www.dfast.app Open in urlscan Pro
172.67.174.131 Public Scan

Software

cafe /

Resource Hash

b04ba37966d53c5ebcd88910741993dc1d030678f65573e6c39fec684a9690d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29381
x-xss-protection: 0
server: cafe
etag: 947 / 19743 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:18:33 GMT

GET
H2 200 icons.png
www.dfast.app/static/img/ 3 KB
3 KB 22ms
21ms Image
image/png 172.67.174.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dfast.app/static/img/icons.png
Requested by: Host: www.dfast.app
URL: https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78959ef34530838fecea05c99bcd669dff792199b4571470dfb9c9ef25c0dc6c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:33 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 02:35:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2254
etag: "6436190e-c3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIL1BK%2FfzrgEuBHnc5q%2F%2FfZlmAz260lbX5vCP2jthCz%2FBgldzugHSRDcW%2FovWu1In%2BuIzZj2T8WhLwq70AfrAo%2BniQ%2FLVR2MKIuVOoW9mjW0aRapx0%2FTEXMtybZG7bK4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848f801eec044098-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3130

GET
H2 200 unit-rating.png
www.dfast.app/static/img/ 406 B
694 B 22ms
22ms Image
image/png 172.67.174.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dfast.app/static/img/unit-rating.png
Requested by: Host: www.dfast.app
URL: https://www.dfast.app/static/css/downloadimg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045f6298d255bbddc51d92f99482edf7345e036d4b979bc36a66ddc21c53bf10

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/static/css/downloadimg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:33 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 02:35:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5053
etag: "6436190e-196"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZN1kNwS8rw3Of7g736nDQVXxo3Xgs3icnLQPiTGurBxmU3%2BOOhEz%2Bzf32DGL0h3Ix%2BBrrtk09CE7twhR1ACIuQJ9TB%2FTDp17AJFshndSghcQaGwfC12fLgcQ%2F7ziLdp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848f801efc164098-SIN
alt-svc: h3=":443"; ma=86400
content-length: 406

GET
H2 200 current-rating.png
www.dfast.app/static/img/ 391 B
703 B 23ms
22ms Image
image/png 172.67.174.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dfast.app/static/img/current-rating.png
Requested by: Host: www.dfast.app
URL: https://www.dfast.app/static/css/downloadimg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b2a821d845fde4a2dd5c8a2de58411d2517fd57acd4216a8bd18f8a9f5e7b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/static/css/downloadimg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:33 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Apr 2023 02:36:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1330
etag: "64361911-187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbsQC5tZuzGmfdApCgoVkvbBQOQpMUJsWFG%2Ba4eud20U%2BJFyB%2BfzLSLTzjPsxPNVDrvnNDEaLzGecWzpo5t3E1S3LtaRJjIL4jHC%2B3%2FDlb44CAsW500ZIVYuhaqrOpdg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 848f801efc174098-SIN
alt-svc: h3=":443"; ma=86400
content-length: 391

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 12ms
11ms Script
text/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 02:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37028
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 20 Jan 2025 02:01:25 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 365ms
20ms Script
text/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a7c81e5addaa20d965ad0c095aad1f118c03679b388ec5a5dbbac38f149b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:57:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24629
x-xss-protection: 0
server: cafe
etag: 106683528911992433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:57:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
21 KB 413ms
412ms Fetch
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596940931748534&correlator=3392648345773034&eid=31079724%2C21065724%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22387492205%3A22869266701%2Cdfast.app.Banner0.1701790582&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C250x250%7C200x200&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705839513913&lmt=1705839412&adxs=650&adys=438&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html&rumc=3596940931748534&rume=1&vis=1&psz=480x0&msz=300x0&fws=0&ohw=0&ga_vid=1235965101.1705839514&ga_sid=1705839514&ga_hid=217738569&ga_fc=false&dlt=1705839513025&idt=847&adks=436599100&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81050f411706483c1188024da57b16090582dd52be6d9807fb875792df390cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21212
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dfast.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 657 B
690 B 244ms
243ms Fetch
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596940931748534&correlator=3392648345773034&eid=31079724%2C21065724%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22387492205%3A22869266701%2Cdfast.app.Banner0.1701791943&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50%7C300x100%7C320x50%7C320x100%7C970x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705839513924&lmt=1705839412&adxs=650&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html&rumc=3596940931748534&rume=1&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1235965101.1705839514&ga_sid=1705839514&ga_hid=217738569&ga_fc=false&dlt=1705839513025&idt=847&adks=4195569165&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32e590249be86ae78b5d7e59c36bf4fe607ddede14bb89b72153b960ba998c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dfast.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 541ms
541ms Fetch
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3596940931748534&correlator=3392648345773034&eid=31079724%2C21065724%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=22387492205%3A22869266701%2Cdfast.app.Banner0.1701791975&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C336x280%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705839513929&lmt=1705839412&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html&rumc=3596940931748534&rume=1&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=0&ga_vid=1235965101.1705839514&ga_sid=1705839514&ga_hid=217738569&ga_fc=false&dlt=1705839513025&idt=847&adks=2405367900&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba74eab69149a5dadd3765fbecaf0a8b1c78af159afae7ce2abc3aaea3d2d5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13505
x-xss-protection: 0
google-lineitem-id: 6285074870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431113645
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dfast.app
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF61 6 KB
3 KB 381ms
18ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dfast.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 12:18:34 GMT
expires: Mon, 20 Jan 2025 12:18:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 361ms
34ms XHR
application/json 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0956aec88337b2f5fd249360a34f7ee43c722fdfac347c919564aa0b1697e70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12215
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 59ms
58ms Image
image/gif 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.dfast.app&doc=complete&pg_h=5496&pg_w=1600&pg_hs=5496&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC5B 6 KB
3 KB 15ms
14ms Document
text/html 142.250.4.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dfast.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 12:18:34 GMT
expires: Mon, 20 Jan 2025 12:18:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame EC5B 99 KB
38 KB 74ms
38ms Script
text/javascript 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

f1bde7cfb952b84380892e8861fd1553c85f8016d9bcef0a8d29a8b42f4f30c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-mnt-h: 21-tp9r
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Sun, 21 Jan 2024 12:18:34 GMT
server: Apache
etag: "d85ab5b3872464235048847497d3f462"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-5h9m
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 38197
expires: Sun, 21 Jan 2024 12:23:34 GMT

GET
H2 200 release-20231121-135-adperformance.js Show response
warp.media.net/rtb/resources/ Frame EC5B 72 KB
25 KB 415ms
21ms Script
application/javascript 184.25.248.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-248-23.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sun, 21 Jan 2024 12:18:34 GMT
x-guploader-uploadid: ABPtcPpi-npoJB9VzHfVnPDnzh2vfYeFMMx5EpUjE2s0JkjCVVrmbG0CaJC-MnCaQZq4nXe6Fz8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25147
server: UploadServer
etag: "841dabce0b477a93d9cf7379b9eb1368"
vary: Accept-Encoding
x-goog-hash: md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type: application/javascript
x-goog-generation: 1700562102250666
cache-control: max-age=3600
x-goog-stored-content-length: 73447
expires: Sun, 21 Jan 2024 13:18:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EC5B 3 KB
1 KB 364ms
26ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 07:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 07:19:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame EC5B 20 KB
9 KB 361ms
24ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 07:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 07:19:57 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC5B 24 KB
7 KB 360ms
23ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 12:18:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Jan 2025 12:18:08 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC5B 206 KB
66 KB 362ms
24ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H2 200 SAFEFRAME.html Show response
contextual.media.net/sr/2722522032/ Frame 349E 73 KB
30 KB 404ms
403ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3204&&kkdd=HW%7CH%7C9nA*&gs=c_47yG*7c3___9*47*4&IoPO=4&twPM=4&Wog=cc7G&rwWF=hGy7&Wso=yqRhB9mTB&WPWo=49i3*X-sn0Lm1ncDGvV7t6%3D%3D&WOso=By3y4_9GB&wsEF=B74jB74&WW=5n&WY1t=A6Lbux(&Pso=yJu09UyT3&rPso=e54_59B&YrrPw=c&OOO=eFqwWu~uWB8J1rbufw-v_SrS~GeHfx)iixewafo6Nh55~mrswmN7n.gLNyfvwsqLX.91OfaqitCxYEPJX5HIgXuHFU3tBSX7&1wF=7&.D=c&)Io=3&Morc=yqR33LG_u&MorB=_G_c3yy9_&2oMrM=d2ja.F1%3Dcc74d2YP%3D4d2so%3D4k4y4d2jaM1WFwrXO%3DGN7l7N9lcyN9lB4N7d2jaMw1%3D79G44d2jaFjP%3D4d2jaIs1w)%3D4d2jas1rto%3D4d2jaOY%3D3_v!iP~yAfd2jaOPW%3D444444cd2jawsEF%3DB74jB74d2jartMj%3DB74d2jart.aw)88sj%3D%2FdWsrV%3D5mxn6JuL!dWSa8.%3D4doW%3DIWPNMPMWNwFcN2dottaoc%3D4dottaoc4%3D4dottaocB%3DGdottaoc3%3D4dottaoc7%3Dcdottaoc9%3DGdottaoc_%3Dcdottaocy%3Dy7dottaoc*%3Dc444dottaoB%3DedottaoBc%3DNcdottaoBB%3D4kc4dottaoB3%3D7dottaoB7%3DoF8aoF8dottaoBy%3D7dottaoB*%3D4k44dottaoG%3D4dottaoG4%3D4dottaoGB%3D4dottaoGG%3D4dottaoG9%3Dx6dottaoG_%3Dedottao3%3Dc4dottao34%3D4dottao3B%3D4dottao3G%3D4dottao33%3DPOXodottao37%3D4dottao39%3DLdottao7c%3D4dottao7B%3D4k44dottao79%3D4dottao_%3D4dottaoy%3D4dotta.%3D4kcGydottatc%3D4kcG3dottatc4%3Dck444dottatcc%3D4k*_ydottatcB%3DckG3GdottatcG%3Dck444dottatc3%3Dck444dottatc7%3D4k*G7dottatc9%3D4k4*_dottatB%3D4kc4GdottatBc%3Dck444dottatBG%3Dck444dottatB3%3D4k*G9dottatB7%3Dck444dottatB*%3Dck444dottatG%3Dck444dottatG4%3Dck444dottatGB%3D4k4c4dottatG3%3Dck444dottatG*%3D7ck444dottat34%3D7ck444dottat7%3Dck444dottat7B%3D4ky_4dottat7G%3D4k744dottat73%3D7k444dottat77%3D4k744dottat7_%3Dck444dottat7*%3Dck444dottat9%3Dck444dottat_%3Dck3G9dottat*%3Dck444dottaO%3D4k4*_dFaOPt%3D4kcG3dFOPt%3D4kcG3dYW%3D4%20%2B%204dsYM%3D4dsrVPF%3D6vHdOaWW%3D5ndOasP%3Dc4GkB7BkB4Bk4dOawW%3D4cdO2X%3D7aGdOF8aW1r%3D4dwF..FOarMIaso%3D3G97**c44dwro%3D3G97**c44dg2O%3D4dW2oP%3D4k4c9dsrVPFaso%3Dc_dwF..FOarMIaso%3D3G97**c44dw)PP.VarMIaso%3DdoFrFWrFoarMIaso%3DdgsFDM2s.srV%3D4ky_dPXw%3DcdMWarVPF%3DcdMo2.S%3D3G97**c44dMtP%3DcdXI2so%3D4k4y4d28.O%3D4k4c4dw)so%3DdorW%3DMPMWawIdottaFOPt%3D8M.wFdott%3DYMOtX1Vd2oPWMPo%3D4doM.I%3D)1swX1aW.)wrFOdwX2P%3Ddjso%3D6vHNP)2Nc49_G_39_*B7B7G_dYrt.%3DcdoW)r%3Dy4doXI2%3D4NcdFWPa)wFo%3DKB4dFWPaP47%3D4k4BdFWPaPc4%3D4k4GG7B_c*y34c7c447dFWPaPc7%3D4k47_G74*yB34_44G9GdFWPaPB4%3D4k4_y73__3y77yc_G_dFWPaPB7%3D4kc44y**4y_By43GGGdFWPaPG4%3D4kcB7**c49G3*B9yB7BdFWPaPG7%3D4kc3_B4yB79G397_yydFWPaP34%3D4kc_GG*G4_9c*9*947_dFWPaP37%3D4kB4433_BGyc_4yc*B7dFWPaP74%3D4kBGcyG33cByG33979GdFWPaP77%3D4kB7_997_y49799B3ydFWPaP94%3D4kBy9c3797G_yyy347dFWPaP97%3D4kGB4y_B_3G4G33G9G9dFWPaP_4%3D4kG949_4G73G*773BydFWPaP_7%3D4k3B9*377cy3B****_dFWPaPy4%3D4k7B**B3G_B33y43*3dFWPaPy7%3D4k9_3cB__7c_74B49*dFWPaP*4%3D4k*797cGcc499cc_*_dFWPaP*7%3DckyB_**y9BB__Gc44_dFWPaP**%3D9*k*4444c9c7*c4yds2W%3Dcd&1rg=4&ttt=BBB4Y1RCVC320q6O8MBhA7V4DtxO~Eq)Atg81wVM7AR%3D&sD=B74&s1m8O=c&2oOmo=Gc*&2so=G749B7&Srr.F=5M8FCOMtF%20qX1rMs1FO&tW8=_97*B&VowPO=c&2MF=fjFEK%2FMEfxdfjFEKxFffxd3FF&SMrPOF=c&SMr2so=Nc4G&WMoXtMs1=rELNYhW.NhNA5Yx3BN))8Wg5!_DWrSb9)9giP(GSj*Gvqnt505U(UD%3D%3D&VP.P=c&swso=c&Mog=6ogM1WF%205stP.F&wwtWOagFO=7&PIso=P4cB77c7c*3rB4B34cBccBcy&ww.o=%7B%22wwsP%22%3A%22c4GkB7BkB4Bk4%22%2C%22wwWW%22%3A%225n%22%2C%22wwwW%22%3A%224c%22%2C%22wwWrV%22%3A%22ws1IMPXOF%22%7D&PFO8=c&Yrt.wOW=c&sflct=4031426&ure=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUL26IV2&ydspr=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

