrIroiJuOpAhlTaYRESM%2FP52XGr8TaYHgQ4vIoc%2F4H4KFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
cache-control
no-cache
cf-ray
8652d52a39375f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame D03B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bysT%2BjBzgdq1UZf9rebOSqGD%2FhSDaD%2FMup2DbnfStLAoxHspltshITCX%2FMnGIRhqvsMaHBgIYF5NVqzEBDCynnk6wGNRh0Ma3vMbmSZIhs3%2FBqRlQGvnmllatA3NRIHIHejlJ0vDLYTSnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52f4806600f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame D03B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
an-x-request-uuid
6066aadb-fa27-4e08-ac27-75d4a15dc64f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
d03c4ed5-dd8a-4750-aa39-a414f21f928e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D03B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNVw9mbWiYQSl52EsIddadpTibpkKW8NaA3BqmkTxqYhzp4kEGVJxaajh1dN9ayyTTCL48EsDuNK3B--hfcDeFAHewoUJA
Protocol
H2
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
162b656e-258e-403c-8100-8f2280704ac9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5E05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
43 B
524 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1kcGWPXOWD4t08BeJ%2BbCJSajUmtLo12DNhc%2BJ1d%2BnJP2tTWGBEDNOInjrKrGbxl0zsdXsUjr4TAkAQNLMbbHrjF0elfpTuno0K1Ep9HtUJ%2B6vnTfiCSokxy86zIQvR4a2%2BDQXLNKs057g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52cbc2f5f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5gKPNRXxLzf2X91D%2B0S65KIBVsmny5GcGAOL%2Bjk3lt1HPA5WGPAuXEogvrqRcLWvBQmNaDzcl%2B9ScLP22Aq1XKfoNoj%2BpRvxaR65NjCdB8HnDbDPB42t3U7a2K5VKoMyCr%2BI%2FLxdy6tnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
cache-control
no-cache
cf-ray
8652d52a39415f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5E05
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
43 B
770 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTChEUR6MY1GSso5XpHuIeN4%2FmJprQP8wnEp1iQPkrJvUbpKXpStSq2NeshBDD9qXQSTI5NJ9CW6WOxUntCrUk03cco7a%2FjcErBeqdt52Y0MGza3Cr%2Fe3AROzp%2F8gB1stR7YmFz36qy4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52f4802600f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5E05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
0a17f89b-5779-42ff-a78a-a6e4cbe9c36e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
d6428998-6b55-432b-be44-037a789288cc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E05
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGOr-oYYCMAE&v=APEucNWgCejkeseYju9Xke69aTTeWVEJpqRMRHlBsRCxzQWuBY_4AZRL107xHHatw-lpMOPqUo0sbxc4PDbF62HC5NLMe367Jg
Protocol
H2
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
5913d835-b437-48fa-8464-4fd82a1208c3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg0Njg3Nzk4OTcwNjAyOTE0Ng%3D%3D
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 93D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
43 B
330 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MRWlAjQcny4pKqWpNzsjig%2BvGq%2BD9sNJ584VONIB5dQ6qtNZTdw7Ld%2BOdZ9vLFsvrknw8pPQCCk0xF%2Fdwpo6ISG7F0nm38VAMupD0jzWvXzqswt%2FGqlSH8KKqCOUiptmTdfiXRqO13x6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52cbc2d5f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxXhDQUVLV1bSnjP%2BCmRdKzWmsy1ogYVGf42u0S7eLqQBvyaPxSGPV4EElYoRndF1Gc47vEpoVbowGGEuh6fHo3F0uWnhMtksNo6HM4%2BjPSkMR1uXnXwKYTFgVS0%2FGCTCK3hpcS7SaEV0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEIWD71deYi2vWLZLwUupM0A&google_cver=1&C=1
cache-control
no-cache
cf-ray
8652d52a393d5f87-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 93D0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfVCKosFVtAAAG4xAPJjgwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
43 B
742 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTmxwaReN%2BzjTFLaPxOVjHC48LYAEFMAK6l4QNlGUBgq3QkOFB9gfQXyl%2Bmnp3qG%2FFpTWxZSWJmIxM18VByI7%2BUjINI73QExoPCuPwUKRDahL%2FoZ%2BUZKqUAGBH3vOLs7pxQZCDdRFlaP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8652d52f4ffe600f-SIN
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyyUEAqqG-s20ra1GM3Bwc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 93D0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESED1BOx_t222O2Ki_cGxGhuQ&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Protocol
H2
Server
103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
f053df07-a66d-433b-8daa-dae8db569141
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
fcaef007-896f-4460-bbb6-3111aacf8486
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED1BOx_t222O2Ki_cGxGhuQ%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 93D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY0NDAyMTMxOTg1OTY2OTc1NA%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY0NDAyMTMxOTg1OTY2OTc1NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGJ_-oYYCMAE&v=APEucNUwZq61NdkIOeUkWIY9_sXom-PX7jYymYyCLgc7nu0n5iQ9rTQFAvOXXm4Jnc_zzCJixGOw24NUVyNR4mmOP8GuuPuBaQ
Protocol
H2
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
an-x-request-uuid
5cdc2d9f-7242-46aa-9a42-b9a9475de026
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY0NDAyMTMxOTg1OTY2OTc1NA%3D%3D
x-proxy-origin
116.86.254.31; 116.86.254.31; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 6F58
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80482e55cd279dac92cd31b8453fc630b1ecda43f8c69a9ed4e80c3f099edc8a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CDAE
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07cfbbf05cafe8d12e064114e0c4e6729457b7ea8d9c29f51a3929583b0f33e7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame AB20
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 06:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 05:14:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 06:54:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AB20
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:54:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43204
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 18:54:30 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame AB20
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 17:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
48678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 17:23:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AB20
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 17:17:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
49004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 17:17:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame AB20
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
45840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 18:10:34 GMT
l
www.google.com/ads/measurement/ Frame AB20
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdL_lR2YPEb2eMqqsjhfiLicz-dgmzvjEr9FVVJLRLWpy0Sghb6gHWHpzh6t1H2YQywK3mxXEQBLdMVwZYEjjjaTzPiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AB20
208 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64315
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Mar 2024 07:30:29 GMT
fae6ba9c9cb9ec876bbde5988f04c6f7.js
www.gstatic.com/mysidia/ Frame AB20
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 22:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15132
x-xss-protection
0
last-modified
Thu, 07 Mar 2024 03:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 11 Jun 2024 22:04:52 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0E45
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
216301
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 18:49:33 GMT
expires
Thu, 13 Mar 2025 18:49:33 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/13144085799232678553/ Frame AB20
11 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13144085799232678553/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca7ae46e91defe979364cd37dd34d4ee8ad41e02100c264fab453f44c0cbc47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 10:45:55 GMT
date
Fri, 15 Mar 2024 10:45:55 GMT
x-content-type-options
nosniff
age
72519
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10886
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 00:57:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 85F4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
11782
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 03:38:12 GMT
etag
48472445140208031
expires
Sun, 17 Mar 2024 03:38:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame EDDF
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
truncated
/ Frame AB20
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8299dd1578e96ca4d01ecda5c785a07c4c2c5e9d5a4c9a3d2b04a536c99feb0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame 0E45
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEI_y2L47N7cJ5IWkmMGgXl8&google_cver=1&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqyGyxoPWiB60Ug1hC...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqy...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqyGyxoPWiB60Ug1hCFwB4N7QFA0uM5mCYQs-s1e_HkEOvIZT_n2X3T6B6V7oGu62yGP_-ScIw
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Mar 2024 06:54:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTxMmJ-Gv6IfD0S4a9dwsrDMbo18gBKvgFKcQUyqT4cJvuITsVijx3thMMfSqb3gyjUj4DKekZKOVXQTqyGyxoPWiB60Ug1hCFwB4N7QFA0uM5mCYQs-s1e_HkEOvIZT_n2X3T6B6V7oGu62yGP_-ScIw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 15 Mar 2024 06:54:35 GMT
pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEG0JgKQE_mlKycOejRS0DH8&google_cver=1&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BL...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BLA9bDsM-afgs6aWwWbDHX6waAVPDhz0BqD-RA5FsstQAyNuZPN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BLA9bDsM-afgs6aWwWbDHX6waAVPDhz0BqD-RA5FsstQAyNuZPNCX7Q2WszQfetoJw9_XViYhfkOkDrjA&google_hm=2m_6IEG8SRON15RE4aetER8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmRP_6X50d3edWR73ktMs3abjgJ1n0cX6C9_SchWYYtopfJo8GbZzos12tcuc1e7khjOjaHt1BLA9bDsM-afgs6aWwWbDHX6waAVPDhz0BqD-RA5FsstQAyNuZPNCX7Q2WszQfetoJw9_XViYhfkOkDrjA&google_hm=2m_6IEG8SRON15RE4aetER8
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEGFE3u-lVNufdctZds6CpCw&google_cver=1&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniI...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniIXc4RkUSq-eeQcP1jauhTo_nWrx_qZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniIXc4RkUSq-eeQcP1jauhTo_nWrx_qZpVnxUftfja6a72xMitlGuE5Q&google_hm=NTlLNnNaMDFDQkRETDAwN1VrWDI
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sat, 16 Mar 2024 06:54:35 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmRytCZ1ME_1InQIEgID9fon-JDrjdOJ8Di4IiSL5Bx9FYPyGY5BqY4H0_lfD3-hwC-b8dkbvudww5Pw7lhnfFvyE3MIwwsbSRniIXc4RkUSq-eeQcP1jauhTo_nWrx_qZpVnxUftfja6a72xMitlGuE5Q&google_hm=NTlLNnNaMDFDQkRETDAwN1VrWDI
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUm...
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUm...
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&googl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUmOP386BzcJ5LYkXbayZTOYGh7zKpXam8fubmAmbl2DY7nOGFDuqlcg6u-8U8zuNKlj9d_xerP311QTAUzobmGfi79WQ&tc=1
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEHTFW5T5SlMSdvAsfcWY1JA&google_cver=1&google_push=AXcoOmRSXDa-inqwXxBpUtsonYvx2dPWSyKdl8GAT7iygJ9OowPtxLwHrqBTZZr_8lUmOP386BzcJ5LYkXbayZTOYGh7zKpXam8fubmAmbl2DY7nOGFDuqlcg6u-8U8zuNKlj9d_xerP311QTAUzobmGfi79WQ&tc=1
pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT, Sat, 16 Mar 2024 06:54:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIYesyHOhKErYmFpg-5KnFE&google_cver=1&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNy...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNyJeN4ZBIUodTVDP_4ldxo-MwbsoQMBo4Syj0o_D...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNyJeN4ZBIUodTVDP_4ldxo-MwbsoQMBo4Syj0o_DEOUTsHjg1EwjBrz5VDJWaE2pQ&google_hm=eS1SN2tXUHUxRTJwSF9yY2JpUmJWTlBnQ1NrR0JySHBOdH5B
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Mar 2024 06:54:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR-CIdRihnlYTGsrbMUJ6RQPlFTnd-0xdzwIgEuDxnWKF2hn-Ssz5CwCgsTgfmto931GR8rt60VMLRTygG8muA2vNyJeN4ZBIUodTVDP_4ldxo-MwbsoQMBo4Syj0o_DEOUTsHjg1EwjBrz5VDJWaE2pQ&google_hm=eS1SN2tXUHUxRTJwSF9yY2JpUmJWTlBnQ1NrR0JySHBOdH5B
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 85F4
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESELUr8-J4fP-E-7PxfxTGE9w?ext-param=AXcoOmS_9ZQvN77PEddXa5vkbPZF51cK5UZ-Mm-9__1LwxZEZmiCG0MWa8IP8pQ5JRUUiBt546QtVgRWRB1qJcWqzG7uhMsEPwjKxDzFPfaDzSjrmCI71cOAZWBC...