22dc3c472c8840838fcadb468357ceaa7517a3ff096c775b11485eb15f38c24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 30223
content-type: text/html
date: Sun, 21 Jan 2024 12:18:34 GMT
expires: Sun, 21 Jan 2024 12:18:34 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 21-blcr

GET
H/1.1 200
OK bping.php
lg3.media.net/ Frame EC5B 35 B
368 B 380ms
32ms Image
image/gif 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=2880&&vgd_cdv=1153&vgd_cage=2&vgd_tsce=L385&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUL26IV2&crid=284807632&vi=1705839514777690590&ugd=4&lf=6&cc=SG&lper=100&wsip=170785157&r=1705839514492&rrr=TeCscOjOc2fPntMOBsKD7ktkj3TXBNuQQNTs_BdA-LSSjItisI-5GlvR-8BDsiCRol6nrB_CQmFNhzpPoSXgvoOXeW4m2ko5&requrl=https%3A%2F%2Fwww.dfast.app%2F&vgde_bdata=~G-MjJzvuuX9~GwEv9~G8Ov9.9W9~G-M1zNJQ7mLvAoX*XoF*uWoF*f9oX~G-M1QzvXFA99~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvfX9-fX9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjv9~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.u9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.uAW~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.ihW~OYYMYufvu.AHA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iAX~OYYMYuFv9.9ih~OYYMYfv9.u9A~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHv9.iAF~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivXu.999~OYYMYH9vXu.999~OYYMYXvu.999~OYYMYXfv9.Wh9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.HAF~OYYMYivu.999~OYYMLv9.9ih~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evu9A.fXf.f9f.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHAFXiiu99~Q7OvHAFXiiu99~eGLv9~NGOEv9.9uF~875EJM8Ovuh~QJjjJLM71yM8OvHAFXiiu99~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvu~1NM75EJvu~1OGjUvHAFXiiu99~1YEvu~myG8Ov9.9W9~GkjLv9.9u9~Qx8Ov~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzMNjxQ7JL~QmGEv~-8OvKrtoExGou9FhAhHFhifXfXAh~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%20f9~JNEME9Xv9.9f~JNEMEu9v9.9AAXfhuiWH9uXu99X~JNEMEuXv9.9XhAX9iWfH9h99AFA~JNEMEf9v9.9hWXHhhHWXXWuhAh~JNEMEfXv9.u99Wii9WhfW9HAAA~JNEMEA9v9.ufXiiu9FAHifFWfXf~JNEMEAXv9.uHhf9WfXFAHFXhWW~JNEMEH9v9.uhAAiA9hFuiFiF9Xh~JNEMEHXv9.f99HHhfAWuh9WuifX~JNEMEX9v9.fAuWAHHufWAHHFXFA~JNEMEXXv9.fXhFFXhW9FXFFfHW~JNEMEF9v9.fWFuHXFXAhWWWH9X~JNEMEFXv9.Af9WhfhHA9AHHAFAF~JNEMEh9v9.AF9Fh9AXHAiXXHfW~JNEMEhXv9.HfFiHXXuWHfiiiih~JNEMEW9v9.XfiifHAhfHHW9HiH~JNEMEWXv9.FhHufhhXuhX9f9Fi~JNEMEi9v9.iXFXuAuu9FFuuhih~JNEMEiXvu.WfhiiWFffhhAu99h~JNEMEiivFi.i9999uFuXiu9W~8GNvu~&ssld=%7B%22QQ8E%22%3A%22u9A.fXf.f9f.9%22%2C%22QQNN%22%3A%22bZ%22%2C%22QQQN%22%3A%229u%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%7D&vgd_bid=350625&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=56300&vgd_rakh=1705839514138886448&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_pgid=p0125515194t202401211218&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001705839514488017446200663323&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Sun, 21 Jan 2024 12:18:34 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Alt-Svc: h3=":443"; ma=93600
Content-Length: 35
Expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 2A56 27 KB
10 KB 40ms
40ms Document
text/html 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

319cef9453b1fc8c57fce689eed1aa86ffc0a234b70c76972b1859ba17548392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 9640
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 12:18:34 GMT
expires: Tue, 23 Jan 2024 12:18:34 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame EC5B 35 B
191 B 1323ms
886ms Image
image/gif 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?pixel_len_bucket=6476&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=SG&cid=8CU44R37O&reqid=HBL5OlM5ZJ4phhgN9R852Q&vid=HBL5OlM5ZJ4phhgN9R852Q&dn=dfast.app&rawDn=dfast.app&requrl_dn=dfast.app&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html&cliIPType=v4&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=01&ct=singapore&zip=228211&pubid=pub-ADX-101418826937&tgtval=pub-ADX-101418826937&csip=rtb-common-7b89b86997-hlwps.SG&dtc=apac_sg&zone=b&ptype=23&tmax=300&xtmax=280&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=56300&sckfl=0&sckfl2=0&smbrid=adx-1&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm6fjmnMHfox9XDmYb9gGKXouxrrHMPen7-5LwpEmXjVqjgYxfaa4sfTom2mXlqemjdu&pexid=ADX-pub-1067374679252537&geoll=true&is_ortb=false&commit_id=090027d8&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2024-01-19+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=SG&ipcc=SG&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=33&req_tid_present=false&pvid=319&prvAccId=284807632&prvApiId=8CUL26IV2&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=737148867&prspt=headerBid&prvReqId=21161111677252_1441973731_73714886713191&size=250x250&chnl=HARMONY&bdp=0.080&bid_uuid=cbff1631e2d019688370a37466f791eb&cbdp=0.016&og_cbdp=0.080&ogbdp=0.08&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Frelated.advancesimple.com&dfpBd=0.016&dsrc=-2&dp=0&dbf=1&epc=284807632&s=1&snm=SUCCESS&pcrid=8CUL26IV2-284807632-4-14&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=87&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=319&brsrclk=0&bidrestime=1705839514267&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700090000480900250025000039800&strg=HARMONY&vls=0&scrid=1700090000480900250025000039800&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_epbc=8CUL26IV2&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_bsAlgoBucket=NOT_APPLICABLE&mx_bsVerdictAlgo=V1&mx_bss_algos%3C%3E=0&mx_bsAlgoProfile=NOT_APPLICABLE&mx_aurl_hc=0&mx_aabpc=0&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_gpid_sent=false&mx_commit_id=7fbafb5346&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23loss_notification_exp%3ADEFAULT%23%23NedCkflWithData%3Aall_blk_0nt%23%23BF_store%3AGCS%23%23duplication%3ADEFAULT%23%23RealTimeValidBid%3A15m%23%23launchexp%3Atoken2%23%23bsNed%3AvalidBid%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_sdr=false&mx_sua_cvg=1111111&mx_tid_sent=false&mx_SPRIG=0&mx_bsBucket=0&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sid=8CU44R37O&mx_SC=1&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_tgs=250x250%7C300x250%7C336x280&mx_bsProfileRa=0&mx_IAB2=0&mx_PC=0&mx_UCC=1&mx_bsWhitelistBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_isNed=1&acid=6f0f7d652e83f05ee8a968e6a4e51bf0&rtime=10.0&wsip=mowx-5b7bf7dcd8-n8sd5&ltime=26.0&act=headerBid&abs=0%7C0%7Cxtmax%3D280%7Cbrr%3D0&adtypes=0&adblk=436599100&impId=1&reftime=0&reftype=0&psrc=fail&mowxReqId=6f0f7d652e83f05ee8a968e6a4e51bf0_1&policy_enf=2&pub_blk_enf=1&req_size=300x250%7C336x280%7C250x250&renderer=1&ifst=0&iframingState=0&ifdp=0&slotVisibility=1&adpos=1&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&feedback_id=HBL5OlM5ZJ4phhgN9R852Q_1&supplyTagId=436599100&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-01-21+12%3A18%3A34&__expireat=1705840114522&mview=1&lo_pvid=%5B319%5D&lo_dp=0&lo_bdp=0.080&lo_cbdp=0.016&actltime=27&rme=adm&bdata=~bx_len%3D1150~bhp%3D0~bid%3D0.080~bx_ancestor%3D3-5*5-6*18-6*20-5~bx_asn%3D56300~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D250x250~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DSINGAPORE~ck_fl%3D0~dc%3Dgcp-apac-se1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D3~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D1~dmm_d18%3D85~dmm_d19%3D1000~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.10~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.138~dmm_m1%3D0.134~dmm_m10%3D1.000~dmm_m11%3D0.978~dmm_m12%3D1.343~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D0.935~dmm_m16%3D0.097~dmm_m2%3D0.103~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D0.936~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m39%3D51.000~dmm_m40%3D51.000~dmm_m5%3D1.000~dmm_m52%3D0.870~dmm_m53%3D0.500~dmm_m54%3D5.000~dmm_m55%3D0.500~dmm_m57%3D1.000~dmm_m59%3D1.000~dmm_m6%3D1.000~dmm_m7%3D1.436~dmm_m9%3D1.000~dmm_r%3D0.097~e_rpm%3D0.134~erpm%3D0.134~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_cc%3DSG~r_ip%3D103.252.202.0~r_sc%3D01~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D436599100~std%3D436599100~vbr%3D0~cbdp%3D0.016%7Eitype_id%3D17%7Eseller_tag_id%3D436599100%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.87%7Epos%3D1%7Eac_type%3D1%7Eadblk%3D436599100%7Eamp%3D1%7Eogbid%3D0.080%7Ebflr%3D0.010%7Esuid%3D%7Edtc%3Dapac_sg%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison_cluster%7Esobp%3D%7Exid%3DADX-pub-1067374679252537%7Ehtml%3D1%7Edcut%3D80%7Edogb%3D0-1%7Eecp_used%3Dq20%7Eecp_p05%3D0.02%7Eecp_p10%3D0.03352719840151005%7Eecp_p15%3D0.05735098240700363%7Eecp_p20%3D0.0785477485581737%7Eecp_p25%3D0.1008990872804333%7Eecp_p30%3D0.12599106349268252%7Eecp_p35%3D0.1472082563465788%7Eecp_p40%3D0.17339307619696057%7Eecp_p45%3D0.20044723817081925%7Eecp_p50%3D0.23183441283446563%7Eecp_p55%3D0.2576657806566248%7Eecp_p60%3D0.2861456537888405%7Eecp_p65%3D0.32087274303443636%7Eecp_p70%3D0.3606703543955428%7Eecp_p75%3D0.4269455184299997%7Eecp_p80%3D0.5299243724480494%7Eecp_p85%3D0.6741277517502069%7Eecp_p90%3D0.9565131106611797%7Eecp_p95%3D1.8279986227731007%7Eecp_p99%3D69.9000016159108~ibc%3D1~&utime=240&sf=0&cpr=0.3133890625379201