  • https://yandex.ru/an/mapuid/google/CAESELUr8-J4fP-E-7PxfxTGE9w?redir-setuniq=1&ext-param=AXcoOmS_9ZQvN77PEddXa5vkbPZF51cK5UZ-Mm-9__1LwxZEZmiCG0MWa8IP8pQ5JRUUiBt546QtVgRWRB1qJcWqzG7uhMsEPwjKxDzFPfaD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELUr8-J4fP-E-7PxfxTGE9w&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-security-policy-report-only
default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs-partner-ro&project=yabs&yandex_login=&platform
content-type
image/gif
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 01 Mar 2025 06:54:38 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 85F4
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK_0MpGd0GG-...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=YmYxY2Y1ODgtYThmNi00YmFlLTgxMjAtNjY1M2FhZjY3M2Mz&google_push=AXcoOmSkOQE_2d4zJbCjGaFEmxD1BvijxbkssR9DeAprTOeZGbrSffTHCJCOyWcEtdVUL...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Server
23.199.246.27 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-246-27.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 16 Mar 2024 06:54:36 GMT
pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 85F4
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSIUEea9r9I_zUWhYUwyCdjl3TlRrmd-oLLNheI5NrZfJbFbk8LoyHK0VQ5LVjCFqybIvSr2E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame A506
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 17:23:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
48678
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8954
x-xss-protection
0
server
cafe
etag
11417926956348271285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 17:23:16 GMT
css
fonts.googleapis.com/ Frame A506
9 KB
773 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Mar 2024 06:54:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 05:23:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Mar 2024 06:54:34 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame A506
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:49:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209085
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2939
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 10:39:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:49:50 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/ Frame A506
375 KB
130 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 20:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132877
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 10:39:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 20:42:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame A506
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 18:10:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
45840
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8219
x-xss-protection
0
server
cafe
etag
17239101513064691842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Mar 2024 18:10:34 GMT
l
www.google.com/ads/measurement/ Frame A506
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwd7J9Z8pYJN8h8K2M-a9YRqItcGppgteuQ87fg8KsNthnyXqQaotf4vkEWWg_ttBcsHRJSlbIOWzoHKgLNiMqjDcJWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f99.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E45
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTMwaKUL1ZbLvCq2q9fwPlvCT-AIAAAAAOAHgBAI&bg=!OjmlOXbNAAb_2pXa39o7ADQBe5WfOMUQfpmnfU0TB_c8EIldvp96X80zqjlsumzCYtZzyh0KneIHfHxtl77dtXU9CRIRAgAAAHdSAAAABWgBB5kDCT9ev4xxn1TO4yVnyxsQfUdT-apNZ8DVeaIl-yZ_UCJnzKKJanRFH-EZ8P0wWYIRHyuviMNeZAjGScz3T5ud9XvZaANv2G6mhsVwi-dCWtiuetX8YX2nM6RQz1QASMkXsV76qkH5z5XJQMAGirltYmPpvagWtIIMIL8fWlNAsGUFXRbvrTGAkc8p2p2nLh4q69WxXXfNSS03IBzbkoohN_lmZIBTwxN_PkfMc3au-EDowwDnUinPbPZg_XEJjP6lBD5HcfuptVBSzPqSGSdpgpUO8M67ZJXZhtGsUU-eT0l9DaBjZbYOBrFRLOJ9C_QZes6xALmrGzTyAxKNpP9KdILbML6BIgcsB5ttXdhZsX6kZA9BZYdC4QXvHrsPgh0JmXewYt0BwK9asBellVt_tEXsHneUL9aZ-ibhymY_Pf6WxRkNe98vZYnyy_ymvxQpMo1pV3qmkdmeJ2lop2l-2Rhcf6PQC4PSsN3LxPt-EqPu_ms_pQ2r3yvXovhm_TobLoWhj3aS4jtXL4Ul2GqYr1WuBfVSl9WJZyeP3T2TswFVbW3vxsRzKylrZy4nhkEIaRzKZ1E2J9vIzJItzdcRAmALDktyyPyxAMIAT1fDqZ2N5EbUqlYopmyRRowRDPl83F25OtZ7U6_r_p57NdKFzMj-njwh0cGzFtfQjo8XHQJGzTy8te71SgmGzzJj1E0TdMg50VhIrQEULkT3BBnk962qhfeUO8nJu4VC_9kSuKWtACqnA2ZHKjPhDuX2NvIIGmz8v4RToJu7VbBidD80Y0kWQcBfE5_ka4wnE98lYTPvvGi7LSztATwWNx_DXB-R7uWSrNiX7SJF0duC-D7CVzyyaf3l0VLHDK5TOObmx8aDKCi8Kuz9x607As32SnAYFeRc3YACS7HWBxOVPvarIwwQmPaWtGt1Fl52H4m2iVFsYeugMZ5LZvucc3_10skJD-dOhX6ez-msRd8p5SIThScBab2LjBHvT6GvULzi2V2wO61zeO4jRuV6kf9TsBxBmfD2CM5SJ6K9YA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/1753812622647397306/ Frame 9C46
7 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca496e7b86b42c661c36378abcfabadd9cec2cf2e04e2d3aafe8ca800bc0ce07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
90810
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2621
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 05:41:05 GMT
expires
Sat, 15 Mar 2025 05:41:05 GMT
last-modified
Wed, 31 Jan 2024 20:16:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 6A1A
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst9DFHy2_Kyz8k1fi1cO1ZgdY30odzkc3zkA2dVXBwrr_CzWDys3MKNEAPmnSMMtrORS7fTmAPsNgMTLJpR2FFzn49-HtXgn_IjAOMP5Ut96R5D0pfK2ziZEJm5E8KC_aITQGvG7Ql-7nir4L6rEybwqnaDvFsrkJrxC-VU5q7Nr4wvXNkazyxvbMaz4pS_07iZeOgMLTJVnPgGpCGpFH82aWfilgoMzfvpBnoaigCfN_WEtL9Q0CTOdaxDI4JczV1V4RKgBLeRPpNzk4CIZR6ouYSdEDuP19VDyMa3MkZqFt1kfeXM8BrP2AqcZ4FqXAFIaTvMtNKsC-IDy1E-8EFpBbBNQiHNGJUIMhI-R79iPm9u0QDohpHzYymyxwzYocGDCmqFWUQ8b6DTRw4DzrM3c9t6Usm78XEx9cQpZYzhsD0x3YggI_27Arb5Bbd76h4X_ksGQ1tcydwlGcWedpQrEANVJyz7QXzsoQJ51GolH8hfoY9MG6xweXcbbJb2AhT7uS9kdERJouiUaWounIwFwcOJQ1Tr95oJhexjaNwauTMgDqEFmKhISDDodbI1byzVXf21cbDIRd2kZM8BS4FIDHicmvl8AzT68hESJElhsyg6j9rQbMlLs9jhPIT6WF9k8Cy2LMpzRCIwlLk7LUfGHjp8gAmZTvPqqJp1-zIHN4Vv2faY-aOAQ92fiabO-cQFC1f9ehdxuLQnjNNjmHKViBd8bI2X6dphsAZnUfP2gwTmXIx4LBd7Ww5X7eV6G-VC3uhc560p7Wo-6tlkbKEdBqFM2LozGRMJ8iEY-B6XKnU3HR1zHnz2GWA-JRPnuerZJehdlhqjhHhIDj01cwltjw1xTA8y0lRNmTAZKGitw8BXKiluBOlTFsycm17ERTdxjkXvS-lgJ09I-3rqMZVyN4YNhjE4qZmqusvk7ghx2IxeKVF9YrolESCnDb-cpoSxn2uB1VhoEvrW57BYPveA6TDjCRIpcKMFAXgAmfYGUkBo37_qlR-sP_oJhc-LzgAxTj3dzE_3MPmgXEV_O-d6WFGZTNVBnKUrkEmdUu66FDyolA8xAMiQv1-kRvTtpyEP_Ce0qSKzl4lt6SFi1dLXYf0MRyTBp4LdDzEXe6FSBciOeFOZnR-El8y8v2SebqNIsCX64LsYYbF7JcJlpjZY8D3Trhh-wtUQiY65YaRtDTQ_fCbIPashu15jE9-GojIL3JJmt5epSzveMutz3reScaTa8JU3dIiFe2plK0279yTIEXTnw6fuvjy5PJcWhMSM6cUD_zK9bfqj1UxfFUq3ZJ__fri6U5-A5Js34Q3Kkma6kArqUow7&sai=AMfl-YTE5QYKpRqe3d8_dF3jNcMp0-Cm50D_rWd2GN-tJR1aQFe4a2MxCPtvpgH4RbmPUEeDEYhtlmBryct6Aov_iheGE9HN-mKgV73-x1Vr_-X3YhvD5b9QCJP1y2Geyg1Yp31W_jAvAOU44Y0MmGmyZUr6JI7F3dhsPDAYY5rynkkfkMfIa6UXD2wN6MTRmLpeqnRIYf6NE73Cb8AfEN9yzau6t5WaWc7uvwAiWW7kMEe8XIWPnhfuTPFuU6T0z4Dmkf5z9NRREK1k2Jp0pRdBmzfyezfxz_XkseImpgdQHAL_XaXU5lZYQAEPOYMsimr9w9-DY1QvzZ8aIW9EmSRBqpmHQHBwnYDKhTH-zSZzT3I_2zik0ZE6KWS945UZBQtbohAVRoMqOAde-SVAPCEcSYO5zkwwXjYSZ5BdrHDcWjOooBhMp9XCBk2tOSQKn7_OBGP5J5uF7FdImVMDdafXDiuUI4wSsQq1jIRNqu-tDvjcbBRW14e5QBUqLnlrUlfjpYpIVzgoB7-X&sig=Cg0ArKJSzPb0hvnUn6sOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1148&cbvp=1&cstd=1145&cisv=r20240313.07851&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:54:36 GMT
beacon
tag.researchnow.com/t/ Frame 6A1A
42 B
434 B
Image
General
Full URL
https://tag.researchnow.com/t/beacon?pr=289307&adn=3&ca=31186951&si=3554638&pl=387197913&cr=210011739&did=ADID&ord=270079663&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-107.sin52.r.cloudfront.net
Software
Apache/2.4.58 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:20:48 GMT
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
Apache/2.4.58 ()
x-amz-cf-pop
SIN52-P1
age
2028
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
content-type
image/gif
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
42
x-amz-cf-id
i8XG_DWKgh0QgHT-028yr4qkn7LncoghmhbD5-GMgfjH3nqC3T_qCQ==
expires
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 9C46
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 06:54:35 GMT
index.js
s0.2mdn.net/sadbundle/1753812622647397306/ Frame 9C46
99 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/1753812622647397306/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de433ec68f891e9f2082e7a510569aa41a8a5609e5d157492c7cd37b2617e659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 15:59:57 GMT
date
Fri, 15 Mar 2024 15:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17718
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 20:16:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame 6A1A