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Sun, 21 Jan 2024 12:18:35 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9AD7 0
0 64ms
63ms Fetch
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqK4mxwJrFWAjkzqq_MVJFTwiTnxzU_GDaAOhups_gMlKDbnwAIhsjcnLfpmG9tQiV2tfsM7U69IIWg89kNUC6JKBNOSTfNNfyq2KUdFemix-dBkzjXcPiULmAO61-7F3yGwCPinWxRXqsOeB6MbHG5KlJt7du9Ni-XUQ62hh3Y9jwvzkUnBMNJj1QRlnqQuYZA7NG3FS5SS59EdTDx8JmzN2M1pnfcXgGOQX3K1Lzuwm2yrAXL36pqt39ghL0Z6STpEZe-zS0j5rThIqSwbafVCsI727F4AS_08geRKVVTNculmU8dVurzs1lFsYdXPy_xMkDGLB5tGeQb2Bap2dzqGTRIdAsi3tldJW92NKA5_fexl7lB6Vzj6fIsC_vtsl3d4hYVQ&sai=AMfl-YQ2H_8T25B492K_R3dpwRU-6IG1HW1G743Iaaewj4lCeS-hz1vjreBBrOv4eCV1fdQQeMd_NC4cbiIhvFD5pWouLBgDKTqP-1dlExADewrqV1CKbxrTiXW0LShYzSeNPTY5IhJPeVJ-koxM5-_SGsFC&sig=Cg0ArKJSzOVE9A4MGG8DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.dfast.app
URL: https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H2

200

i Show response
ipds.adrta.com/ Frame 9AD7
Redirect Chain

https://adrta.com/i?clid=ggm&paid=gam&avid=5302416466&caid=3192201064&plid=138431113645&publisherId=22386413466&lineItemId=6285074870&siteId=/22387492205/dfast.app.Banner0.1701791975&kv11=143361847...
https://ipds.adrta.com/i?__x=GEHFIJIFHFGCKK@GCGGLHNIMILFMFNIHLGKFAFLHLMJQKGJHII@ILGGEMPNKHNNGJGPKIPCGMEJPJNLIKIFGCMJHKNHFGHKGHPOIFEJBFNHKNHNMHJJIHAE@HBE&clid=ggm&paid=gam&avid=5302416466&caid=31922...

43 B
182 B

468ms
410ms

Fetch
image/gif

54.189.13.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipds.adrta.com/i?__x=GEHFIJIFHFGCKK@GCGGLHNIMILFMFNIHLGKFAFLHLMJQKGJHII@ILGGEMPNKHNNGJGPKIPCGMEJPJNLIKIFGCMJHKNHFGHKGHPOIFEJBFNHKNHNMHJJIHAE@HBE&clid=ggm&paid=gam&avid=5302416466&caid=3192201064&plid=138431113645&publisherId=22386413466&lineItemId=6285074870&siteId=/22387492205/dfast.app.Banner0.1701791975&kv11=1433618475_1433618475&kv1=300x250&kv2=https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html&kv24=Mobile_Web&kv12=23032700038
Protocol: H2
Server: 54.189.13.173 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-13-173.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
cache-control: no-cache
server: nginx
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=GEHFIJIFHFGCKK@GCGGLHNIMILFMFNIHLGKFAFLHLMJQKGJHII@ILGGEMPNKHNNGJGPKIPCGMEJPJNLIKIFGCMJHKNHFGHKGHPOIFEJBFNHKNHNMHJJIHAE@HBE&clid=ggm&paid=gam&avid=5302416466&caid=3192201064&plid=138431113645&publisherId=22386413466&lineItemId=6285074870&siteId=/22387492205/dfast.app.Banner0.1701791975&kv11=1433618475_1433618475&kv1=300x250&kv2=https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html&kv24=Mobile_Web&kv12=23032700038
date: Sun, 21 Jan 2024 12:18:35 GMT
server: nginx
content-length: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9AD7 206 KB
65 KB 232ms
29ms Script
text/javascript 142.251.175.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f155.1e100.net

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H2

200

cksync
cs.media.net/ Frame 2A56
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ4ODQxMTE0MjAwNjY1NDAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELlbfoH5l1dDvXKVtsMsb0E&google_cver=1

57 B
448 B

552ms
41ms

Image
image/gif

184.25.248.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELlbfoH5l1dDvXKVtsMsb0E&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU44R37O&prvid=99%2C77%2C20000%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 184.25.248.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-248-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 21 Jan 2024 12:18:35 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESELlbfoH5l1dDvXKVtsMsb0E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK piwik.js Show response
piwik.everzones.com/ 64 KB
64 KB 887ms
437ms Script
application/javascript 195.154.94.155
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://piwik.everzones.com/piwik.js
Requested by: Host: www.dfast.app
URL: https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.154.94.155 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-94-155.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 5c166a5d40aeefd0679a14f95e47ff28824e66abba82adfa30be41803cc25632

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 12:16:28 GMT
Last-Modified: Mon, 19 Nov 2018 03:20:15 GMT
Server: nginx
ETag: "5bf22bef-ffb2"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65458

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
27ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 48B8 13 KB
5 KB 13ms
12ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dfast.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 17920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 07:19:54 GMT
expires: Mon, 20 Jan 2025 07:19:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57A6 829 B
1 KB 348ms
15ms Document
text/html 64.233.170.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f99.1e100.net

Software

GSE /

Resource Hash

7a653ef77284b0a95a320cc1062aa828cd61ef501674d214560c8a9ec723ecbd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1fL-ZAu1y46DnVFdpytsTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dfast.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1fL-ZAu1y46DnVFdpytsTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 12:18:35 GMT
expires: Sun, 21 Jan 2024 12:18:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9AD7 0
0 687ms
59ms Fetch
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7n15xSBZbMi_tYarUeyXVx09jKwa0WkJ_ku9t64t0HnGPl7YGlqRmaolUzVnyh3Vblf0fFP33euGjceSoGWmIVRyutEfFSA6Iy41zcjTVus4AQla3azEI2RfARfdEtJrKegnksePP11jPn_NIlww66lhMErHK4ZEHdSEHD67b-2o92wBE6lkwBSOo0abyFDUZMVVZHDi3gwXeL0BFIBGt3jCcElxSAtC_Ve7Rc_nvCpMmWHIDu5zzIZ3UYiMSYBp8tJ613vQQVuPAtWd8E4AFftyb-HMpt9EdeKvjGBWIEbAJKr818jVDhjFexqHKQouXHH8BJd8AGzTN-KFRb1-7tvKD77IcIDGZB9lkfqPoYz0s1D-8fmcNIi_FL24KVx7iS4YntPln&sai=AMfl-YQy_Ump9Bk9NZyydPx7ikFx7owA-vXyYGXHJwbC5UzMQsyqCAWceteZDJoCS04N1vVBVnFf7DcEPuhbUeYRwAt5UACDrHJLVZFokb1uKbgPXaaqJBmG3XTe5Uo1mYE8jfzYPeXz-5tibrLlcDPF4xjd&sig=Cg0ArKJSzJ006PWwvaDAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Jan 2024 12:18:35 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 9AD7 65 KB
24 KB 15ms
15ms Script
text/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.dfast.app
URL: https://www.dfast.app/aegon-mester-mod/com-delightsolutions-aegonmester/downloading.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a7c81e5addaa20d965ad0c095aad1f118c03679b388ec5a5dbbac38f149b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1895
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24629
x-xss-protection: 0
server: cafe
etag: 106683528911992433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:46:59 GMT