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjst9DFHy2_Kyz8k1fi1cO1ZgdY30odzkc3zkA2dVXBwrr_CzWDys3MKNEAPmnSMMtrORS7fTmAPsNgMTLJpR2FFzn49-HtXgn_IjAOMP5Ut96R5D0pfK2ziZEJm5E8KC_aITQGvG7Ql-7nir4L6rEybwqnaDvFsrkJrxC-VU5q7Nr4wvXNkazyxvbMaz4pS_07iZeOgMLTJVnPgGpCGpFH82aWfilgoMzfvpBnoaigCfN_WEtL9Q0CTOdaxDI4JczV1V4RKgBLeRPpNzk4CIZR6ouYSdEDuP19VDyMa3MkZqFt1kfeXM8BrP2AqcZ4FqXAFIaTvMtNKsC-IDy1E-8EFpBbBNQiHNGJUIMhI-R79iPm9u0QDohpHzYymyxwzYocGDCmqFWUQ8b6DTRw4DzrM3c9t6Usm78XEx9cQpZYzhsD0x3YggI_27Arb5Bbd76h4X_ksGQ1tcydwlGcWedpQrEANVJyz7QXzsoQJ51GolH8hfoY9MG6xweXcbbJb2AhT7uS9kdERJouiUaWounIwFwcOJQ1Tr95oJhexjaNwauTMgDqEFmKhISDDodbI1byzVXf21cbDIRd2kZM8BS4FIDHicmvl8AzT68hESJElhsyg6j9rQbMlLs9jhPIT6WF9k8Cy2LMpzRCIwlLk7LUfGHjp8gAmZTvPqqJp1-zIHN4Vv2faY-aOAQ92fiabO-cQFC1f9ehdxuLQnjNNjmHKViBd8bI2X6dphsAZnUfP2gwTmXIx4LBd7Ww5X7eV6G-VC3uhc560p7Wo-6tlkbKEdBqFM2LozGRMJ8iEY-B6XKnU3HR1zHnz2GWA-JRPnuerZJehdlhqjhHhIDj01cwltjw1xTA8y0lRNmTAZKGitw8BXKiluBOlTFsycm17ERTdxjkXvS-lgJ09I-3rqMZVyN4YNhjE4qZmqusvk7ghx2IxeKVF9YrolESCnDb-cpoSxn2uB1VhoEvrW57BYPveA6TDjCRIpcKMFAXgAmfYGUkBo37_qlR-sP_oJhc-LzgAxTj3dzE_3MPmgXEV_O-d6WFGZTNVBnKUrkEmdUu66FDyolA8xAMiQv1-kRvTtpyEP_Ce0qSKzl4lt6SFi1dLXYf0MRyTBp4LdDzEXe6FSBciOeFOZnR-El8y8v2SebqNIsCX64LsYYbF7JcJlpjZY8D3Trhh-wtUQiY65YaRtDTQ_fCbIPashu15jE9-GojIL3JJmt5epSzveMutz3reScaTa8JU3dIiFe2plK0279yTIEXTnw6fuvjy5PJcWhMSM6cUD_zK9bfqj1UxfFUq3ZJ__fri6U5-A5Js34Q3Kkma6kArqUow7&sai=AMfl-YTE5QYKpRqe3d8_dF3jNcMp0-Cm50D_rWd2GN-tJR1aQFe4a2MxCPtvpgH4RbmPUEeDEYhtlmBryct6Aov_iheGE9HN-mKgV73-x1Vr_-X3YhvD5b9QCJP1y2Geyg1Yp31W_jAvAOU44Y0MmGmyZUr6JI7F3dhsPDAYY5rynkkfkMfIa6UXD2wN6MTRmLpeqnRIYf6NE73Cb8AfEN9yzau6t5WaWc7uvwAiWW7kMEe8XIWPnhfuTPFuU6T0z4Dmkf5z9NRREK1k2Jp0pRdBmzfyezfxz_XkseImpgdQHAL_XaXU5lZYQAEPOYMsimr9w9-DY1QvzZ8aIW9EmSRBqpmHQHBwnYDKhTH-zSZzT3I_2zik0ZE6KWS945UZBQtbohAVRoMqOAde-SVAPCEcSYO5zkwwXjYSZ5BdrHDcWjOooBhMp9XCBk2tOSQKn7_OBGP5J5uF7FdImVMDdafXDiuUI4wSsQq1jIRNqu-tDvjcbBRW14e5QBUqLnlrUlfjpYpIVzgoB7-X&sig=Cg0ArKJSzPb0hvnUn6sOEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1233&vt=11&dtpt=85&dett=3&cstd=1145&cisv=r20240313.07851&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Mar 2024 06:54:36 GMT
index.html
s0.2mdn.net/sadbundle/1753812622647397306/ Frame 150D
7 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca496e7b86b42c661c36378abcfabadd9cec2cf2e04e2d3aafe8ca800bc0ce07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
90810
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2621
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 05:41:05 GMT
expires
Sat, 15 Mar 2025 05:41:05 GMT
last-modified
Wed, 31 Jan 2024 20:16:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame ACD5
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuMw2RHEVL2HsnmOAQ0IYkdiXL-U3klK1FMj7Rtb-iA2mHzE7YeCytCLJeE0ORzBbwXRBo-3tWwQTnQfcMXd88wl7Qy0rE4YJd5rkBS8KRhpvFHnUYSXxHO0TqbHdfCo_j2fRjgjzsJBT-p_tVJZ0XrgUBaA23dTdGT0lacJaOJ-DkZxSPuLZtfG0zrAsVRAoh4BVrpaCzr2XMetlMPQJB6n4vvDgqE826JVug_XB52EZ4MFLOME5DSyivdYoCJv2PmlleZkAhbFXloj4Qo1ZePH_N1BbuXOhQFyFUh7clSuhUg0-RyRRsla0Tur8DAV5jwD_Um39wE3qFXsGYDoUefZN3ZfpugGQD-D6FnaiLlzLihZ1Ee9ZlX2reZdjn_lQ5z_f_Up8MuL4HtOA0qP1Mie3U1ELaEuIeAAC5Tq-N2Cogg0GvsnaeqQEPQUXp7-xXKXEZe7cl6Pr4DkRG7AOYqrPwbtdtxNHMzSdQG1Teo5i2mYCttME0QB_d9d-y_g7Fpn5MHD2EKWup-ybRkr41L-hJ6eAWykymbWohnIWp9k_UuC_jkJdYpeg6rh0UwDvGKxFWx4vNEaNqKH8FdunHK2nnMytHVoKJVxNplEJNHOD5Le2U2gBzMaKjAJ2YXFupRmVavcWZ6O_2yCNNnae548p6dhz1VnHe1rSZTlsh4tLUEengCbUY64UejVkCFQyacMAIGtuqTrEvQI7ZmqbaJyhM0nIsY0U8tjo12iCrJR-sgpuvG8ca8IWSzSCOVjpQQJ4FQepGwCyYeqeYSpuojRA4eDYYh0m-s7jqyC-Wo2qH3rgjcnetkcsNEnVPFvPZO619_iBaQy1VojxpafUZaIco_wPVPOsB9nDV82mM-Rb-UPYvhkLLqY5CuAQiiIlK9d_gPJJ7ZueR96Mk7pSEYjI4d9J5UMmmFyCmr2futlW5m1HY7AMagl39W06hC3DEPHNQ2p6BmbPVcprjqjg_V6W2kKLxuyQc90FKPqmlurgDP49387Gp0gM3aRpmL6hBuo0uFF2ji0rqP80tssXVOzu9Sfl6cUiKSsCMVV4MirkiJnZgEJRT5MsVUsKNrk0zeEhIBk0-M4lIYQz5U_LDpbCmZvTkT0Y78tr9qezPVSOwmndnNsuwW4JBY6uMpycFwUW9hxy8kqEGSK9l6tbpEkKcSBQV7RSNO346YJM7wTlbgEA8LpLuTilua-nmBCwiwss1E-PggtzA3kx0q78vg-tg9fv23DyTf8peGHrXRCtrlLMJIg6IITJv9E6dcCr1nKN2N9J2B7fDBFizm0d0inI70_-tq6DXZh5IkYknCCL3waRpDgf2c&sai=AMfl-YTA1VXTBLv_oUcjrclj89eKTBsx7vwRUAwru38jM38YqeCJwj9ISKFx8vL6HCCZsp6Zo2KEgZTeTPpWtd-KPMWu5Z6mgXd7jyyXF2w32z-ljTtZC5sb9QZAgpOuGlUyo9n3jNKQQZdjTQkmH0fL-Z94OVNxHSIa-gLFJX0N3ZAISe0hN2Z_iEYuZjsoakpIfHD-knUEDTpP1I2MYD_Fqlqf-23ghUjeIFqjPp-QowuIBIaz6GVRY5wU5mUCH7ujN5X6Zf1vhrq_-F4x7IrmmB5YjvsYf7f2zAr9d0mZbapzK_0h1JNh77GgX42vALmH62ZHoy17DuD5D5-3AntW3oEnM-Pk0Tj7yEP3CX3Yp3-9Gt9S_YAxBRCefvuiPMe9f5pDN_Gg_xED_W0AfBSGC4wEZ26exleC28SjrHw7AKDTpOzldFYVFJB2oDLb0lzIFwh0XAaFy6ph906r-Ds0jx0bXIxy1W6zVcVweR87kh9D0l9Xm3ttSbYcdAy_Qf5bxtmL9qtmSWzY&sig=Cg0ArKJSzJt5sZM5dBg4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1206&cbvp=1&cstd=1203&cisv=r20240313.03537&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:54:36 GMT
beacon
tag.researchnow.com/t/ Frame ACD5
42 B
434 B
Image
General
Full URL
https://tag.researchnow.com/t/beacon?pr=289307&adn=3&ca=31186951&si=3554638&pl=387197913&cr=210011739&did=ADID&ord=4037279476&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-107.sin52.r.cloudfront.net
Software
Apache/2.4.58 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:20:48 GMT
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
Apache/2.4.58 ()
x-amz-cf-pop
SIN52-P1
age
2028
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
content-type
image/gif
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
42
x-amz-cf-id
gYDHUbnAQBfZrKkkcxhQqiQWABIPGSK2Qc34BzdLpoz7C2puUQ0YPA==
expires
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 150D
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 06:54:35 GMT
index.js
s0.2mdn.net/sadbundle/1753812622647397306/ Frame 150D
99 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/1753812622647397306/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de433ec68f891e9f2082e7a510569aa41a8a5609e5d157492c7cd37b2617e659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1753812622647397306/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 15:59:57 GMT
date
Fri, 15 Mar 2024 15:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17718
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 20:16:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame ACD5
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuMw2RHEVL2HsnmOAQ0IYkdiXL-U3klK1FMj7Rtb-iA2mHzE7YeCytCLJeE0ORzBbwXRBo-3tWwQTnQfcMXd88wl7Qy0rE4YJd5rkBS8KRhpvFHnUYSXxHO0TqbHdfCo_j2fRjgjzsJBT-p_tVJZ0XrgUBaA23dTdGT0lacJaOJ-DkZxSPuLZtfG0zrAsVRAoh4BVrpaCzr2XMetlMPQJB6n4vvDgqE826JVug_XB52EZ4MFLOME5DSyivdYoCJv2PmlleZkAhbFXloj4Qo1ZePH_N1BbuXOhQFyFUh7clSuhUg0-RyRRsla0Tur8DAV5jwD_Um39wE3qFXsGYDoUefZN3ZfpugGQD-D6FnaiLlzLihZ1Ee9ZlX2reZdjn_lQ5z_f_Up8MuL4HtOA0qP1Mie3U1ELaEuIeAAC5Tq-N2Cogg0GvsnaeqQEPQUXp7-xXKXEZe7cl6Pr4DkRG7AOYqrPwbtdtxNHMzSdQG1Teo5i2mYCttME0QB_d9d-y_g7Fpn5MHD2EKWup-ybRkr41L-hJ6eAWykymbWohnIWp9k_UuC_jkJdYpeg6rh0UwDvGKxFWx4vNEaNqKH8FdunHK2nnMytHVoKJVxNplEJNHOD5Le2U2gBzMaKjAJ2YXFupRmVavcWZ6O_2yCNNnae548p6dhz1VnHe1rSZTlsh4tLUEengCbUY64UejVkCFQyacMAIGtuqTrEvQI7ZmqbaJyhM0nIsY0U8tjo12iCrJR-sgpuvG8ca8IWSzSCOVjpQQJ4FQepGwCyYeqeYSpuojRA4eDYYh0m-s7jqyC-Wo2qH3rgjcnetkcsNEnVPFvPZO619_iBaQy1VojxpafUZaIco_wPVPOsB9nDV82mM-Rb-UPYvhkLLqY5CuAQiiIlK9d_gPJJ7ZueR96Mk7pSEYjI4d9J5UMmmFyCmr2futlW5m1HY7AMagl39W06hC3DEPHNQ2p6BmbPVcprjqjg_V6W2kKLxuyQc90FKPqmlurgDP49387Gp0gM3aRpmL6hBuo0uFF2ji0rqP80tssXVOzu9Sfl6cUiKSsCMVV4MirkiJnZgEJRT5MsVUsKNrk0zeEhIBk0-M4lIYQz5U_LDpbCmZvTkT0Y78tr9qezPVSOwmndnNsuwW4JBY6uMpycFwUW9hxy8kqEGSK9l6tbpEkKcSBQV7RSNO346YJM7wTlbgEA8LpLuTilua-nmBCwiwss1E-PggtzA3kx0q78vg-tg9fv23DyTf8peGHrXRCtrlLMJIg6IITJv9E6dcCr1nKN2N9J2B7fDBFizm0d0inI70_-tq6DXZh5IkYknCCL3waRpDgf2c&sai=AMfl-YTA1VXTBLv_oUcjrclj89eKTBsx7vwRUAwru38jM38YqeCJwj9ISKFx8vL6HCCZsp6Zo2KEgZTeTPpWtd-KPMWu5Z6mgXd7jyyXF2w32z-ljTtZC5sb9QZAgpOuGlUyo9n3jNKQQZdjTQkmH0fL-Z94OVNxHSIa-gLFJX0N3ZAISe0hN2Z_iEYuZjsoakpIfHD-knUEDTpP1I2MYD_Fqlqf-23ghUjeIFqjPp-QowuIBIaz6GVRY5wU5mUCH7ujN5X6Zf1vhrq_-F4x7IrmmB5YjvsYf7f2zAr9d0mZbapzK_0h1JNh77GgX42vALmH62ZHoy17DuD5D5-3AntW3oEnM-Pk0Tj7yEP3CX3Yp3-9Gt9S_YAxBRCefvuiPMe9f5pDN_Gg_xED_W0AfBSGC4wEZ26exleC28SjrHw7AKDTpOzldFYVFJB2oDLb0lzIFwh0XAaFy6ph906r-Ds0jx0bXIxy1W6zVcVweR87kh9D0l9Xm3ttSbYcdAy_Qf5bxtmL9qtmSWzY&sig=Cg0ArKJSzJt5sZM5dBg4EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1288&vt=11&dtpt=82&dett=3&cstd=1203&cisv=r20240313.03537&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Mar 2024 06:54:36 GMT
index.html
s0.2mdn.net/sadbundle/10895860602260031589/ Frame 8E2E
7 KB
3 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0ce90794565798e8a5f48b5cf3ff3b4f5f9d46e35d6e00bdd91446b122b9b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35884
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2621
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 20:56:31 GMT
expires
Sat, 15 Mar 2025 20:56:31 GMT
last-modified
Wed, 31 Jan 2024 20:17:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame CDAE