GET
DATA 200
OK truncated
/ Frame EC5B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4426c5a870148edd2b4ece1c154bddc368be6d96543cd9be2527f235a621fcd5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC5B 0
0 74ms
73ms Image
text/html 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CbtMOmgutZc21Cry49fwPs6eqgAes1_3wZLT2qJPiC8CNtwEQASAAYL8FggEXY2EtcHViLTEwNjczNzQ2NzkyNTI1MzfIAQngAgCoAwHIAwKqBOsCT9CM7KftAfD4q4Hat_rCZ_yXukWjgwf8SMSjYiqe8xqBhQJDXLqV7UuwXGiuE3pH6a-IDfRroxSmCHrwS5np4xjrXjilGTCfUhWzflHwVUbw--tScrT8PC56VZXFFseiMiDdvVmsR-Lt7cK8jKc9b-w-pDOVe8FCM_djPaLQb7a1hXbX-DGQ3oq8SLiK7_BOiTm-clrJCCIMAWG8a02LTTib0NjQ7FMA3gZFNB0gEPG8vcYh48AROZ5iCSScs466dYuFr_u1xRf1YwtBY4U9bXVwSpjr9IMR0Qo-53lbmwnEu5eTiZ6WM3Udph3YZnCnmE2NQDMVp8y0UN997PdEMY54jAb5hwFdubGLy-Gn6LsAvrbn-aP4VFjVbqbShJk_n6grxeiizYs5Kxt037sc8FQ7tnEH-W3QYKjK0yFybK3qG4VbEosUxYN0x0UGlVIQzeUJve7i9lI_PL4HCAjxgn8Wom-l6U1ttV6C4AQBgAbXlfO6gdDp8ZwBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WPKJl7K77oMDgAoD-gsCCAGADAHiDRMI1b6XsrvugwMVPFydCR2zkwpw0BUBgBcBshccChoSFHB1Yi0xMDY3Mzc0Njc5MjUyNTM3GJOiew&sigh=rvwxMyQxNv8&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_OF8UtHiyZjKjSs3fZzbEi6Y4pxotrF17kZTzY_V_jlr9ykIjkV3SrKRZsmfeI1GVJoBYTSIMIbvtn7EoDXRRJcwJMieF5pKV1PsYAQ&cbvp=2&vis=1
Requested by: Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 log
hblg.media.net/ Frame EC5B 35 B
224 B 51ms
22ms Image
image/gif 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYgEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAIUDIxMTYxMTExNjc3MjUyXzE0NDE5NzM3MzFfNzM3MTQ4ODY3MTMxOTFANmYwZjdkNjUyZTgzZjA1ZWU4YTk2OGU2YTRlNTFiZjD-BHsUrkfherQ_sAFodHRwczovL3d3dy5kZmFzdC5hcHAvYWVnb24tbWVzdGVyLW1vZC9jb20tZGVsaWdodHNvbHV0aW9ucy1hZWdvbm1lc3Rlci9kb3dubG9hZGluZy5odG1sBFNHgKjm_wzoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2EmRmYXN0LmFwcBI4Q1U0NFIzN08IDjI1MHgyNTAKMC4wMTYOYXBhY19zZwZBRFgICG51cmwAAAAAAADAVUC2yqq_pWMCMQAAAAAAAPC_PHJ0Yi1jb21tb24tN2I4OWI4Njk5Ny1obHdwcy5TRz4xNzAwMDkwMDAwNDgwOTAwMjUwMDI1MDAwMDM5ODAwAhAwOTAwMjdkOAJiAgxjb21tb24&cbvp=2

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:34 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 48
expires: Sun, 21 Jan 2024 12:18:34 GMT

GET
H/1.1 200
OK log
qsearch-a.akamaihd.net/ Frame EC5B 35 B
296 B 84ms
14ms Image
image/gif 42.99.140.216
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=6f0f7d652e83f05ee8a968e6a4e51bf0&algo=unison_cluster&bdp=0.0800&bidfp=0.0100&capd=0&cc=SG&cid=8CU44R37O&crid=737148867&ct=singapore&dc=apac_sg&dfpbd=0.0160&dn=dfast.app&iwb=1&ogcbdp=0.0800&other_bids=0.08&other_prv=319&pbshr=100.0000&prdp=0.0160&requrl=dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html%2F&sat=1&sc=01&sc_pvid=319&send_erpm=true&server=1&size=250x250&strg=harmony&totalTime=3628920&ugd=4&ver=9.6.4&cliIP=1744620032&time_stamp=2024-01-21%2012%3A18%3A34&seat=319&itype=adx&req_id=HBL5OlM5ZJ4phhgN9R852Q&dim4=exploration&dim5=000&dfp_bucket=0.0&level_base=0&bdp_bucket=0.1&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.224%20Safari%2F537.36&br_ver=120.0.6099.224&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_adx_2-cid_2&ogerpm=0.0000&ogerpm_used=false&rawbid=0.0800&totalTimeBucket=3&as_cache=1&sub_bidder=0&current_day=0.0&current_hour=12&cut=80&floor_bucket=0.00&model_version=202401210319_generic_adx_2-cid_2&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=1&viewability=0.8700&pvid_seat=319_319&ckfl=0&mnckfl=0&sd=0&predicted_wr=89.85&bdp_wider_bucket=1&adblk=436599100&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=80&dmm_d36=NA&advurl=related.advancesimple.com%2F&dmm_d10=0.0000&dmm_d22=0.10&bdmm_m5=1.0000&bdmm_m6=1.0000&bdmm_m7=1.4360&bdmm_m12=1.3430&dmm_l=0.0970&dmm_r=0.0970&e_rpm=0.1340&bdr_typ=2&url_l1=aegon-mester-mod&url_l2=com-delightsolutions-aegonmester&clisp=rtb-common-7b89b86997-hlwps.SG&dmm_m1=2024-01-21%2012%3A18%3A34.269058316&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700090000480900250025000039800&erpm_mult=1.000000&zone=b&rc=-1&ecp_p50=0.23183441283446563&ecp_p75=0.4269455184299997&ecp_avg=0.02&ecp_status=Success&ecp_used=q20&ecp_rtime=1558.0&sfm_key=mowx_8CU44R37O_319&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-5b7bf7dcd8-n8sd5&rel_cut_bkt=90&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.1008990872804333&ecp_p60=0.2861456537888405&ecp_p70=0.3606703543955428&ecp_p80=0.5299243724480494&ecp_p85=0.6741277517502069&ecp_p90=0.9565131106611797&ecp_p95=1.8279986227731007&ecp_p99=69.9000016159108&optimal_cut=0.8&cut_cluster=0.8&cbvp=2
Requested by: Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-216.pacnet.net
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 12:18:35 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Sun, 21 Jan 2024 12:18:35 GMT

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 48B8 39 KB
15 KB 13ms
13ms Script
text/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 07:19:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 07:19:54 GMT

GET
DATA 200
OK truncated
/ Frame 349E 107 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 349E 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 349E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 349E 24 KB
24 KB 33ms
32ms Font
font/woff 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3204&&kkdd=HW%7CH%7C9nA*&gs=c_47yG*7c3___9*47*4&IoPO=4&twPM=4&Wog=cc7G&rwWF=hGy7&Wso=yqRhB9mTB&WPWo=49i3*X-sn0Lm1ncDGvV7t6%3D%3D&WOso=By3y4_9GB&wsEF=B74jB74&WW=5n&WY1t=A6Lbux(&Pso=yJu09UyT3&rPso=e54_59B&YrrPw=c&OOO=eFqwWu~uWB8J1rbufw-v_SrS~GeHfx)iixewafo6Nh55~mrswmN7n.gLNyfvwsqLX.91OfaqitCxYEPJX5HIgXuHFU3tBSX7&1wF=7&.D=c&)Io=3&Morc=yqR33LG_u&MorB=_G_c3yy9_&2oMrM=d2ja.F1%3Dcc74d2YP%3D4d2so%3D4k4y4d2jaM1WFwrXO%3DGN7l7N9lcyN9lB4N7d2jaMw1%3D79G44d2jaFjP%3D4d2jaIs1w)%3D4d2jas1rto%3D4d2jaOY%3D3_v!iP~yAfd2jaOPW%3D444444cd2jawsEF%3DB74jB74d2jartMj%3DB74d2jart.aw)88sj%3D%2FdWsrV%3D5mxn6JuL!dWSa8.%3D4doW%3DIWPNMPMWNwFcN2dottaoc%3D4dottaoc4%3D4dottaocB%3DGdottaoc3%3D4dottaoc7%3Dcdottaoc9%3DGdottaoc_%3Dcdottaocy%3Dy7dottaoc*%3Dc444dottaoB%3DedottaoBc%3DNcdottaoBB%3D4kc4dottaoB3%3D7dottaoB7%3DoF8aoF8dottaoBy%3D7dottaoB*%3D4k44dottaoG%3D4dottaoG4%3D4dottaoGB%3D4dottaoGG%3D4dottaoG9%3Dx6dottaoG_%3Dedottao3%3Dc4dottao34%3D4dottao3B%3D4dottao3G%3D4dottao33%3DPOXodottao37%3D4dottao39%3DLdottao7c%3D4dottao7B%3D4k44dottao79%3D4dottao_%3D4dottaoy%3D4dotta.%3D4kcGydottatc%3D4kcG3dottatc4%3Dck444dottatcc%3D4k*_ydottatcB%3DckG3GdottatcG%3Dck444dottatc3%3Dck444dottatc7%3D4k*G7dottatc9%3D4k4*_dottatB%3D4kc4GdottatBc%3Dck444dottatBG%3Dck444dottatB3%3D4k*G9dottatB7%3Dck444dottatB*%3Dck444dottatG%3Dck444dottatG4%3Dck444dottatGB%3D4k4c4dottatG3%3Dck444dottatG*%3D7ck444dottat34%3D7ck444dottat7%3Dck444dottat7B%3D4ky_4dottat7G%3D4k744dottat73%3D7k444dottat77%3D4k744dottat7_%3Dck444dottat7*%3Dck444dottat9%3Dck444dottat_%3Dck3G9dottat*%3Dck444dottaO%3D4k4*_dFaOPt%3D4kcG3dFOPt%3D4kcG3dYW%3D4%20%2B%204dsYM%3D4dsrVPF%3D6vHdOaWW%3D5ndOasP%3Dc4GkB7BkB4Bk4dOawW%3D4cdO2X%3D7aGdOF8aW1r%3D4dwF..FOarMIaso%3D3G97**c44dwro%3D3G97**c44dg2O%3D4dW2oP%3D4k4c9dsrVPFaso%3Dc_dwF..FOarMIaso%3D3G97**c44dw)PP.VarMIaso%3DdoFrFWrFoarMIaso%3DdgsFDM2s.srV%3D4ky_dPXw%3DcdMWarVPF%3DcdMo2.S%3D3G97**c44dMtP%3DcdXI2so%3D4k4y4d28.O%3D4k4c4dw)so%3DdorW%3DMPMWawIdottaFOPt%3D8M.wFdott%3DYMOtX1Vd2oPWMPo%3D4doM.I%3D)1swX1aW.)wrFOdwX2P%3Ddjso%3D6vHNP)2Nc49_G_39_*B7B7G_dYrt.%3DcdoW)r%3Dy4doXI2%3D4NcdFWPa)wFo%3DKB4dFWPaP47%3D4k4BdFWPaPc4%3D4k4GG7B_c*y34c7c447dFWPaPc7%3D4k47_G74*yB34_44G9GdFWPaPB4%3D4k4_y73__3y77yc_G_dFWPaPB7%3D4kc44y**4y_By43GGGdFWPaPG4%3D4kcB7**c49G3*B9yB7BdFWPaPG7%3D4kc3_B4yB79G397_yydFWPaP34%3D4kc_GG*G4_9c*9*947_dFWPaP37%3D4kB4433_BGyc_4yc*B7dFWPaP74%3D4kBGcyG33cByG33979GdFWPaP77%3D4kB7_997_y49799B3ydFWPaP94%3D4kBy9c3797G_yyy347dFWPaP97%3D4kGB4y_B_3G4G33G9G9dFWPaP_4%3D4kG949_4G73G*773BydFWPaP_7%3D4k3B9*377cy3B****_dFWPaPy4%3D4k7B**B3G_B33y43*3dFWPaPy7%3D4k9_3cB__7c_74B49*dFWPaP*4%3D4k*797cGcc499cc_*_dFWPaP*7%3DckyB_**y9BB__Gc44_dFWPaP**%3D9*k*4444c9c7*c4yds2W%3Dcd&1rg=4&ttt=BBB4Y1RCVC320q6O8MBhA7V4DtxO~Eq)Atg81wVM7AR%3D&sD=B74&s1m8O=c&2oOmo=Gc*&2so=G749B7&Srr.F=5M8FCOMtF%20qX1rMs1FO&tW8=_97*B&VowPO=c&2MF=fjFEK%2FMEfxdfjFEKxFffxd3FF&SMrPOF=c&SMr2so=Nc4G&WMoXtMs1=rELNYhW.NhNA5Yx3BN))8Wg5!_DWrSb9)9giP(GSj*Gvqnt505U(UD%3D%3D&VP.P=c&swso=c&Mog=6ogM1WF%205stP.F&wwtWOagFO=7&PIso=P4cB77c7c*3rB4B34cBccBcy&ww.o=%7B%22wwsP%22%3A%22c4GkB7BkB4Bk4%22%2C%22wwWW%22%3A%225n%22%2C%22wwwW%22%3A%224c%22%2C%22wwWrV%22%3A%22ws1IMPXOF%22%7D&PFO8=c&Yrt.wOW=c&sflct=4031426&ure=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3204&&kkdd=HW%7CH%7C9nA*&gs=c_47yG*7c3___9*47*4&IoPO=4&twPM=4&Wog=cc7G&rwWF=hGy7&Wso=yqRhB9mTB&WPWo=49i3*X-sn0Lm1ncDGvV7t6%3D%3D&WOso=By3y4_9GB&wsEF=B74jB74&WW=5n&WY1t=A6Lbux(&Pso=yJu09UyT3&rPso=e54_59B&YrrPw=c&OOO=eFqwWu~uWB8J1rbufw-v_SrS~GeHfx)iixewafo6Nh55~mrswmN7n.gLNyfvwsqLX.91OfaqitCxYEPJX5HIgXuHFU3tBSX7&1wF=7&.D=c&)Io=3&Morc=yqR33LG_u&MorB=_G_c3yy9_&2oMrM=d2ja.F1%3Dcc74d2YP%3D4d2so%3D4k4y4d2jaM1WFwrXO%3DGN7l7N9lcyN9lB4N7d2jaMw1%3D79G44d2jaFjP%3D4d2jaIs1w)%3D4d2jas1rto%3D4d2jaOY%3D3_v!iP~yAfd2jaOPW%3D444444cd2jawsEF%3DB74jB74d2jartMj%3DB74d2jart.aw)88sj%3D%2FdWsrV%3D5mxn6JuL!dWSa8.%3D4doW%3DIWPNMPMWNwFcN2dottaoc%3D4dottaoc4%3D4dottaocB%3DGdottaoc3%3D4dottaoc7%3Dcdottaoc9%3DGdottaoc_%3Dcdottaocy%3Dy7dottaoc*%3Dc444dottaoB%3DedottaoBc%3DNcdottaoBB%3D4kc4dottaoB3%3D7dottaoB7%3DoF8aoF8dottaoBy%3D7dottaoB*%3D4k44dottaoG%3D4dottaoG4%3D4dottaoGB%3D4dottaoGG%3D4dottaoG9%3Dx6dottaoG_%3Dedottao3%3Dc4dottao34%3D4dottao3B%3D4dottao3G%3D4dottao33%3DPOXodottao37%3D4dottao39%3DLdottao7c%3D4dottao7B%3D4k44dottao79%3D4dottao_%3D4dottaoy%3D4dotta.%3D4kcGydottatc%3D4kcG3dottatc4%3Dck444dottatcc%3D4k*_ydottatcB%3DckG3GdottatcG%3Dck444dottatc3%3Dck444dottatc7%3D4k*G7dottatc9%3D4k4*_dottatB%3D4kc4GdottatBc%3Dck444dottatBG%3Dck444dottatB3%3D4k*G9dottatB7%3Dck444dottatB*%3Dck444dottatG%3Dck444dottatG4%3Dck444dottatGB%3D4k4c4dottatG3%3Dck444dottatG*%3D7ck444dottat34%3D7ck444dottat7%3Dck444dottat7B%3D4ky_4dottat7G%3D4k744dottat73%3D7k444dottat77%3D4k744dottat7_%3Dck444dottat7*%3Dck444dottat9%3Dck444dottat_%3Dck3G9dottat*%3Dck444dottaO%3D4k4*_dFaOPt%3D4kcG3dFOPt%3D4kcG3dYW%3D4%20%2B%204dsYM%3D4dsrVPF%3D6vHdOaWW%3D5ndOasP%3Dc4GkB7BkB4Bk4dOawW%3D4cdO2X%3D7aGdOF8aW1r%3D4dwF..FOarMIaso%3D3G97**c44dwro%3D3G97**c44dg2O%3D4dW2oP%3D4k4c9dsrVPFaso%3Dc_dwF..FOarMIaso%3D3G97**c44dw)PP.VarMIaso%3DdoFrFWrFoarMIaso%3DdgsFDM2s.srV%3D4ky_dPXw%3DcdMWarVPF%3DcdMo2.S%3D3G97**c44dMtP%3DcdXI2so%3D4k4y4d28.O%3D4k4c4dw)so%3DdorW%3DMPMWawIdottaFOPt%3D8M.wFdott%3DYMOtX1Vd2oPWMPo%3D4doM.I%3D)1swX1aW.)wrFOdwX2P%3Ddjso%3D6vHNP)2Nc49_G_39_*B7B7G_dYrt.%3DcdoW)r%3Dy4doXI2%3D4NcdFWPa)wFo%3DKB4dFWPaP47%3D4k4BdFWPaPc4%3D4k4GG7B_c*y34c7c447dFWPaPc7%3D4k47_G74*yB34_44G9GdFWPaPB4%3D4k4_y73__3y77yc_G_dFWPaPB7%3D4kc44y**4y_By43GGGdFWPaPG4%3D4kcB7**c49G3*B9yB7BdFWPaPG7%3D4kc3_B4yB79G397_yydFWPaP34%3D4kc_GG*G4_9c*9*947_dFWPaP37%3D4kB4433_BGyc_4yc*B7dFWPaP74%3D4kBGcyG33cByG33979GdFWPaP77%3D4kB7_997_y49799B3ydFWPaP94%3D4kBy9c3797G_yyy347dFWPaP97%3D4kGB4y_B_3G4G33G9G9dFWPaP_4%3D4kG949_4G73G*773BydFWPaP_7%3D4k3B9*377cy3B****_dFWPaPy4%3D4k7B**B3G_B33y43*3dFWPaPy7%3D4k9_3cB__7c_74B49*dFWPaP*4%3D4k*797cGcc499cc_*_dFWPaP*7%3DckyB_**y9BB__Gc44_dFWPaP**%3D9*k*4444c9c7*c4yds2W%3Dcd&1rg=4&ttt=BBB4Y1RCVC320q6O8MBhA7V4DtxO~Eq)Atg81wVM7AR%3D&sD=B74&s1m8O=c&2oOmo=Gc*&2so=G749B7&Srr.F=5M8FCOMtF%20qX1rMs1FO&tW8=_97*B&VowPO=c&2MF=fjFEK%2FMEfxdfjFEKxFffxd3FF&SMrPOF=c&SMr2so=Nc4G&WMoXtMs1=rELNYhW.NhNA5Yx3BN))8Wg5!_DWrSb9)9giP(GSj*Gvqnt505U(UD%3D%3D&VP.P=c&swso=c&Mog=6ogM1WF%205stP.F&wwtWOagFO=7&PIso=P4cB77c7c*3rB4B34cBccBcy&ww.o=%7B%22wwsP%22%3A%22c4GkB7BkB4Bk4%22%2C%22wwWW%22%3A%225n%22%2C%22wwwW%22%3A%224c%22%2C%22wwWrV%22%3A%22ws1IMPXOF%22%7D&PFO8=c&Yrt.wOW=c&sflct=4031426&ure=1
Origin: https://contextual.media.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 12:18:34 GMT
date: Sun, 21 Jan 2024 12:18:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 24816
quic-version: 0x00000001

GET
H3 200 Roboto-Regular.woff
contextual.media.net/__media__/fonts/Roboto-Regular/ Frame 349E 24 KB
24 KB 41ms
40ms Font
font/woff 23.195.152.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/__media__/fonts/Roboto-Regular/Roboto-Regular.woff