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuhmWQEdzKIc5kWVo8kkkKangW0FsVYZ6s18ZR5TQR2Ngos6CBmSnwI74USSbrlnySKb_dB7z6btpYglRzPNOKbWmLMb8ApOZJ2d1uUj0mX_5ezoiqnF_3zba8OSJfE2i9ToYp9Lvt5Csi5hQOtj78CihWOEP1IxW_SVcIl-KqpjiE6pTY3Ruh6mH5mNBZkrgDt9Cd8N004DuDmJ9n44yvD_vh98RQa2qf-dJiqoKcKW92ELSXHkrzyOrXL8jC9QCkx7KPa7iiyifhv83djLEJ9hsIexSD1p4sbuNVYFUgTKSVFnMKQpnaABVz3O8jZOeFeAkc-0REcNvez6mdIMwXXP6BPz7xEl5KN2Ycm2lW7kDQoFrCVoJ3gs90Xsw_zzz0SWRnGq2bERvOMHEpGMgS01rg8EyupGaqIdK6EzxNxoNKkY7nwfHvPDf3QK6msemImQZy1X7chmFneHoOWeMBFaccIRoYBCPmWnnPi2GJ1ISryqAEaLUPSpNSzITXhQlBXQaRqm3MHF4sXzS1-XDXl_aSMb2fT6s3fwz_rKA5-_Cibda8Ygxk__SlTlUHFdQLsxtcNgVPuF99QZWxDMwn4NIizZq37si5SD_5z7EW4P0lan-vUuovdUyJOWz-42ZwxTW62bD6etFOFiTgq6z0DNQDZ4vJ-mRisPJQBBMoOmkwx7lFI5xP4JzOJhP5VEx3GmnW5jtKYiiflqvXwy-gYu-MKY60iGVXfbxK1EoOjM3Ac2EjqH4AaUKIQDLLnKC2R80TZw02G_8t-SI0AeeHB1Cv95yrEAHzPWRMn8cF_RYSRDwO8smm1yQT0DehUrwDC5FioDoVj8yWaYL_v6d8ZSWC53Bmb24NNIQ2ZbJKoDjvPtjF2VppVGWS5pH41xLJt3fCDzXzqrd4_7QvlVdPEUKGSIqWP4b9Sd_w4i4BAaWbcgV5W6gOXcp_EG2OUqDiM7GMcnQe-47wXdRQ5Ts2DcbBeC5nk0XOgYGzroq7tGhZk8rYVQhnFSqJFntL2MwPm6hjpiUxEPEI1GfEAFIlh5nO_8Codo8oaF4hxE9XxMg0_8J0Cw4KpzLnbiMnBzJ86ITUletsKhAXKao0VQ_kR1cfnsMJBSwrYZK0mmmgyz7ULTPuLn4FY-qOlZIfy4C2mNNqPD3zuf1HRfALVAOHIWGIxyizc_lDSGJ0g4W8q3A81N62sJhnkNpjS5kNJI7dSo30zOjYP694dB1AOmHIZdtiHHopBqWDvxq_U51-Kjn-1aye_6Q8ct1K_ubfqzqVdD8CNjih6LRKWNu7ROrTZ5Iffaipo1L7130T5WCB30ZlUCmVfufjNO83wRw&sai=AMfl-YQStxieqAwWYSYJBqeO7N9LyincEbuNHKtfCuiZWz6HWNvFSACav-9STJIXY6wLcJ-e2JUNRVmxHWnwJs5mPUuuYa3_VsUtMslAmPfrJClBhtgSNGxhjkXM2RPsg2-w5kNLz2PqWMqEa4B2ozfSX4mHBG9xfanR_uUAezC8qGiifvgUGvjq_gPdEX7uAPcS1PhMzvy9oPZFDWTuLG2L5kBftzbKwFtpOf3PxpuVwk3EgCkJkzrsF1md_FR98V1hfqSeB7Nr1TcRy9OAGjDZnuiHUYq4sYlEL75q2LjVQLgawLG70MWm8wjwSY2v2cKtVAjbtOLupn79Asy4_RZUzqpp-81rg5hl6oOU2fOturOPscbW3KPYsO8YZMFgtm-tzYDtSXEs3LfYqw62jJjenR0OIx0pz4xjPqz-O6GtKie6do0jh3wNCb3Y7pxmsIyT9v8_AE4p1lI_YUu8yZNSVyG5jS7cIZCUYjl1j9QO53bmICqgns7ho1qTi84zax4ayR5XQXLmZ83P&sig=Cg0ArKJSzBOnnpZJj4SqEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1245&cbvp=1&cstd=1243&cisv=r20240313.74442&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 16 Mar 2024 06:54:36 GMT
beacon
tag.researchnow.com/t/ Frame CDAE
42 B
434 B
Image
General
Full URL
https://tag.researchnow.com/t/beacon?pr=289307&adn=3&ca=31186951&si=3554638&pl=387197904&cr=209382016&did=ADID&ord=777247233&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240313/r20110914/zrt_lookup_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-107.sin52.r.cloudfront.net
Software
Apache/2.4.58 () / PHP/7.2.34
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:20:48 GMT
via
1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
server
Apache/2.4.58 ()
x-amz-cf-pop
SIN52-P1
age
2028
x-powered-by
PHP/7.2.34
x-cache
Hit from cloudfront
content-type
image/gif
p3p
CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
42
x-amz-cf-id
Ay-0XdBhd8BE2KCl7POSNlBXdzoDyY9yt8INTtp-oMuTOXVbPTgyFw==
expires
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8E2E
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 16 Mar 2024 06:54:35 GMT
index.js
s0.2mdn.net/sadbundle/10895860602260031589/ Frame 8E2E
79 KB
15 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/10895860602260031589/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c11::94 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
422d28f9adead09ecd10235f78f36d5b276eb37c7ddb87c41d6717c1d4ca1cea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10895860602260031589/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Sat, 15 Mar 2025 20:56:31 GMT
date
Fri, 15 Mar 2024 20:56:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35884
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14996
x-xss-protection
0
last-modified
Wed, 31 Jan 2024 20:17:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
ad.doubleclick.net/pcs/ Frame CDAE
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuhmWQEdzKIc5kWVo8kkkKangW0FsVYZ6s18ZR5TQR2Ngos6CBmSnwI74USSbrlnySKb_dB7z6btpYglRzPNOKbWmLMb8ApOZJ2d1uUj0mX_5ezoiqnF_3zba8OSJfE2i9ToYp9Lvt5Csi5hQOtj78CihWOEP1IxW_SVcIl-KqpjiE6pTY3Ruh6mH5mNBZkrgDt9Cd8N004DuDmJ9n44yvD_vh98RQa2qf-dJiqoKcKW92ELSXHkrzyOrXL8jC9QCkx7KPa7iiyifhv83djLEJ9hsIexSD1p4sbuNVYFUgTKSVFnMKQpnaABVz3O8jZOeFeAkc-0REcNvez6mdIMwXXP6BPz7xEl5KN2Ycm2lW7kDQoFrCVoJ3gs90Xsw_zzz0SWRnGq2bERvOMHEpGMgS01rg8EyupGaqIdK6EzxNxoNKkY7nwfHvPDf3QK6msemImQZy1X7chmFneHoOWeMBFaccIRoYBCPmWnnPi2GJ1ISryqAEaLUPSpNSzITXhQlBXQaRqm3MHF4sXzS1-XDXl_aSMb2fT6s3fwz_rKA5-_Cibda8Ygxk__SlTlUHFdQLsxtcNgVPuF99QZWxDMwn4NIizZq37si5SD_5z7EW4P0lan-vUuovdUyJOWz-42ZwxTW62bD6etFOFiTgq6z0DNQDZ4vJ-mRisPJQBBMoOmkwx7lFI5xP4JzOJhP5VEx3GmnW5jtKYiiflqvXwy-gYu-MKY60iGVXfbxK1EoOjM3Ac2EjqH4AaUKIQDLLnKC2R80TZw02G_8t-SI0AeeHB1Cv95yrEAHzPWRMn8cF_RYSRDwO8smm1yQT0DehUrwDC5FioDoVj8yWaYL_v6d8ZSWC53Bmb24NNIQ2ZbJKoDjvPtjF2VppVGWS5pH41xLJt3fCDzXzqrd4_7QvlVdPEUKGSIqWP4b9Sd_w4i4BAaWbcgV5W6gOXcp_EG2OUqDiM7GMcnQe-47wXdRQ5Ts2DcbBeC5nk0XOgYGzroq7tGhZk8rYVQhnFSqJFntL2MwPm6hjpiUxEPEI1GfEAFIlh5nO_8Codo8oaF4hxE9XxMg0_8J0Cw4KpzLnbiMnBzJ86ITUletsKhAXKao0VQ_kR1cfnsMJBSwrYZK0mmmgyz7ULTPuLn4FY-qOlZIfy4C2mNNqPD3zuf1HRfALVAOHIWGIxyizc_lDSGJ0g4W8q3A81N62sJhnkNpjS5kNJI7dSo30zOjYP694dB1AOmHIZdtiHHopBqWDvxq_U51-Kjn-1aye_6Q8ct1K_ubfqzqVdD8CNjih6LRKWNu7ROrTZ5Iffaipo1L7130T5WCB30ZlUCmVfufjNO83wRw&sai=AMfl-YQStxieqAwWYSYJBqeO7N9LyincEbuNHKtfCuiZWz6HWNvFSACav-9STJIXY6wLcJ-e2JUNRVmxHWnwJs5mPUuuYa3_VsUtMslAmPfrJClBhtgSNGxhjkXM2RPsg2-w5kNLz2PqWMqEa4B2ozfSX4mHBG9xfanR_uUAezC8qGiifvgUGvjq_gPdEX7uAPcS1PhMzvy9oPZFDWTuLG2L5kBftzbKwFtpOf3PxpuVwk3EgCkJkzrsF1md_FR98V1hfqSeB7Nr1TcRy9OAGjDZnuiHUYq4sYlEL75q2LjVQLgawLG70MWm8wjwSY2v2cKtVAjbtOLupn79Asy4_RZUzqpp-81rg5hl6oOU2fOturOPscbW3KPYsO8YZMFgtm-tzYDtSXEs3LfYqw62jJjenR0OIx0pz4xjPqz-O6GtKie6do0jh3wNCb3Y7pxmsIyT9v8_AE4p1lI_YUu8yZNSVyG5jS7cIZCUYjl1j9QO53bmICqgns7ho1qTi84zax4ayR5XQXLmZ83P&sig=Cg0ArKJSzBOnnpZJj4SqEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1296&vt=11&dtpt=51&dett=3&cstd=1243&cisv=r20240313.74442&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f148.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Mar 2024 06:54:36 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame AB20
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C_a39KUL1ZZqTPIq09fwPmsGZkAiKkIKzdu_WsvGnEtzZHhABIN3b56ABYL8FoAHqkvHhAcgBCakC1llPK6kVqT6oAwHIA8sEqgTIAU_QKz5qO4ybQKrON2RSIbCyWQHuwgG3Ac1I7D_TOYu...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf29c54fe8f1877c40000000000000000%22,%222%22:%220xf8f6d883a4e014920000000000000000%22,%223%22:%220x472882...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf29c54fe8f1877c40000000000000000%22,%222%22:%220xf8f6d883a4e014920000000000000000%22,%223%22:%220x472882d40d965f1d0000000000000000%22,%224%22:%220xce992b4cdcbeb4f40000000000000000%22,%225%22:%220xb0dc16f8312b043d0000000000000000%22},%22debug_key%22:%227305062994581305021%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229263008943627700849%22}&andc=true
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H3
Server
142.251.10.154 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xf29c54fe8f1877c40000000000000000","2":"0xf8f6d883a4e014920000000000000000","3":"0x472882d40d965f1d0000000000000000","4":"0xce992b4cdcbeb4f40000000000000000","5":"0xb0dc16f8312b043d0000000000000000"},"debug_key":"7305062994581305021","debug_reporting":true,"destination":"https://sterra.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["473713002"],"22":["true"],"4":["03-16"],"6":["true"]},"priority":"500","source_event_id":"9263008943627700849"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Mar 2024 06:54:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf29c54fe8f1877c40000000000000000","2":"0xf8f6d883a4e014920000000000000000","3":"0x472882d40d965f1d0000000000000000","4":"0xce992b4cdcbeb4f40000000000000000","5":"0xb0dc16f8312b043d0000000000000000"},"debug_key":"7305062994581305021","debug_reporting":true,"destination":"https://sterra.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["473713002"],"22":["true"],"4":["03-16"],"6":["true"]},"priority":"500","source_event_id":"9263008943627700849"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame AB20
33 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:20:37 GMT
x-content-type-options
nosniff
age
88439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 06:20:37 GMT
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame 107E
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=1850635622&pi=t.aa~a.1109990826~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=3&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87572
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf29c54fe8f1877c40000000000000000%22,%222%22:%220xf8f6d883a4e014920000000000000000%22,%223%22:%220x472882d40d965f1d0000000000000000%22,%224%22:%220xce992b4cdcbeb4f40000000000000000%22,%225%22:%220xb0dc16f8312b043d0000000000000000%22},%22debug_key%22:%227305062994581305021%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229263008943627700849%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 06:54:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame A506
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lttqg5cj&c=4013115969296&slotId=2006557984648&qqid=CIje1caZ-IQDFaZHnQkdP3oAvw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A506
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:25:59 GMT
x-content-type-options
nosniff
age
88117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 06:25:59 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A506
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:36:15 GMT
x-content-type-options
nosniff
age
87501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 06:36:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A506