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-152-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3204&&kkdd=HW%7CH%7C9nA*&gs=c_47yG*7c3___9*47*4&IoPO=4&twPM=4&Wog=cc7G&rwWF=hGy7&Wso=yqRhB9mTB&WPWo=49i3*X-sn0Lm1ncDGvV7t6%3D%3D&WOso=By3y4_9GB&wsEF=B74jB74&WW=5n&WY1t=A6Lbux(&Pso=yJu09UyT3&rPso=e54_59B&YrrPw=c&OOO=eFqwWu~uWB8J1rbufw-v_SrS~GeHfx)iixewafo6Nh55~mrswmN7n.gLNyfvwsqLX.91OfaqitCxYEPJX5HIgXuHFU3tBSX7&1wF=7&.D=c&)Io=3&Morc=yqR33LG_u&MorB=_G_c3yy9_&2oMrM=d2ja.F1%3Dcc74d2YP%3D4d2so%3D4k4y4d2jaM1WFwrXO%3DGN7l7N9lcyN9lB4N7d2jaMw1%3D79G44d2jaFjP%3D4d2jaIs1w)%3D4d2jas1rto%3D4d2jaOY%3D3_v!iP~yAfd2jaOPW%3D444444cd2jawsEF%3DB74jB74d2jartMj%3DB74d2jart.aw)88sj%3D%2FdWsrV%3D5mxn6JuL!dWSa8.%3D4doW%3DIWPNMPMWNwFcN2dottaoc%3D4dottaoc4%3D4dottaocB%3DGdottaoc3%3D4dottaoc7%3Dcdottaoc9%3DGdottaoc_%3Dcdottaocy%3Dy7dottaoc*%3Dc444dottaoB%3DedottaoBc%3DNcdottaoBB%3D4kc4dottaoB3%3D7dottaoB7%3DoF8aoF8dottaoBy%3D7dottaoB*%3D4k44dottaoG%3D4dottaoG4%3D4dottaoGB%3D4dottaoGG%3D4dottaoG9%3Dx6dottaoG_%3Dedottao3%3Dc4dottao34%3D4dottao3B%3D4dottao3G%3D4dottao33%3DPOXodottao37%3D4dottao39%3DLdottao7c%3D4dottao7B%3D4k44dottao79%3D4dottao_%3D4dottaoy%3D4dotta.%3D4kcGydottatc%3D4kcG3dottatc4%3Dck444dottatcc%3D4k*_ydottatcB%3DckG3GdottatcG%3Dck444dottatc3%3Dck444dottatc7%3D4k*G7dottatc9%3D4k4*_dottatB%3D4kc4GdottatBc%3Dck444dottatBG%3Dck444dottatB3%3D4k*G9dottatB7%3Dck444dottatB*%3Dck444dottatG%3Dck444dottatG4%3Dck444dottatGB%3D4k4c4dottatG3%3Dck444dottatG*%3D7ck444dottat34%3D7ck444dottat7%3Dck444dottat7B%3D4ky_4dottat7G%3D4k744dottat73%3D7k444dottat77%3D4k744dottat7_%3Dck444dottat7*%3Dck444dottat9%3Dck444dottat_%3Dck3G9dottat*%3Dck444dottaO%3D4k4*_dFaOPt%3D4kcG3dFOPt%3D4kcG3dYW%3D4%20%2B%204dsYM%3D4dsrVPF%3D6vHdOaWW%3D5ndOasP%3Dc4GkB7BkB4Bk4dOawW%3D4cdO2X%3D7aGdOF8aW1r%3D4dwF..FOarMIaso%3D3G97**c44dwro%3D3G97**c44dg2O%3D4dW2oP%3D4k4c9dsrVPFaso%3Dc_dwF..FOarMIaso%3D3G97**c44dw)PP.VarMIaso%3DdoFrFWrFoarMIaso%3DdgsFDM2s.srV%3D4ky_dPXw%3DcdMWarVPF%3DcdMo2.S%3D3G97**c44dMtP%3DcdXI2so%3D4k4y4d28.O%3D4k4c4dw)so%3DdorW%3DMPMWawIdottaFOPt%3D8M.wFdott%3DYMOtX1Vd2oPWMPo%3D4doM.I%3D)1swX1aW.)wrFOdwX2P%3Ddjso%3D6vHNP)2Nc49_G_39_*B7B7G_dYrt.%3DcdoW)r%3Dy4doXI2%3D4NcdFWPa)wFo%3DKB4dFWPaP47%3D4k4BdFWPaPc4%3D4k4GG7B_c*y34c7c447dFWPaPc7%3D4k47_G74*yB34_44G9GdFWPaPB4%3D4k4_y73__3y77yc_G_dFWPaPB7%3D4kc44y**4y_By43GGGdFWPaPG4%3D4kcB7**c49G3*B9yB7BdFWPaPG7%3D4kc3_B4yB79G397_yydFWPaP34%3D4kc_GG*G4_9c*9*947_dFWPaP37%3D4kB4433_BGyc_4yc*B7dFWPaP74%3D4kBGcyG33cByG33979GdFWPaP77%3D4kB7_997_y49799B3ydFWPaP94%3D4kBy9c3797G_yyy347dFWPaP97%3D4kGB4y_B_3G4G33G9G9dFWPaP_4%3D4kG949_4G73G*773BydFWPaP_7%3D4k3B9*377cy3B****_dFWPaPy4%3D4k7B**B3G_B33y43*3dFWPaPy7%3D4k9_3cB__7c_74B49*dFWPaP*4%3D4k*797cGcc499cc_*_dFWPaP*7%3DckyB_**y9BB__Gc44_dFWPaP**%3D9*k*4444c9c7*c4yds2W%3Dcd&1rg=4&ttt=BBB4Y1RCVC320q6O8MBhA7V4DtxO~Eq)Atg81wVM7AR%3D&sD=B74&s1m8O=c&2oOmo=Gc*&2so=G749B7&Srr.F=5M8FCOMtF%20qX1rMs1FO&tW8=_97*B&VowPO=c&2MF=fjFEK%2FMEfxdfjFEKxFffxd3FF&SMrPOF=c&SMr2so=Nc4G&WMoXtMs1=rELNYhW.NhNA5Yx3BN))8Wg5!_DWrSb9)9giP(GSj*Gvqnt505U(UD%3D%3D&VP.P=c&swso=c&Mog=6ogM1WF%205stP.F&wwtWOagFO=7&PIso=P4cB77c7c*3rB4B34cBccBcy&ww.o=%7B%22wwsP%22%3A%22c4GkB7BkB4Bk4%22%2C%22wwWW%22%3A%225n%22%2C%22wwwW%22%3A%224c%22%2C%22wwWrV%22%3A%22ws1IMPXOF%22%7D&PFO8=c&Yrt.wOW=c&sflct=4031426&ure=1
Origin: https://contextual.media.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 12:18:34 GMT
date: Sun, 21 Jan 2024 12:18:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16 May 2016 10:39:41 GMT
server: Apache
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
content-length: 25020
quic-version: 0x00000001

POST
H2 204 csi
csi.gstatic.com/ Frame 9AD7 0
234 B 968ms
217ms Ping
image/gif 108.177.121.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrngsxme&chm=1&c=3596940931748534&ctx=2&qqid=CNzfl7K77oMDFdRanQkdhAkMgQ&met.4=fb.7~lb.8g~ol.8n~idt.76~dt.-gd&met.1=1.lrngsxau~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0&met.7=CBsQCDgB~CCIQBBgBIAkoCTBKOEFoCnBJeKwCsAEBuAED~CFEQChgBIAooCjD7ATjxAWjVAXDyAXjBiQSAAZWHBIgBiO0MsAEBuAED~CCgQChgBIL8CKL8CMNECOBJowAJwzgJ44cIBgAG1wAGIAYSFBLABAbgBAw&met.3=113.bm_3~112.bk_5
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.121.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: jx-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bql.php Show response
lg3.media.net/ Frame 349E 15 B
37 B 84ms
42ms Script
text/javascript 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=5745&&vgd_canary=0&vgd_l2type=scs_newfl&fp=pwutdmRQDY5FBqpDC-1YiJgT-o5WcJ_bh8K1HzxSffO-NeS7gQuZsCKAm-NaVajJZ5D706dtpmgBMT0IA_EntOae0Gx0aeWDNFKcp4J8f8T7gX0YAKg9QPZSupitU_2UaSaoI5sYtns%3D&cme=zJh1UJQKe1NXzTQ3A7wFcjG9TlnlTpRVLFW7ACE0ZXCTxAwKsEBvgthKS-TKPEGCf2CVm4aebhqfZaT9wxPiqhETxr35ykmeZgRAD445OA6jG7nCcZ5nEc3iHJFDqXGN808Ic4_0S544h4SgyRWta0HiOk8p8WG_dXe_gL9nJJrURdi1jRjATwDSW3Ivr9kclXqa0QK-pQUcTu391Bm2YayVJ91KX6SSIg97heACR4yPPBac2keJCQ%3D%3D%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CV4FnhUXoCBWmP8ZhRR7ZBukPjA_XLjZhG_7W-DhXtzbevFnP8AV8FwPYlBAi7oKxV982-mAHf4f7U1wHiBt431D5PKVhOxLUkQBGLmny_kkkcE1xTbV7Ng%3D%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CXy5A9vj0c2a7IGIyvzCEOOwwzJKSZDB0JCAjCwjhaZNdGyEMUUqi983xmegxQ_8D-XiI2ofx73PI_VUSqQwgOCMZOrlUaCpm1O0VclzQp5gu9AdVbQVJ-ZJaiGgi1y0SPzv5_9xRuNaweXoNoWGBJ4rfq2sioV_ubkuRUMptjXMtOG1rO2GuGhWY7oyv4369K2QZfL0lpUfpcAU9YoVXCgolNLcUqRE1pPDxVwKQvmDwc_DBRHJmGeVTE5eQV3-4U6hdqXsSX3Jbvhs2HrVLDzfoBJXVjDHOGcOi5LsjZY0%3D%7Cu8A6SM53vAe1MU7xgTo35mvrNAzAitjE%7CHZdN3z6UKeEWWvNXWyqUfHSeN0ypIGUY%7C&subBdr=99&bdrid=319&ksu=224&fdkt=391&vgde_kbbh=fuoyxQBuG&kwd[]=Stocks+to+Buy+Today&kwt[]=391&kbc[]=1224808753&kwp[]=1&kid[]=163557028&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D012020%7C13%3D0.0595%7C14%3D012105%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.355%7C1%3D0.07%7C2%3D0.34&ktd[]=4503874539028736&kwd[]=Top+10+Stocks+to+Buy&kwt[]=391&kbc[]=1224808753&kwp[]=2&kid[]=28642439&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D012020%7C13%3D0.0529%7C14%3D012105%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.355%7C1%3D0.31%7C2%3D1.41&ktd[]=4503874539028736&kwd[]=Best+Bank+for+Saving+Accounts&kwt[]=391&kbc[]=1224808753&kwp[]=3&kid[]=329484725&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0006%7C8%3D012020%7C13%3D0.0477%7C14%3D012105%7Cokt%3D391%7Cbdkt%3D391%7Cps%3D0.355%7C1%3D0.13%7C2%3D0.77&ktd[]=4503874522251520&v=1&geo=1.35%7C103.93&dlper=20&lper=100&lpid=&tsid=5&hint=&cc=SG&wsip=170762722&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22bZ%22%2C%22QQN75%22%3A%22Q8zy1EmLJ%22%2C%22QQ8E%22%3A%22u9A.fXf.f9f.9%22%2C%22QQQN%22%3A%229u%22%7D&cid=8CUL26IV2&vi=1705839514777690590&vsid=3488411142006609&tdAdd[]=asnum%3D56300&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=2&vgd_tsce=L385-S385&vgd_l3_sc=02&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=43000c82a&vgd_nrrsf=scrr&vgd_cty=singapore&vgd_ifrmode=14&sttm=1705839514488&upk=1705839514.29265&hvsid=00001705839514488017446200663323&verid=3111299&sbdrId=99&tsrc=abtest&vgd_l1rakh=1705839514138886448&vgd_ecrid=1700090000480900250025000039800&vgd_isiolc=1&kbbq=%26asn%3D56300&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3488411142006609&vgde_bdata=~G-MjJzvuuX9~GwEv9~G8Ov9.9W9~G-M1zNJQ7mLvAoX*XoF*uWoF*f9oX~G-M1QzvXFA99~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvfX9-fX9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjv9~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.u9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.uAW~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.ihW~OYYMYufvu.AHA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iAX~OYYMYuFv9.9ih~OYYMYfv9.u9A~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHv9.iAF~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivXu.999~OYYMYH9vXu.999~OYYMYXvu.999~OYYMYXfv9.Wh9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.HAF~OYYMYivu.999~OYYMLv9.9ih~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evu9A.fXf.f9f.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHAFXiiu99~Q7OvHAFXiiu99~eGLv9~NGOEv9.9uF~875EJM8Ovuh~QJjjJLM71yM8OvHAFXiiu99~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvu~1NM75EJvu~1OGjUvHAFXiiu99~1YEvu~myG8Ov9.9W9~GkjLv9.9u9~Qx8Ov~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzMNjxQ7JL~QmGEv~-8OvKrtoExGou9FhAhHFhifXfXAh~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%20f9~JNEME9Xv9.9f~JNEMEu9v9.9AAXfhuiWH9uXu99X~JNEMEuXv9.9XhAX9iWfH9h99AFA~JNEMEf9v9.9hWXHhhHWXXWuhAh~JNEMEfXv9.u99Wii9WhfW9HAAA~JNEMEA9v9.ufXiiu9FAHifFWfXf~JNEMEAXv9.uHhf9WfXFAHFXhWW~JNEMEH9v9.uhAAiA9hFuiFiF9Xh~JNEMEHXv9.f99HHhfAWuh9WuifX~JNEMEX9v9.fAuWAHHufWAHHFXFA~JNEMEXXv9.fXhFFXhW9FXFFfHW~JNEMEF9v9.fWFuHXFXAhWWWH9X~JNEMEFXv9.Af9WhfhHA9AHHAFAF~JNEMEh9v9.AF9Fh9AXHAiXXHfW~JNEMEhXv9.HfFiHXXuWHfiiiih~JNEMEW9v9.XfiifHAhfHHW9HiH~JNEMEWXv9.FhHufhhXuhX9f9Fi~JNEMEi9v9.iXFXuAuu9FFuuhih~JNEMEiXvu.WfhiiWFffhhAu99h~JNEMEiivFi.i9999uFuXiu9W~8GNvu~&vgd_cfud=230322&vgd_scsver=328&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1153&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=100&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&vgd_uspa=0&vgd_l1rhst=contextual.media.net&hvsid=00001705839514488017446200663323&rc=0&rand=1705839514947&acid=6f0f7d652e83f05ee8a968e6a4e51bf0&matm=1705839514947&vgd_ltimesrc=1&vgd_ltime=643&vgd_rtime=572&vgd_etm=14&vgd_l1hcsd=Otp9r%7C374&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=6544&vgd_pgid=p0125515194t202401211218&vgd_csip=rtb-common-7b89b86997-hlwps.SG&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7Ca9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=bcat%3Dh%2Cgo%2Ci2%2C16c%7Ccsh%3D1&vgd_end=1

Requested by

Protocol

Security

QUIC, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Sun, 21 Jan 2024 12:18:35 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Sun, 21 Jan 2024 12:18:35 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 48B8 0
40 B 14ms
13ms Image
text/plain 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qVxrqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 12:18:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57A6 0
0 64ms
63ms Image
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=3596940931748534&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 492ms
218ms Ping
image/gif 108.177.121.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lrngsx3s&c=3596940931748534&e=21065724%2C31061691%2C31061693&ctx=1&met.9=1.14a~2.15u~9.0~9.0~9.0~3_1.17i~3_2.17i~3_4.17i~7_1.0~7_2.0~7_4.0~4_2.1ed~5_2.1eh~4_1.1j2~5_1.1j8~4_4.1no~5_4.1nr~6_4.1nt&met.3=74.165_3~947.168~43.168_1~947.169~6.169~91.169~947.169~86.169~95.169_1~74.16b~947.16b~43.16b~91.16b~95.16b~74.16c~947.16c~43.16c~91.16c~95.16c~40.16c~77.164_8~724.16f~724.16f_1~724.16g~724.16g~724.16g~724.16g~894.16m~894.16n~894.16n~894.16n~1132.16x_c~1132.179_5~1132.17e_4~808.17k~808.17k~808.17k~808.17k~808.17k~808.17k~646.1ed_1~800.1ef~800.1ef~800.1ef~800.1ef~800.1ef~647.1ef~965.1eg_1~801.1eh~801.1eh~825.1eh~355.1ei~825.1ei~598.1ei~708.1ei~112.1gq_2~94.1it~947.1iw~573.1ix~598.1ix~598.1ix~598.1ix~113.1iw_3~646.1j2~800.1j2~800.1j2~800.1j2~800.1j2~800.1j2~801.1jk~801.1jk~825.1jk~355.1jk~825.1jk~598.1jk~708.1jk_1~647.1jl~965.1jl~646.1no~800.1no~800.1no~800.1np~800.1np~800.1np~647.1np~965.1np~774.1nt~653.1nt_9~801.1o3~801.1o3~844.1o3~844.1o3~844.1o3~825.1o3~355.1o3~825.1o3~598.1o3~708.1o3~783.1o5~1121.1o5~680.1wl~680.1wl~824.1wl~824.1wm~416.1yo~680.1yo~824.1yp~824.1yp~680.1yp~680.1yr~824.1yr~824.1ys~680.1ys~680.1za~824.1za~680.1za~413.1za~680.1za~824.1za~680.1zb~680.24w~680.24w&met.10=1_2.CAAQABiAmHUgpgwoAQ~1_4.CAAQABiAmHUgpgwoAA~1_1.CAAQABiAmHUgpgwoAQ&met.7=CBsQCMABpomZ3AM~CBsQCiCVBTj9AsABxNzo7AI~CBsQCiCVBTi1BsABs-i9pgw~CBsQByCWBTgYwAGTqduIAg~CBsQBiCWBTiEB8AB_v3ihwM~CDsQChgBIJQIKJQIMJgLOIMDUKAIWPEKYM4KaPEKcJMLePHnAYABxeUBiAG9hwawAQG4AQPAAeLN6pYJ~CBsQAiCcCDgXwAHxrv74Cg~CBsQAiCmCDgXwAHklPTGBA~CBsQAiCmCDgXwAHZ4N-nBw~CEMQChgBIKoLKKoLMM4LOCNorAtwtwt43rkIgAGytwiIAYjsGrABAbgBA8ABhaiRmAM~CBkQChgBIPYLKPYLMOUOOO8CUPkLWM4OYKcOaM8OcOMOeOHCAYABtcABiAGEhQSwAQG4AQPAAZTdwNgF~CA8QBBgBIJ8MKJ8MMJQOOPUBaKAMcJMOeNYEgAGqAogBkQWwAQG4AQPAAb_emusG~CBsQCDi2D8ABpomZ3AM~CBsQBRgBIKIMKKIMMKUPOIMDUK4MWI4PYNwOaI4PcKAPeIkXgAHdFIgBkjCwAQG4AQPAAfDqrLgH~CA8QBBgBIJ8MKJ8MML0POJ4DaJ8McLwPeIioAYAB3KUBiAHAqAOwAQG4AQPAAb_emusG~CBsQBRgBIMkPKMkPMNkPOBFoyg9w2Q94iReAAd0UiAGSMLABAbgBA8AB8OqsuAc~CBwQBhgBILoPKLoPMPYPODtouw9w9Q94rAKwAQG4AQPAAZSE4rUO~CA8QBBgBIJ8MKJ8MML8QOKAEaKAMcL0QeO1rgAHBaYgBp4gCsAEBuAEDwAG_3prrBg~CCcQDRgBILYPKLYPMKESOOoCQLcPSLcPULcPWP0RYOURaP4RcKASeONhgAG3X4gBvn6wAQG4AQPAAfPyy64L~CCcQChgBIKISKKISMNgSODbAAeLBm9oF~CCcQBRgBINsSKNsSMLgTOF3AAZmVn6AL~CBsQBRgBIN8SKN8SMNEVOPICwAHPxtriAQ&met.1=1.lrngsvn2~6.0~7.c~8.c~9.c~10.9r~11.8q~12.9r~13.i7~14.i8~15.ib~16.t7~17.t7~18.t7~19.1it~20.1it~21.1iu~22.uq~23.uq&qqid.2=CPe9l7K77oMDFTVinQkdx40MTg&qqid.1=CM3qpLK77oMDFTxcnQkds5MKcA&qqid.4=CNzfl7K77oMDFdRanQkdhAkMgQ
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.121.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: jx-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=3596940931748534&bg=!gYKlgs3NAAa8BdJLnAU7ADQBe5WfOCnva_1H2S6Ys8UMfyhDRmrlkCEhZfBEoIqZpVnFK9k3b7F2-utgai3MafeM0sjYAgAAAHxSAAAAA2gBBwoATuOvJP1qa5uv5phtRKoWibQvsYt4KsvPE0TL3uNJ77UolXVWcEWq0T9qXV8cpbhBpKLSlj1kmaQfj0vT3CEwMX9jGAws2_shBqqb4YrWvZkCxCFlqpTsNASFrJfuu1c8bZLOEFqdoOGQDLqYc7vvZqF1MWlQdxC2oBrBzAG9ODdh7wuY6MSoM4v4EpyrpZTx9xxgLuAZezZbXR3PrWjT5DrRlgGlxKgiL4j5_MqB9YshLnB9GPSKINz0TBHpuuggMMafbJDNdiNxNQOwb8NqYKX-lD3T44Mq3GcgVdhorZKAZi7fz5_wrv352NhyfggBeaWWv0axQHWzWO6lzDsaCkyrGG3LL_QIA5CYUDfZ6V4EafIJkV7iSfbRHpgcDzK00Xcxg0NuyGJkekfaBtKzUwspF4YXdHpD6Cv06vGTxnW4bl9Soyb8kD67tFRa8lLKXRYzZFy7i0kAOvIm5t1aZ2pOAS23cR8XwTpDhpiTzDgO4aUDqp_KN-3D70tlm2x4R6y-D6Y3mcL69IilQXy_nqNfBW_o2dCTx-EpOpZDHkEHrkmnEZ_P6rHNB8JEbNGimJfmXsmkm1sHmaUY-IU_9ZcY480SafJwKfbP3lHlqin2AYe2NJSKmofIkIL626DdSeKCRTEkXDWTBMJYDKmswgHCDpTlXXydEPy_6lwjPPUfPtnzvK3KA4r92pUV_JMd7b_5FsDF7D_xmpCBBUx5L9dqYk0XDKqElqAuR5-5fjkTEqVkjNoqxRTtsCpgyPLH0g8grRED7PbUmsyGABuPtInVrKAxjBWAc4ry06cS71Cj894WfPmNyGBDTfpW5fXqZICpExz154mSsX-ZjUDAPtw4K5mVPe541BtQHRIH4dHKtofq2QPFRr0Cm6tkf5I0jG6DqOJhhIktbmzbUDHqXELLP3Tm70akWUXkzI6WnkCq-8fSCEW2oG30v7CLR_HPiQy6JMCjx2lcxea301RPmLwP55VDLJSWFMZ1FTYWGwoNsi9rK4mXLKDAxbDN1_dtdgJFMYp1SUSlFhQchhAHrr_9S9tCOg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.68.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sc-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1 200
OK piwik.php
piwik.everzones.com/ 43 B
227 B 292ms
292ms Image
image/gif 195.154.94.155
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://piwik.everzones.com/piwik.php?action_name=AEGON%20Mester%20APK%20%2B%20Mod%20for%20Android.&idsite=167&rec=1&r=388636&h=20&m=18&s=35&url=https%3A%2F%2Fwww.dfast.app%2Faegon-mester-mod%2Fcom-delightsolutions-aegonmester%2Fdownloading.html&_id=baf516f5a06c4d35&_idts=1705839516&_idvc=1&_idn=0&_refts=0&_viewts=1705839516&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=305&pv_id=LTL01H
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.154.94.155 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-94-155.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.dfast.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 12:16:28 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame EC5B 65 KB
24 KB 14ms
13ms Script
text/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com
URL: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a7c81e5addaa20d965ad0c095aad1f118c03679b388ec5a5dbbac38f149b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 11:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1896
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24629
x-xss-protection: 0
server: cafe
etag: 106683528911992433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Jan 2024 12:46:59 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EC5B 0
54 B 294ms
294ms Ping
image/gif 108.177.121.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrngsyc4&chm=1&c=3596940931748534&ctx=2&qqid=CM3qpLK77oMDFTxcnQkds5MKcA&met.4=fb.s~lb.e2~ol.154~idt.b6~dt.-cd&met.3=492.v_1~492.w~492.w~113.15q_1~112.15q_2&met.1=1.lrngsx6e~6.1~7.1~8.1~9.1~10.1~12.2~13.g~14.h~15.j~16.fl~17.fl~18.fn~19.153~20.153~21.154~22.fk~23.fk&met.7=CBsQCBgBMBE4yAtoAnAQeIkXgAHdFIgBkjCwAQG4AQM~CBsQCiAhOE4~CBsQCiAiOKQD~CB4QChgBICIoIjCPAzjtAmj0AnCOA3iADIAB1AmIAYEVsAEBuAED~CBwQChgBICIoIjCOAzjsAlAoWPMCYNUCaPMCcIwDeNhEgAGsQogB1KEBsAEBuAED~CBEQChgBICIoIjCMAzjqAmjzAnCLA3iuNIABgjKIAYu9AbABAbgBAw~CFEQChgBICIoIjCSAzjvAlAnWPQCYNUCaPQCcIwDeMGJBIABlYcEiAGI7QywAQG4AQM~CBsQBSCUATiZAw~CBsQBiCVATj9Ag~CBsQBSCZATiZBQ~CBsQBiCaATisCg~CCEQBhgBILIEKLIEMP0EOEs~CBsQBiCyBDg0~CBsQBiCyBDhv~CCgQChgBIMkLKMkLMNoLOBFoyQtw1wt44cIBgAG1wAGIAYSFBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.121.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: jx-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC5B 42 B
174 B 62ms
62ms Fetch
image/gif 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7IchmuT6LHECp9egREafOCTNu-CxxvGd-9qBhdwOE1uLu8uzAMApL0lRTMvQw2ulngf1JhavmMTW6iAV97gwAmBfDITfZoE3unOcwzVqL4juAicH2uskD&sig=Cg0ArKJSzEQjHwIeSPz8EAE&id=lidar2&mcvt=1000&p=438,675,692,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=436599100&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705839514358&rpt=543&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 log
hblg.media.net/ Frame EC5B 35 B
224 B 17ms
16ms Image
image/gif 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDZmMGY3ZDY1MmU4M2YwNWVlOGE5NjhlNmE0ZTUxYmYwhv__vgX-BARTRxJkZmFzdC5hcHASOENVNDRSMzdPAA4yNTB4MjUwDmFwYWNfc2cEMjMGQURYEjhQUjExM0pHQwYzMTkAAAIwPHJ0Yi1jb21tb24tN2I4OWI4Njk5Ny1obHdwcy5TRz4xNzAwMDkwMDAwNDgwOTAwMjUwMDI1MDAwMDM5ODAwAjAAIgAQRVhDSEFOR0UCAmI&evttyp=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 12:18:35 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 48
expires: Sun, 21 Jan 2024 12:18:35 GMT