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cqj7mKkL1ZYghpo_1_A-_9IH4C9P1hbl26IzrmJgSoqiky9IbEAEg3dvnoAFgvwWgAdqglvkCyAEFqQLWWU8rqRWpPqgDAcgDmwSqBOoBT9A-LST0HQkLDIwi9oVXX3sR7wxd0fM4Y59stdA_g8bpsA1KAib9R_mUogf8wU_yY5qEt93i42asd8JNueWYEpYjy0QEfctO25dHAHGLsrGlay_fcXtiHp1r03djcfB0lf_s7bLnNlBTpuLa6_NQnZobKyTCADlodKjIs0DU4yIDVYAJyXrDSydvOeaoSoLnUhtSeOc_hqqWkb5mFspRn5DVywLwYl6DedMB79g8HVNkE3V-9hglSqZGBMLdLMRF9Hpo0Gm0tdLTDB1YUzJENjFxxej0dENZ39IPaMbePOHfElee95JOLcb4wASRhLj_xwTgBAOIBeaIhfZNkAYBoAZ2gAeO3-mGAagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYzLzVxpn4hAOACgHICwHgCwGADAGqDQJTR7AT6bLqFsgT07SV5APQEwDYEwqIFAPYFAHQFQH4FgGAFwHoFwWyGAkSAutoGHYiAQA&eventType=clickstring&clientTime=1710572076326&ai=Cqj7mKkL1ZYghpo_1_A-_9IH4C9P1hbl26IzrmJgSoqiky9IbEAEg3dvnoAFgvwWgAdqglvkCyAEFqQLWWU8rqRWpPqgDAcgDmwSqBOoBT9A-LST0HQkLDIwi9oVXX3sR7wxd0fM4Y59stdA_g8bpsA1KAib9R_mUogf8wU_yY5qEt93i42asd8JNueWYEpYjy0QEfctO25dHAHGLsrGlay_fcXtiHp1r03djcfB0lf_s7bLnNlBTpuLa6_NQnZobKyTCADlodKjIs0DU4yIDVYAJyXrDSydvOeaoSoLnUhtSeOc_hqqWkb5mFspRn5DVywLwYl6DedMB79g8HVNkE3V-9hglSqZGBMLdLMRF9Hpo0Gm0tdLTDB1YUzJENjFxxej0dENZ39IPaMbePOHfElee95JOLcb4wASRhLj_xwTgBAOIBeaIhfZNkAYBoAZ2gAeO3-mGAagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrECqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB-C9sQKoB_-esQKoB9-fsQLYBwDSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYzLzVxpn4hAOACgHICwHgCwGADAGqDQJTR7AT6bLqFsgT07SV5APQEwDYEwqIFAPYFAHQFQH4FgGAFwHoFwWyGAkSAutoGHYiAQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A506
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lttqg5d4&c=4013115969296&slotId=2006557984648&qqid=CIje1caZ-IQDFaZHnQkdP3oAvw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1u5&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A506
38 KB
19 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CyFDSI7oUjVpAKoO8FyJkTT1W8SriXHtrL9Ww1J6yCafi3eL2_sqCrQeW3ev1eKg9QtlKXJqEH2R0zoorel8_QyrhgjQ&cry=1&dbm_d=AKAmf-BqbKClDeD5Jo92F_D3rr21IQ2hC-k_gP0zJBTgm9c1FQ6RdThwgUaZEsXK_P8ijlB01f-o2cnOiGgXTE6aMPiAX8tBnelBPDR2Jm0p_IPv3ePzFLxYuzkhYfoU4eZmbHn1-puNDzmbFCBPmVpVLfx3lCx2SDjDnnPB3pLP003hfyPgJCejq-3NERZswiejMEmbS1z7CCWzK4iLbrd26dl_fN4hEeokI-__Jv5digclRREa6I_UA6VcSbw0dY5rd1ryuns0VJUAVtvYYJzzc_1YeXzvffqtMxjdE6Z2b_YXIwpEYMPhZWbx_RtcKFVooIi35KFmHhi7YYIysuky1zY0baqbv-xIV6EYANgccKwqqBqNSA2GTQ9YVp4FwnYV-gdh_arKWuXSOFdiiOXJX1ldo4GXMkH2ih-0b2XOMMtzB7HSWy3Kdt9KAvclMg28OZP-TkX2sT8tLIZJbyJXUzUiireneyzPcrhOi8gZQxnmtOxntn190MIhVYtdMCdBk3YUuqswV6b2ieAsqIxg4v4GGo8HNM1k0hR2YGRAo2uKT9iOtnAo8nWC_9B07L1Y6XKqgk2YamQ7a_yFsWPpvc_DhDBUFx6JcXeq-sEWEE31qJ0198ND0Q1B-Ds22_05QMhJmgtPYDxPMQsi4CWGWVKKWr-ZjsygN2WSU6sZ_FWROo5Wbac_GoEXDlit293ZLHbNtXrq_2hA5A6-J-Xk0rGRxOFicBpi_kJjAwIc7nTfnI0CrrmUIOUsVOt5E2dVloiVQ3f08_apuyd6e9nzU-G7mv40d4QB482cp-10sN012wpN3dCxftECStzzkfEfl-OUe6lvIjY4s8cpxhd8W9GFXHiLQLDmJeuEXkObhLh694XvhU6IPeEidG_A4_v1TFIPC9xE81tNxeKgqDIawkHMY0GQWEr3SeWuKDn_COq4RWWrn6Vn-tmWE6Ls5xV5x00HZT1tfmkVmOupFUhvek1jGlXqmGRe0U_xFzyKaOjq7sF5LUlbuBhLRIuW8D_QlQN6L7KEpuqMDAuHiLp_jB24KFydXnQR0WA9AdfSJtd4mZBRTuu4F1AhUD0_tZpBIlOa5iOLhqV8RR3-ymeOn9TQE12UlXYJqbkrH51u2OHZpc-tNFcoTm7vB2e1mCyAV1MxpgTCKJZI-zJen1O2dFvUrqko5X8iw2b38b2rSarKEJ6O8XLOzDtxnZa9B2IUmrapzyFNxiZOc2HszTV6EfAw0JavjIKsuT3BPXdSdqd35FujS0MY_xmljORra3qSEaeNclArqRhkyGD-qP1HEciEAPLrpEdUVco29yVMACS7gfMPvGKbKz2w6wb9JProYSskgw1oZH0a5YanE3k0En65MXS30WjNhhEG9iobFLIToNfRlAGPJRB-9CL0q2M_lWQaIrPS5Ep3USE398jfnfH9dcHVKl5Twj8RzRq1irHmKJ6iXIKGg5UKtQp2eTl9C0hjMHdw93ENcbMC8ateJrHNGHpAmbYG9BS00_z8muNeyiNkagDJ3Y8bpEBxwpnJafZlReO8nxrCF-vtqonDobQJ8qihp4oCGmGaviVG89GcPOutYPuexKFoMCbQyFuZRp4H53QOqnNuoC6qzlrNjD0SBKm-AJKRDfPzw0kTBsqmzIIfMMOlyzEcewdk1Ibdm-fD1MDNxWDmww3a5soxdecD0n6cSfOZiiPWL53mfTPqPBaNpS2-PXQKbJU6rZXw0QGQOiTGh6OVXM6_HIP0tXniXX664oCaluoeLlcnpbGTPTdSZ7M1DgcB_MFP2DZbIbBIyc5WcXNbv48LNGZMdGZmYVXUjFFMAp4hmWpsF-ZRD1wiGGSFfBgUHanv8tC3D_vm8DpTKmeoX3tThp47VKvA2sJ1DC5JVnldNFedUgqAfmQp4nhposUw_0ZbvyDuaJIgZY1jVQSBuFhu6QNNOXBy_rdZyGBw-C4FC4c9ORIfQEDAjA6rYbeDjAzWQX1H0WxBRSR4lLAt0vdnL-LkllEy-v6vg-WlBmjHvZjtRg55hCfrxsTWG9np67r6WTkIcW7i97sCquJw-fDeWiVnJgYuvXUzQp2lx3TX0bIiXilmST1rH-kLcjE6H1b8xK2WGR5CT9IA_8CLYhIe8Rwsqw9QXr8ugS3MI6yEF3MuSyOr1fjLIXs5-j7zUtItLwfIKkaeg76TLBn5lRZSir3G3jMy5FUxfU5qd6mUcJUrMJ8_4RW9ZWQtPxiB3BofbZw1oqe-2ElDFxW7Ac6BovfrFWBC7Icl8dr0hifS5ofeDGPe4D5U2J1jE8WCgKTqC0YDey-73QexsAQ8XADWtzff2uT86LhehP8YkeHzOgBtSmfKsJzxlpBg9cuG3a2-EqElQl_ug_Vpl1zTr7EYzGEa6GU2GJktruKkze7EXogO3YZp5r1lS5Stsz-3algBoipPfnmhjpwCxqjg6QM4dpa9TYQP_s3ZjRm9vluAaAiyrMncyy_Ru4vhWP1pFlZ7HW3I3CEGPNevbu1veLno7AvoRHBvXLpUl4wA4Wc2AAdUnSVFwu2MBkT5sUh3tPLMVCwfQcDF7kwcqH-hTGLpx0ERyFz6qBoo6tSjKo3HxalHCYCLVNT3HHVaQxTMN-t7RMEjHuUMW6Wq_V7S3u0AeEjZP6xQwuVlaKsJpafSIGFHdYgqpV-PfDSf0xgX6VW3Mjy7A_snsXFFx7FafG_oMcCB-MQRLjV2fqu36FArXl5V4f-n3K7jPpN1BRYB_AekSqEnaDriJDglvrSje6t3yL8HFlDqDaga9m1YV_ZbWmaky8oziAMBKLCvl8jcAbcDHRRiBW6hhOrBXlj_-J_WvE9__zltt4rSm1smgwp-iSyZ3nO-UCkF6jrz1tiRSBoqVno1RsFMeR-OCWLXTBhJs4kCItv8s1mhlXSWvbKcSWAH2mJp315hr8cZap3SKUu6TGVdHU7bv883TyLKYLXZcIdWEVz-xnTJxHJxJ7YajGDln3Bz1mmGpdB_ntX__LjLdlGd_EInd8Ie4bbtKeG0nYN-11BvgBS3pB2ZvXTtqw0LlGjw7a5G0DhyB9opqDpDaaDZxoscJ_4urJmfiDxAUFer-qraa5b-zz5gWVgsDVv5FyFifR4-WQt29gK2_OrrU38iotPAtX-mDUh_2Xv0vTP86uwArY-ESKJrEJwjnrKjClQREG6RsPkd5D-rn_MexUwge5rMV9R_ZCd6DvUoT_k6LsdaF0zjl9qnxnjBQd1Gd15WnaFA-blJ0TGhXeUgUwXFwGK8IqnnectBYCeTz84dhqWLi4OceAx7bZKfeM8B4LHVQkLxyP52moW1zORSs2HWuUil95LkkptkN6cQc5IStwbsZWuI_n9Ok8fa8yA8o9r99rxf7ATLC-UQH1gQCszinnmb4lD2w5gFpIn56zR2FvmNKpBJJWX6nAtaeSVp8xzPPjYR53euM_cEQ9l4ZD5OkVPSYleATJAVu1g2eddjWW3UJIYOfRcwdNmuawV5fX2cPObbE8eL7NVL1WIDly_BEbX75qRAydZNvCSyrsKv2KyLvGGeF8Rd-7rXou8CMSSBFB0xfz1DuPlzRsDyqX52E5zdQskRNxjpfFb3j77zud6xK5wjzajnskUzOdxa1En_b8jgDGIOMkIQCo_-uFD2_N4BeSGwdfS8e1dEipAGQ_3V88s3sBu-1FjOSKjoEyD6SF-n_-xPL7NIVM_yN69BPDis1Z0KiWXpSZVuAEA_M3B62eK6w8DKEFFAaeaaML7oYhyYgzMQXRLdhBnYyaXn2kvv3TrO9yTjRJJaArKiqmzxgvhpwvi7EoN6Utl7NwOTlIUy2A8dtdvqHKTA-AoKWvgl3NlQRCKLLuuablwGHx05Lr381pNxkPLOxz4IL1JFXH-o2zUC99XnrtilO1oLtmodCn8S&cid=CAQSOwB7FLtqFE1EmOO5K_5jl-WmX3EhGYjGeDNrXORHf7CwO1sKRNlTBi_r2lS_FlRCo5qEcBgO6e8vYtqUGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
f53062eb09ff8e3284c13deb7ac4bc9e34c72e0b5948648b80d32b398e89d557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19232
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7039
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
11784
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 03:38:12 GMT
etag
48472445140208031
expires
Sun, 17 Mar 2024 03:38:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A506
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e81aa3130a112339ab5f8faa7b528ae85305daacee957fe4351a9c4b9a65038d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6A1A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
115997331bc346f04ac58791f0488bb689eb1d1b5945632649d889caa1291b55

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E937
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
216303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 18:49:33 GMT
expires
Thu, 13 Mar 2025 18:49:33 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C282
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
216303
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 18:49:33 GMT
expires
Thu, 13 Mar 2025 18:49:33 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6F58
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 17:01:22 GMT
x-content-type-options
nosniff
age
49994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 17:01:22 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6F58
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 07:17:02 GMT
x-content-type-options
nosniff
age
85054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 07:17:02 GMT
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEXADNmYFXuZOrNPmNvOBds&google_cver=1&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQycpX-11Nd2qqXqKI-...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQyc...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQycpX-11Nd2qqXqKI-pt6-ipbVEXNuu4UUdX7E7an8kNZ83LHG8gJTZaQL59OBuHJIVi-CaYbA
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Mar 2024 06:54:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E49C68B478AE46B3930BA6CB4C3B862C&google_push=AXcoOmTZ42H7ENguHyCxkr5Pdpnblu7Cz15EjBD6Whxs1-07MQ5ueNIoiKUXt9sDvXhfkkVo2PWAC1E0rePLQycpX-11Nd2qqXqKI-pt6-ipbVEXNuu4UUdX7E7an8kNZ83LHG8gJTZaQL59OBuHJIVi-CaYbA
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 15 Mar 2024 06:54:36 GMT
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmSjEgo1XoG_RePGpH6tZwLP1SjzolaOlPQwKBJKo6QP4x6OJR9p4z6wbjQn30Uo...
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&googl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmSjEgo1XoG_RePGpH6tZwLP1SjzolaOlPQwKBJKo6QP4x6OJR9p4z6wbjQn30UosgRahR3AIOYsBUgEPEqBJoIjEjG6VNES1X3ArJN8lml49fFeWXOjji_1kJmwDZyOYv54St-Ej70OjOLKuVF3_91F
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmSjEgo1XoG_RePGpH6tZwLP1SjzolaOlPQwKBJKo6QP4x6OJR9p4z6wbjQn30UosgRahR3AIOYsBUgEPEqBJoIjEjG6VNES1X3ArJN8lml49fFeWXOjji_1kJmwDZyOYv54St-Ej70OjOLKuVF3_91F
pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT, Sat, 16 Mar 2024 06:54:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 7039
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT6qKFMvvQOGwvI6LWQyEa_n2ac6cD5pmh84zW7_jPiNSPVKTGUg0GjC89JHcvqQyiHOJ_kGgoxBxzO3rEwxW7qWx9OD-EZAbwd__mRfJ_y_rCp4D6ONJvpNFuh2VKoKC3fn0YTe-Ja3heNHjI1GudPIA&google_gid=CAESEFYk70cb2OtNBYGEcCXihLI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:35 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
206538
expires
Sat, 16 Mar 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTWp3ywjC47NdiUOe80mw4tsShDOG4bpUunD9uDqIMararzjDickLhdT4iXSsA&g...
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=SxTdPIyUG2pCf6TRniS08Q&google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=SxTdPIyUG2pCf6TRniS08Q&google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTWp3ywjC47NdiUOe80mw4tsShDOG4bpUunD9uDqIMararzjDickLhdT4iXSsA
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=SxTdPIyUG2pCf6TRniS08Q&google_push=AXcoOmRbm2HJu7dNwGgt-zahmqZUcBAotqQotxD_YH8bNPFwWxKY5u787WKz0sU4IBOYIls_g5J4y6oePlO9CH7288xEhVMgRTWp3ywjC47NdiUOe80mw4tsShDOG4bpUunD9uDqIMararzjDickLhdT4iXSsA
date
Sat, 16 Mar 2024 06:54:36 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENVaDCWFnKZujkL0Q3OS3cw&google_cver=1&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uyl...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENVaDCWFnKZujkL0Q3OS3cw&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uyl...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhy...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhyfMl2KHauffnvw11bGh8m_zTJh&google_hm=OHVnaURwSWtUcmM4bUY3aFpoVTI=
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 16 Mar 2024 06:54:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRXgB1VWlZogZmH9jCURla2ts4H2izfjpaMCUD4qmc1QIl6OHAwvHpbKgs2qzpIYBLdGZo7PLvS11uylXtG1BxIl7VDFkeqmLkJUdExtXd1EshJFkgg_AYxLjshlhyfMl2KHauffnvw11bGh8m_zTJh&google_hm=OHVnaURwSWtUcmM4bUY3aFpoVTI=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
292
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECJ7wr_UeI6y6if0GJ2D6dI&google_cver=1&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9u...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9uLZ056pFXV6w8MdtVTMkeI0_i_gZioGjVUgdk...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9uLZ056pFXV6w8MdtVTMkeI0_i_gZioGjVUgdkQ7JgAugBJaseQIS-87SxHDOurAbtVcMobJS7bg
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSFLNAY_be-Xbmlju-DWuz-jDb5JAlmp0S_CmiwCXfzUxZgjpzVGzGBEwUZdbP38hCNykBLtRcFyd9uLZ056pFXV6w8MdtVTMkeI0_i_gZioGjVUgdkQ7JgAugBJaseQIS-87SxHDOurAbtVcMobJS7bg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 7039
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmQojm-GDKgjpnXdXm0wYyH2sR6rvElkH4NaqetiTGRADxO6c3BeQTygozOTA...
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&go...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmQojm-GDKgjpnXdXm0wYyH2sR6rvElkH4NaqetiTGRADxO6c3BeQTygozOTAK52tWqfROZx-ecdoUHpydY_QzWZ_Y8rIoCrjlMVFwDNQSmRxiOyX4aYat4jBfC5Hju14WYqcTiWeJcnfoNIMEz0ArGC8g
Protocol
H3
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=pLQGWM12NLsiWNVnvuQHJs9CF7OnTPtx8HwryFoOwSw&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEN3Q5AwA0YZGznS6cR1e6Dw&google_cver=1&google_push=AXcoOmQojm-GDKgjpnXdXm0wYyH2sR6rvElkH4NaqetiTGRADxO6c3BeQTygozOTAK52tWqfROZx-ecdoUHpydY_QzWZ_Y8rIoCrjlMVFwDNQSmRxiOyX4aYat4jBfC5Hju14WYqcTiWeJcnfoNIMEz0ArGC8g
pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT, Sat, 16 Mar 2024 06:54:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
vary
Accept-Encoding
expires
Thu, 01 Jan 1970 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7039
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgPEAM391ELhARCmrznBlLhqnJLwihypm8HOPcGmzIs1oFiPzqrEYRR1ljV9h0fE-vjzpOLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame A506
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CB8zwKkL1ZYghpo_1_A-_9IH4C9P1hbl26IzrmJgSoqiky9IbEAEg3dvnoAFgvwWgAdqglvkCyAEFqQLWWU8rqRWpPqgDAaoE5wFP0D4tJPQdCQsMjCL2hVdfexHvDF3R8zhjn2y10D-DxumwDUoCJv1H-ZSiB_zBT_JjmoS33eLjZqx3wk255ZgSliPLRAR9y07bl0cAcYuysaVrL99xe2IenWvTd2Nx8HSV_-ztsuc2UFOm4trr81CdmhsrJMIAOWh0qMizQNTjIgNVgAnJesNLJ2855qhKgudSG1J45z-GqpaRvmYWylGfkNXLAvBiXtt4SfR8SnqPiK3DaJYmMfKXw6vZjE-so9dcC0Haub2cyj7K2D2-zcwWH2kDVmwT0ft-8iNwHyL0_Dc3jGLS0JrABJGEuP_HBOAEA4gF5oiF9k2SBQYIAxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB47f6YYBqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwoQsIgTGIW2toYC0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WMy81caZ-IQDgAoByAsB2gwQCgoQ8K25mdP6lPQZEgIBA7AT6bLqFsgT07SV5APQEwDYEwqIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItMzkwNTQ2MzYwNDIwOTI1MBgA6BcFshgJEgLraBh2IgEA&sigh=eCOG5g_7BMc&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwB7FLtqFE1EmOO5K_5jl-WmX3EhGYjGeDNrXORHf7CwO1sKRNlTBi_r2lS_FlRCo5qEcBgO6e8vYtqUGAE&vt=10&cbvp=2&vis=1&nis=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3905463604209250&output=html&h=280&adk=1385466551&adf=2968649303&pi=t.aa~a.1109985555~rp.4&w=728&fwrn=1&fwrnh=100&lmt=1710572073&rafmt=1&to=qs&pwprc=4139840582&format=728x280&url=https%3A%2F%2Fshfo40.com%2F&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710572073934&bpp=1&bdt=2293&idt=-M&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=4&correlator=1069886643591&frm=20&pv=1&ga_vid=645619822.1710572072&ga_sid=1710572073&ga_hid=128761330&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=2995&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081828%2C95327950%2C95327954%2C95320376%2C95325785&oid=2&pvsid=3100344024596999&tmod=1635926606&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=29
Attribution-Reporting-Eligible
event-source
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 6F58
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CYJbOKUL1Za3cCofI9fwPy8eZqA_urd2wdp7nx86dEmQQASDd2-egAWC_BaABmcuEngHIAQapAtZZTyupFak-qAMByAMCqgTFAU_QxnD86GCrfCsSXf5YJlgp0Bzjmb06J-VD85RIs5ujFbe...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3f0035636567dcc30000000000000000%22,%222%22:%220xaf0ed84d50e239f40000000000000000%22,%223%22:%220x2a3b06...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3f0035636567dcc30000000000000000%22,%222%22:%220xaf0ed84d50e239f40000000000000000%22,%223%22:%220x2a3b0697fcb20c420000000000000000%22,%224%22:%220xe8895548518c36be0000000000000000%22,%225%22:%220x3a90e2e09949ddcf0000000000000000%22},%22debug_key%22:%223955973126973640298%22,%22debug_reporting%22:true,%22destination%22:%22https://pelago.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22331425177%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217378579751373309441%22}&andc=true
Protocol
H3
Server
142.251.10.154 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x3f0035636567dcc30000000000000000","2":"0xaf0ed84d50e239f40000000000000000","3":"0x2a3b0697fcb20c420000000000000000","4":"0xe8895548518c36be0000000000000000","5":"0x3a90e2e09949ddcf0000000000000000"},"debug_key":"3955973126973640298","debug_reporting":true,"destination":"https://pelago.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["331425177"],"22":["true"],"4":["03-16"],"6":["true"]},"priority":"500","source_event_id":"17378579751373309441"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Mar 2024 06:54:36 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3f0035636567dcc30000000000000000","2":"0xaf0ed84d50e239f40000000000000000","3":"0x2a3b0697fcb20c420000000000000000","4":"0xe8895548518c36be0000000000000000","5":"0x3a90e2e09949ddcf0000000000000000"},"debug_key":"3955973126973640298","debug_reporting":true,"destination":"https://pelago.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["331425177"],"22":["true"],"4":["03-16"],"6":["true"]},"priority":"500","source_event_id":"17378579751373309441"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame ACD5
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef07ea63b780cba0a90cae42868016bad1c0113851488ad6b7325ccdd0a5fc4d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame A506
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lttqg5dr&c=4013115969296&slotId=2006557984648&qqid=CIje1caZ-IQDFaZHnQkdP3oAvw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A506
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 18:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 18:49:20 GMT
file.mp4
r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,i... Frame A506
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/ip,ipbits,expire,id,itag,sou...
  • https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,exp...
0
0
Fetch
General
Full URL
https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6D2A9BACACBCB42C286676841479C9CAC247CC6A.6796B556503C568771AF7871D915E5D0EE193B58/key/cms1/cms_redirect/yes/mh/Qy/mip/116.86.254.31/mm/42/mn/sn-npoeenle/ms/onc/mt/1710571724/mv/m/mvi/3/pl/21/file/file.mp4
Protocol
HTTP/1.1
Server
74.125.164.136 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 06:54:37 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3836466
Last-Modified
Tue, 30 Jan 2024 08:15:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 16 Mar 2024 06:54:37 GMT

Redirect headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
667
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/6D2A9BACACBCB42C286676841479C9CAC247CC6A.6796B556503C568771AF7871D915E5D0EE193B58/key/cms1/cms_redirect/yes/mh/Qy/mip/116.86.254.31/mm/42/mn/sn-npoeenle/ms/onc/mt/1710571724/mv/m/mvi/3/pl/21/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame A506
453 B
585 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-3905463604209250
Requested by
Host: shfo40.com
URL: https://shfo40.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Sat, 16 Mar 2024 07:44:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c94dd3fa032f9f773df1f6fdfa9a61c1d1d110ba4deb94510b1245fe45fec9e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame E937
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame C282
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CDAE
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRbckLqwxQicdhcqW6nFV616ilFXTiI-msS4vCsfgAQuSVnqQvdbKstMTFx_cF15ulQl9hZA5SngubGW_Mz8IM-vV4dnGrrSOeEzWPUg3HqY8YQ-yy95PPpvJwxdcNXg8CGgbVjmLfN4Xm5YuMl_MfDHIdvYEel1A&sai=AMfl-YTc_DPDdxVdzBjunpa0Zln7ZaPmn9lOSXru_lhJ_8qQvxbgOT3v0SUosHzMmBy_OqWswNNSIjmsW27qxflUq04PR60z8WvmTWrAiDp_1qae7ImNWBOpk6XNYP7voowP1tSHI_qsLRrDSfZTjTYKLw&sig=Cg0ArKJSzPejMqh6xXIGEAE&cid=CAQSTwB7FLtq7EtPK1KN8ge0M15tXGlsbpYPBWnETbVmLRABW0WWkjG3SaH14J3xxG71_L0QVjaWTuDBt3zSQawfinL8f2eGIARxFyc9lmQhcQIYAQ&id=lidar2&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=650487400&rst=1710572074202&rpt=1372&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3f0035636567dcc30000000000000000%22,%222%22:%220xaf0ed84d50e239f40000000000000000%22,%223%22:%220x2a3b0697fcb20c420000000000000000%22,%224%22:%220xe8895548518c36be0000000000000000%22,%225%22:%220x3a90e2e09949ddcf0000000000000000%22},%22debug_key%22:%223955973126973640298%22,%22debug_reporting%22:true,%22destination%22:%22https://pelago.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22331425177%22],%2222%22:[%22true%22],%224%22:[%2203-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217378579751373309441%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Mar 2024 06:54:36 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 30FC
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
192
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:51:24 GMT
expires
Sun, 16 Mar 2025 06:51:24 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Mar 2024 06:54:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 991F
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
26398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Mar 2024 23:34:38 GMT
expires
Sat, 15 Mar 2025 23:34:38 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5409
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f99.1e100.net
Software
GSE /
Resource Hash
7512c30f301f62bded4b1d448bc5960498aa5e8c75174c9548c11871c916e029
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NSvthIAYgw9-nJlLsUD20Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shfo40.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NSvthIAYgw9-nJlLsUD20Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Mar 2024 06:54:36 GMT
expires
Sat, 16 Mar 2024 06:54:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
pagead2.googlesyndication.com/bg/ Frame 30FC
52 KB
20 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Ae3sWvOO4HnxSTvFmy5QcFGvkMD8_u8sXemgKUz4WUs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 06:35:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
87573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20361
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 06:35:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5409
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=3100344024596999&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
pagead2.googlesyndication.com/bg/ Frame 991F
40 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 02:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
102526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15583
x-xss-protection
0
last-modified
Mon, 11 Mar 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Mar 2025 02:25:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E937
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuGoYKUL1ZbHvCq2q9fwPlvCT-AIAAAAAOAHgBAI&bg=!ycqlyoXNAAb_2pXa39o7ADQBe5WfOMZabAf87ESiekTweqEV_5gA2LgUptjv3zkrjcWEXLTUH4vYaYgGIm7jvulAGEOZAgAAAYlSAAAABWgBB5kDDwy5UcAX_2FWjWxfuibh2wp_c93FNgJ9zyeim0TibiXiCTQ0qghk3oStwnt1XQUUD9SPKMO-mnZDYKkPjUSq_UtI0z2excepF6ULRIAJZ8d9KVObjnar6Xg-UVAbbVVgfGJ9WatW7bEAjUd5hKNDlurswA9ukL5oVANq8yz2nmAo5-pvvY-LFTUMP2BE-RpHs-cKDtbYQxmcZ2MkSTtOG-FAD52uRyXnzonnKNf2aFfJSKefzRwhf_GW0pVaylM2b6zQCph4F3EYx9yEHdgO2AzlzXbR1STtGkNu6ByAgojihZD8TVrYrb6iQ8BDJhrqRJfZadYi5cFahyIFsHjN6d-VmuVPICX8S02hDk-J8T3hV8zZXHlr8GmDza8Eh6n4-pTQFV0S_bhBjnm5AIhhfstvIrBg5Vm34-J9icJn1yMIh08nwugKiOjGeETPIYBbWoTzRftndCiP9O-gs_UP7-VDhV-R9HMOSJ_S-FeETYw3iv86SikWBrQK2nw_DrOAD986koQiIPfiIoFNRqBruucUP65i-pVn3j7d_K6nDiNkkxnZOJcdGmlDyhjqH_GOFtjApIgQ4NxjwBJs5A3dmh7E7LWkE4eFcrXyM9P8BiUVdOLYzmN8Abfb7f8FzFaBgtPCaq2mtbIVmMAAVv87S9S4yLuc3dKBaKpl4TFEw84MZXPLzfeBhQWsGiut6MSoM6EhRT0_uy-WPNemNyatFWX0lFg5g_P7ERLy8dmsIdqAwbKC4VjtnoSCg0Uc5pC6M254TsE-inHEyT2LTiUrEQlAAOucD1eFOOR_u-eRQR08c3-MiSUHKACZTtl_8Rf9-2VKBy89J_jDyt6DmjL71tgbnCBB3NKt7G9Wlp23vNW43n6F-mmlHjVBBPfG7tltTOzijJwdRLKDb0zPCeGFaVb3B1BAp0f2PEh-qm63Vs-4T-zgt4tj52RXl1cJllZ7IIVTqK0EEJJ-Eqz3iFy_yjQPns74tKnoVjuUu6eYrtMWj21NBbUtz0pf6mml9U5ntNrVGpCTRc0AUXbNSgSw1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C282
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1D4nKUL1ZbPvCq2q9fwPlvCT-AIAAAAAOAHgBAI&bg=!LC-lL2DNAAb_2pXa39o7ADQBe5WfOOzvtGo59DRZJxXSJSAztNUABt5mL1hZZaBsthaXRb1fiQ2WYvsn-FCUwnVtKy-FAgAAAYZSAAAABGgBBwoAIy8aFixC8IdAyLNFemBesR1yMYeYx5h4JKTOQfUiF1kkXPgLmQML_RBLVciD5szIZj9lpZXu-OqHwE3gGDp97zzOtVU6eT63yBSacTV1tPVJ5JRBia2xs0rX-YOECo-KiYw28ZOKr_2puFr8qMKEwjMjz6_-5CSgynBQuHVII3jEc6M5yT_LVNe8w6i8_qefW1f4tDbmKmUAVDmBeFnNHcmnIh2WADVCY5aaNFKB6Nhoo46lxNwm2gdl62_DvQ3M_Z5pwUPWAftTAfEDn2HSGUMgVjherkILibN0iQ6DedMcAdOgVm4YzywKceTaX6dFGZbTEZTPRsj8wwLY7vr0Lr0fuOJVEc6hw8E1hPBqFGW-gYZPs17Ay-T6XEDaT2UJwjPOCa9932fE-whYQvSUyEifvFcTwCiQy7dmv7hU5wEkYdJxqwctYf65j-IjDAjQuDYz2Zgvp_YrdPbLYsYFvO5DEosss0Razeo9p8-tRNyg_Xdaz601s0yNqYoSMQUZ2m9jjnUZfFKUXG50Mb9pefcszagy2ya_HovCwF0xMEH9Sl19VCLLSCmGBqJGG3pzpEHWYAVPjJb2AlsFLj_F_nahXbOuU73_vkmACNcbZ4-tIFu-oCtShyJFnIhVQcMZVkDA-2Vd2l-tdfAZN8oiOWBUsQWKJZO7L8qune0RZ8IUBrMGAFKS0jrKD_tmUO7wV8Cr7RiM-lcWmdwO5VJPhheHsiI7PtlOhGCJbzHUrv5Pcoq9sFcSlRnLKZeElZKWPcgaz9iyk2MjT1KG4UXFTn8hAEFHj4olPjzCAfbcMzPWl-NZSQ5g1m3n26oLF6qvg3yKVxEb9C6rL9YzatLIT0JGxUrSxVF-72X9j8pXsG6C6LTrJxr3n8bTux7V8XtT6Eer4uhkIDwb1HWhrOg-Cc7GL8tWCaeVaRAN4JLjw2YLMH8Au5mUk9EGCZ-CYo3va3Hsbpk51L9KACkz2cyNMd4EcsaKp3iiz7HlR2ZINs9qH9E9-sC5G1CZeDrmm_TOQv5sN-mjkbtSsqpTu-1Ha29ajBMQum1pSn_dRCteEpV7dgZ5MsEvatsCo37PXG7kS1E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 991F
0
11 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xbjUzQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 06:54:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FC
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BlT_pLEL1ZZfyHKCn4t4Pt_28sAsAAAAAOAHgBAI&bg=!KSqlKmXNAAb_2pXa39o7ADQBe5WfOAGviJ6TEmgRYecmfCa9JmwTbu5syXob0hqYyUqporVjahtvc0fVE_FCRUJEKYhwAgAAASdSAAAABWgBBwoAJkhzL5g_ue5SSYQ8oL0zhfoBoOWs3qrODO0ux8FAF4w_iziZZ1QcmQLqXat3DObpLYDbWd7-_0jvQvQQoPRddZIzi7sIRUIbAz7CTgjNbliEOxkMT6twbX70Y4xztb-vO96aLIkbdWBafJ235AkE14dBxIoweW6ZmEga2q6aBRVxaQcBvjFcaBjYECsFiTootI9Pcs7yYmBr-5eE492FwPIDxpAavrn4cTNugeTgt4k_ydh__J2VebMUx19-TkQlfHDv0yzodFl_GBHTky6E69hJtquTWhaFa0faqdg7goerVSn-5Vy20INYXdsA90d5NfPtInNpcozdRArMWBdWrrUWbVXemcx8zR-2qqCensvUaj_y1xiOFlkIu4Zie8tlONWXg-4aUhRw0bn_WJMFhzACeC2zv9dz5PSt-kwN7-ilWKexKscibHY11Yh0MdvsZKh8ekGkSSPLEpX-OaZHNUTGRPoLPxqScMt_vDJr5udFy06BEcH4h8GhTMfg9akoxO35OImBngU7eYLqHBQIhgslYZ3llZYZAKytU0ioYYF8-mbyd7lbDAnZ1AOTBPf7a39Fx1ZmdnDJemPkof0xbg61e2hj8hzG1Ua5cayF4vmdY4i9JTp5oB8RaMqX5RMDpiob_ZoEz_KZvAOQP5OYEX-P9xKD0lXRMdXHBpHQ4GNNTU36coXN5FEf6Vl7-JOT8UEmeYMjPvebynSvjwHbG34WID8gek08UOa-MatSyzdpB76QYB46ONo3efXfnFh7zuy2pZgW7YfWcfXq8-rNqtNrnQXE4SFN6onJy7Ht8W4O_8ZK5n5uXUcvwB6VheBWeXMmxL_1Vet3AjFkWWHGKbWg1rXxS2oOFGZWdX7b49jEjKgtzfxU7RM-K4J9nxFrGIIfeEFkKdmu9uczJuLjwQpjCT2nwO7EthHiYtE8cLVC-Cgrj96ngaj8dCReCImNBevuwJZBuDDc6MUbSjLpqPuqkat0ZpeMx4MNh61SmjjRHqxnKynBFRIr8EoHdMk1MBKJlAIEvnPG7lZbS5p8s6w3aV4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4
r4---sn-npoe7nsy.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,i... Frame A506
Redirect Chain
  • https://r3---sn-npoeenle.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,exp...
  • https://r4---sn-npoe7nsy.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,exp...
294 KB
0
Media
General
Full URL
https://r4---sn-npoe7nsy.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/287EABE64F03815B494BB7C1B20068A5B4A082B2.80EC263790986D5F5A8DD7C3F3E0CB0E49FB782F/key/cms1/mh/Qy/pl/62/redirect_counter/1/rm/sn-npozz7s/req_id/524bbdebbd536e2/cms_redirect/yes/ipbypass/yes/mip/2400:6180:0:d0::1519:8001/mm/42/mn/sn-npoe7nsy/ms/onc/mt/1710570925/mv/u/mvi/4?file=file.mp4
Protocol
HTTP/1.1
Server
142.251.88.73 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 06:54:37 GMT
X-Content-Type-Options
nosniff
Content-Range
bytes 0-3836465/3836466
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3836466
Last-Modified
Tue, 30 Jan 2024 08:15:46 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 16 Mar 2024 06:54:37 GMT

Redirect headers

date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/html
location
https://r4---sn-npoe7nsy.c.2mdn.net/videoplayback/id/988a6c64659ab8a6/itag/22/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1742108076/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/287EABE64F03815B494BB7C1B20068A5B4A082B2.80EC263790986D5F5A8DD7C3F3E0CB0E49FB782F/key/cms1/mh/Qy/pl/62/redirect_counter/1/rm/sn-npozz7s/req_id/524bbdebbd536e2/cms_redirect/yes/ipbypass/yes/mip/2400:6180:0:d0::1519:8001/mm/42/mn/sn-npoe7nsy/ms/onc/mt/1710570925/mv/u/mvi/4?file=file.mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=900
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
content-length
0
expires
Sat, 16 Mar 2024 06:54:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A1A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVVHdAlxkS1lPlSHYQ0jVqctWqvsAsaecs-lIQjczdlbLPvamt_HMYpYxhOKIjsoSngt6ZxqHpIjjLr-I6t0IIklJx789sI81y3sppAXdJ1OOv_Vcef_sORrPwHEDBuIB6UYRz3JcG9sJ9FP6fJ3-4IWxboendTso&sai=AMfl-YSNUrZXKPBugGpuIBl0ps-CxjP5dwyiLQfPeCR-vOo525u01Shd2c0OiPVAFLAx5U5MXhENojZVliwFxzDtBTHi0-JybyJsV2ku5_mmLBgRZJE8Fvx0fXJ-yH-vPX6zsbSa38V_KaX10755uIwr9Q&sig=Cg0ArKJSzEmznUreThdlEAE&cid=CAQSTwB7FLtq7EtPK1KN8ge0M15tXGlsbpYPBWnETbVmLRABW0WWkjG3SaH14J3xxG71_L0QVjaWTuDBt3zSQawfinL8f2eGIARxFyc9lmQhcQIYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=650487400&rst=1710572074120&rpt=1422&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F58
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUgS9DQCHvRnZ1YH1I5dslZEKcSOaohBcqAjT9QoDUTBW-BjnNEV1iPHJDi5JWloYrFz9Iga0O5Rwij8J5xN9-Zx0VRkFpqow5xVAeGjGzIQBIrEES3eVejXBHEZ5iJ1YrIq6Lw2HG-IMqzy3ZIhYFkwoON4Oh_wA&sai=AMfl-YSNycLIhRHJqdnAKDI7ha4v3DuO4H52MeZSZ31zsAsrkYxwnx0x86t6gKy6GQ0XgYQBM_yWvlQFPrER9GyIb3lCPYNW3hHPqOLm8ucZNFXijsw7nwMKP8okaijXdcb0Z3kqrR6XkWl-FbV0WKpeQg&sig=Cg0ArKJSzFk69-HlpieUEAE&cid=CAQSTwB7FLtqayN2g4WxsxWAnE3T8wbe257BwEE2hSEvwltDwXano_B-TlHAw3pqCGZuSHCFtnSdwj47Wqq3PWhZnrPLMoHw1pvcynoDCTpL9yEYAQ&id=lidar2&mcvt=1000&p=0,0,280,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2109194325&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=650487400&rst=1710572072779&rpt=3744&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A506
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lttqg5j6&c=4013115969296&slotId=2006557984648&qqid=CIje1caZ-IQDFaZHnQkdP3oAvw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1846&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1zt~atrd.206&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240311_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ACD5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdDpQjeyvZtgnO92CZ0gFb4EyiG9CeWSJwzQOh6A3cOK1x3sfCAeEPXTMOU0hScLbMnFrORijVZWGSxJhKKLz6YH1FhzVUg2lXSeuGQcnCrPBw5olPmJOACkRUfpG2AT72YdcduJWY6EJJnv-Ded2oLMJJiUA5lac&sai=AMfl-YQgbhoTCn9jZlNk45y2HsBAuGoNw2nh3-HFu-qTvKZ3-zGmVaTZ47h8Zc1ovAPjPl8AcVRGmgrQWD8pZkBXCJRo6ec2hbs6EucFmzFyWhDemL42dDMZSZby1wq4l2_uqanimLWNONHqeO1HRbuKVQ&sig=Cg0ArKJSzOQSwmHdfOFzEAE&cid=CAQSTwB7FLtq7EtPK1KN8ge0M15tXGlsbpYPBWnETbVmLRABW0WWkjG3SaH14J3xxG71_L0QVjaWTuDBt3zSQawfinL8f2eGIARxFyc9lmQhcQIYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=650487400&rst=1710572074156&rpt=1384&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Mar 2024 06:54:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=3100344024596999&bg=!U1ClUB_NAAY_ejuoH3o7ADQBe5WfOOF-lrbX19I77cpcLdXLjthdZuu5oCjSJsw0E9w4gZhBpnRK_aYyu5Kor244ZWPZAgAAAPZSAAAABGgBBwoAnjIVx6ZIfIfARJWjhL7UFYzHS1D3cBtXFKjT_d7k7QXQPBSPZw1gdA7MPZc_bttBJtsUNd03MZ1AVRNM-RT8TpLgNDJPShBkLAoS-m_d6h1dFEbjm3tCaS7QIKBh8gWydlqrsAmc04V6d4VIYmPrBf0Q9QsayvJP9uwZlMsdJzY24J_DF4Tt1-O3dHTaLd-b1hUpZM6rMqNrTcamhviRmQLD9eRXX2W3B3EJFi876mbS-IoeMkb2Rxk9OXnPU29l_HpvecMPkzKWoYHxq5vnL8a08OmkRPJ6JivOHZH4JVdgQjQOepcSMcLZFch0UCdt3Pz7Tx8uIFQsHD9qnTnYhvxJZ60RhwpMEdEofExLya-b_rD6rJ6uLRwOmGMULmCQn0ctt1iLAjyWD-YXk8DNGN0JmQS8UV04UU2iyyo-JTwLULwBGWRO3kbAOnaYCsLr1TnSD_Fvb0UzAHKtkSY02C6-wEwYX6KVoM92gzjuN46tmqRFlPrVjvYpX8-SJXH-buhdCHKf-GORc3AGDdHNyRGIeGqPc-Bib5kf-aISsQPtgcLmQaom1Joch-S2--7ITDTlDj3arcX1qfueNUKV0zuLen-BUAl-lVoyWtu3_crS-NxHDmact742sFqPntVsRUilMg0kAkyylSgv8UY6B2ppBvBaOTxQTUvG_m9QK2a7tccH-JScnVj_CEk0124exSETH3XnW5fPt89l1f-QL7fCmdQxAlItuL_a3s1QQMqpWZMRVcss1aze2z-HjVwqpOazDmYsTCp5-Zqk8Dtn5-6pn4sAXahxqVOhEpXoCLFajiJtzErzFRkK5iuO9ZCnCw0d8Dy8ltkn95EM6UursVbcGs7UsnXh9HC7qIPQGAxKsU9WfKxTWD0W53x7tBnbjBC7jw8C_zMIdSQAFxRiootKIbzQyWnqJFMHQzIS88mVPuQ8WgCgRUwyIsSJLL9CjjDV8BerXS1UG7uejF-zsJ9fVMIy9NEj7JwLiI63-fqevQLHcGwH4cnDQDC_CdVmnwKizd43FxIlYvPLR44gCWJhtHVwePgx3-IjPTt8BZki6_COaePRibqEbJHMXdaOIaqVN4M3xuH4dCNBNv_Y2TLEQxtV2eVv10Kalu3PvbtQ6HGpXrjMwbqOWP8r_rObOZH0tg8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c04::9d Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://shfo40.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| _wpemojiSettings function| gtag object| dataLayer object| wcs string| wcs_SerName object| wcs_add function| wcs_do function| wcs_test string| index object| generatepressMenu function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| X function| fa function| ha function| Q function| Y function| Z function| ea function| ma function| m function| da function| ia function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| twemoji object| wp object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| google_image_requests object| googletag object| GoogleGcLKhOms function| arrive function| unbindArrive function| leave function| unbindLeave

29 Cookies

Domain/Path Name / Value
.shfo40.com/ Name: _fwb
Value: 101FAcsqusBgeIX1IFn1SLq.1710572071872
shfo40.com/ Name: wcs_bt
Value: c582de830d80a:1710572071
.wcs.naver.com/ Name: NWB
Value: 7be0fa165a812472c03d3924581eda51.1710572072295
.shfo40.com/ Name: _ga_W178DSWYMY
Value: GS1.1.1710572072.1.0.1710572072.0.0.0
.shfo40.com/ Name: _ga
Value: GA1.1.645619822.1710572072
.shfo40.com/ Name: __gads
Value: ID=8b15b1aef1986490:T=1710572073:RT=1710572073:S=ALNI_MY6Uj5UZtfrmCUdUjLbak9Vpb2o9Q
.shfo40.com/ Name: __gpi
Value: UID=00000d39a87661be:T=1710572073:RT=1710572073:S=ALNI_MbqqTTWhw0b0ZcixRdkhM5uzh9zXg
.shfo40.com/ Name: __eoi
Value: ID=41a4a10183d84272:T=1710572073:RT=1710572073:S=AA-AfjZkvwVP7-O4lMdTOJ6NBie-
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkHzQHodGkQgvJmGiJMMhF__DH8Ae_HWgIRyuBR0nYvQcomNDnpzwPXdacRR1M
.casalemedia.com/ Name: CMPS
Value: 4948
.casalemedia.com/ Name: CMID
Value: ZfVCKosFVhwAAAZaAIgO8QAA
.casalemedia.com/ Name: CMPRO
Value: 4948
.adnxs.com/ Name: XANDR_PANID
Value: ZeqUNp2vaDO1bPWy_b7AenQq_WTaOQ4d-8XZodkjLkter7NfEcEj1k2Okq9kMHki1Uut-zj1X4AXDVGFd802WiumGpF5XkJGyFN7jG580FI.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?'E*BzO!@wnfH8K6pQK`!5=E<*L5?%Lzi+o%Lc?W.9fT^)$4LxP-dIJ^R>ljJmjg-dp%nugO%v4VB%nmjB)xVeA
.adnxs.com/ Name: uuid2
Value: 5644021319859669754
.ctnsnet.com/ Name: gid_CAESEG0JgKQE_mlKycOejRS0DH8
Value: 1
.ctnsnet.com/ Name: cid_da6ffa2041bc49138dd79444e1a7ad11
Value: 1
.teads.tv/ Name: tt_viewer
Value: bf1cf588-a8f6-4bae-8120-6653aaf673c3
.yahoo.com/ Name: A3
Value: d=AQABBCtC9WUCEA4c29nxTzuO9d5hdy3f6z8FEgEBAQGT9mX_ZQAAAAAA_eMAAA&S=AQAAAsWqShGLAY1W9srpn1EJvW4
.simpli.fi/ Name: suid
Value: E49C68B478AE46B3930BA6CB4C3B862C
.r-ad.ne.jp/ Name: r_ad_token
Value: 59K6sZ01CBDDL007UkX2
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.creativecdn.com/ Name: g
Value: XwEhGUOtpmjgKlNiVp07_1710572076007
.creativecdn.com/ Name: ts
Value: 1710572076
.yandex.ru/ Name: yuidss
Value: 8836726241710572076
.yandex.ru/ Name: yandexuid
Value: 8836726241710572076
.doubleclick.net/ Name: APC
Value: AfxxVi6Kn6fPp7r6Oj-Icb3vcbket5_-JGH8p3-wd1fcDNxMuOgBaA
.googleadservices.com/ Name: ar_debug
Value: 1

172 Console Messages

Source Level URL
Text
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://shfo40.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
an.yandex.ru
b1sync.zemanta.com
bid.g.doubleclick.net
cm.g.doubleclick.net
creativecdn.com
cs.r-ad.ne.jp
csi.gstatic.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
ipac.ctnsnet.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r3---sn-npoeenle.c.2mdn.net
r4---sn-npoe7nsy.c.2mdn.net
rt.gsspat.jp
s0.2mdn.net
shfo40.com
sync.teads.tv
tag.researchnow.com
tpc.googlesyndication.com
um.simpli.fi
wcs.naver.com
wcs.naver.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
yandex.ru
103.43.90.19
110.93.147.30
142.250.4.94
142.251.10.100
142.251.10.154
142.251.12.154
142.251.12.97
142.251.175.132
142.251.175.157
142.251.88.73
143.198.193.121
172.217.194.94
172.253.118.148
172.253.118.95
172.64.151.101
18.141.30.29
18.155.68.107
18.177.11.95
182.161.73.146
185.184.8.90
216.239.32.3
222.230.178.26
23.199.246.27
23.44.5.179
2404:6800:4003:9::8
2404:6800:4003:c01::9d
2404:6800:4003:c02::84
2404:6800:4003:c04::9d
2404:6800:4003:c05::5f
2404:6800:4003:c11::94
35.186.193.173
35.230.38.116
51.79.154.9
64.233.170.155
70.42.32.223
74.125.130.139
74.125.130.99
74.125.164.136
74.125.24.155
74.125.68.148
74.125.68.95
77.88.55.88
93.158.134.90
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
01edec5af38ee079f1493bc59b2e507051af90c0fcfeef2c5de9a0294cf8594b
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
06273225802809c5c47bf182073746482465fda819537a3b4a1a7d67839074a9
07cfbbf05cafe8d12e064114e0c4e6729457b7ea8d9c29f51a3929583b0f33e7
0b5a4e5208642cc79fa1cbf1c0bc831d41a4bbab2f3be66ae814dd26a9ba9bbf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
115997331bc346f04ac58791f0488bb689eb1d1b5945632649d889caa1291b55
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1ba63e575ffbcec703b1631a9c2e7ec94a59e41513b0ea9ae156e9661b1e0488
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85
2c162014c40274a84cbce7373aca4aadecd99078a3d274668e812e3244a8da01
2c74835e24d130e2b89f3a7e0fb541b80d4f836c072f55ed2ac2fa799f10333c
3036c598025b480e2c87981c4799a5154999b57413eb03370a697239de1a8b45
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3e74ee67e00a02f0f88ef3d34c8f3c9d96c627dbec1c49cc0a45cd30bf37e7f7
3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
422d28f9adead09ecd10235f78f36d5b276eb37c7ddb87c41d6717c1d4ca1cea
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62dda1d909ce6ffab874d8d4e71af65d147a0214ec6dc82aa6bc82cd05fc7665
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
662dbb2e9a1eaa62f25fd7d00eca3d78b8112c88f96f064a49aca4a6be2892d5
6aa0b43e7042bbe1531a03ddf8a3756c7d46b749de0149ab0485bf1f4c4ce99b
7512c30f301f62bded4b1d448bc5960498aa5e8c75174c9548c11871c916e029
7911a7817b524f49f06433c5bd6589cb3e1b83ce88bd8de36f10182ea007ccbe
7939a381bf80b502fb288f508f09510a4fea2452605c664c7f3374f40394f171
7b2685ea894c514e15f58420b40933b08f0b2baa4cef2a68479acc9a01323b0a
80482e55cd279dac92cd31b8453fc630b1ecda43f8c69a9ed4e80c3f099edc8a
8a98904a34b24d113983fe400402af063a3fbcdd0cce65c90fbd5dcbf029fcc0
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
965b411183ec072ba1ae3fef5b2d6ef52e7bb484a20a9e1e02032dc110bfdf5d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fd8bd2e64cedb731459286a1ec8d699b9384cfbc82dfa14575e8d3d8548e98
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0ce90794565798e8a5f48b5cf3ff3b4f5f9d46e35d6e00bdd91446b122b9b39
a1e378d105ff2a8f2a33a4d576a2f9a61f69c870de0e086c7d9f29a8ec55b02b
a65bdb5d5aabde0ed69a39955b77b134b859c8fbee4f0cffa536f0f168860787
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8299dd1578e96ca4d01ecda5c785a07c4c2c5e9d5a4c9a3d2b04a536c99feb0
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad4809de1d19fbf4714d6383b9eb46e508311559a1a11d91edb8dad65d8c7724
b1228dcc9ae2c01d31fb43e531c1f73923d994a751ba7a63da63cac8c755e7ca
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c94dd3fa032f9f773df1f6fdfa9a61c1d1d110ba4deb94510b1245fe45fec9e2
ca496e7b86b42c661c36378abcfabadd9cec2cf2e04e2d3aafe8ca800bc0ce07
cc16e0f8da29595df961566e50883260229cea4dbb21132134068e40761a3f3a
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
dca7ae46e91defe979364cd37dd34d4ee8ad41e02100c264fab453f44c0cbc47
de433ec68f891e9f2082e7a510569aa41a8a5609e5d157492c7cd37b2617e659
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3174ee174dcc3e6b86d177764176633605f578388c5e39f6551a64684263f8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e81aa3130a112339ab5f8faa7b528ae85305daacee957fe4351a9c4b9a65038d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed524835f55224821a8f590ffd532c6e5f82f77f8020830e7a0cf85cf3396e98
ef07ea63b780cba0a90cae42868016bad1c0113851488ad6b7325ccdd0a5fc4d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f53062eb09ff8e3284c13deb7ac4bc9e34c72e0b5948648b80d32b398e89d557
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615