GET
H3 200 log
lg3.media.net/ Frame EC5B 35 B
55 B 65ms
64ms Image
image/gif 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUL26IV2&vi=1705839514777690590&hvsid=00001705839514488017446200663323&cdv=1153&bid=350625&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=405&l2s_downloadTime=3&l2s_total=409&l2s_start=148&l2s_sslTime=0&l2s_trfSize=29.8&l2s_decSize=73.1&l2s_encSize=29.5&l2s_nhp=h2&l2s_host=contextual.media.net&bql_dnsTime=0&bql_connectionTime=40&bql_waitTime=83&bql_downloadTime=0&bql_total=84&bql_start=527&bql_sslTime=40&bql_trfSize=0.3&bql_decSize=0.0&bql_encSize=0.0&bql_nhp=h3&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=31&l1s_waitTime=74&l1s_downloadTime=4&l1s_total=78&l1s_start=33&l1s_sslTime=30&l1s_trfSize=37.6&l1s_decSize=98.6&l1s_encSize=37.3&l1s_nhp=h2&l1s_host=contextual.media.net&font_dnsTime=0&font_connectionTime=0&font_waitTime=33&font_downloadTime=8&font_total=41&font_start=445&font_sslTime=0&font_trfSize=24.5&font_decSize=24.2&font_encSize=24.2&font_nhp=h3&font_host=contextual.media.net&gdpr=0&mspa=0

Protocol

Security

QUIC, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
date: Sun, 21 Jan 2024 12:18:36 GMT
strict-transport-security: max-age=21600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 35
expires: Sun, 21 Jan 2024 12:18:36 GMT

GET
H3 200 bqi.php
lg3.media.net/ Frame EC5B 15 B
15 B 112ms
111ms Image
text/javascript 23.54.56.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bqi.php?vgd_len=2981&lf=3&&vgd_hb_audit_1=8CU44R37O&vgd_hb_audit_2=737148867&vgd_tsce=L385&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=350625&vgd_cdv=1153&vgd_cage=2&vgd_rensize=250_250&vgde_bdata=~G-MjJzvuuX9~GwEv9~G8Ov9.9W9~G-M1zNJQ7mLvAoX*XoF*uWoF*f9oX~G-M1QzvXFA99~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvfX9-fX9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vbVIZK0aD4~NUMkjv9~ONvyNEo1E1NoQJuoG~OYYMOuv9~OYYMOu9v9~OYYMOufvA~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhvu~OYYMOuWvWX~OYYMOuivu999~OYYMOfv_~OYYMOfuvou~OYYMOffv9.u9~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.uAW~OYYMYuv9.uAH~OYYMYu9vu.999~OYYMYuuv9.ihW~OYYMYufvu.AHA~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXv9.iAX~OYYMYuFv9.9ih~OYYMYfv9.u9A~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHv9.iAF~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAivXu.999~OYYMYH9vXu.999~OYYMYXvu.999~OYYMYXfv9.Wh9~OYYMYXAv9.X99~OYYMYXHvX.999~OYYMYXXv9.X99~OYYMYXhvu.999~OYYMYXivu.999~OYYMYFvu.999~OYYMYhvu.HAF~OYYMYivu.999~OYYMLv9.9ih~JMLEYv9.uAH~JLEYv9.uAH~wNv9n%2Bn9~8w1v9~875EJvKrt~LMNNvbZ~LM8Evu9A.fXf.f9f.9~LMQNv9u~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvHAFXiiu99~Q7OvHAFXiiu99~eGLv9~NGOEv9.9uF~875EJM8Ovuh~QJjjJLM71yM8OvHAFXiiu99~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvu~1NM75EJvu~1OGjUvHAFXiiu99~1YEvu~myG8Ov9.9W9~GkjLv9.9u9~Qx8Ov~O7Nv1E1NMQy~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8QmzMNjxQ7JL~QmGEv~-8OvKrtoExGou9FhAhHFhifXfXAh~w7Yjvu~ONx7vW9~OmyGv9ou~JNEMxQJOv%20f9~JNEME9Xv9.9f~JNEMEu9v9.9AAXfhuiWH9uXu99X~JNEMEuXv9.9XhAX9iWfH9h99AFA~JNEMEf9v9.9hWXHhhHWXXWuhAh~JNEMEfXv9.u99Wii9WhfW9HAAA~JNEMEA9v9.ufXiiu9FAHifFWfXf~JNEMEAXv9.uHhf9WfXFAHFXhWW~JNEMEH9v9.uhAAiA9hFuiFiF9Xh~JNEMEHXv9.f99HHhfAWuh9WuifX~JNEMEX9v9.fAuWAHHufWAHHFXFA~JNEMEXXv9.fXhFFXhW9FXFFfHW~JNEMEF9v9.fWFuHXFXAhWWWH9X~JNEMEFXv9.Af9WhfhHA9AHHAFAF~JNEMEh9v9.AF9Fh9AXHAiXXHfW~JNEMEhXv9.HfFiHXXuWHfiiiih~JNEMEW9v9.XfiifHAhfHHW9HiH~JNEMEWXv9.FhHufhhXuhX9f9Fi~JNEMEi9v9.iXFXuAuu9FFuuhih~JNEMEiXvu.WfhiiWFffhhAu99h~JNEMEiivFi.i9999uFuXiu9W~8GNvu~&vgd_lbt=100&vgda_l1btm=%5B%22PRLG%22%2C%22URLDC%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUL26IV2&crid=284807632&rrr=TeCscOjOc2fPntMOBsKD7ktkj3TXBNuQQNTs_BdA-LSSjItisI-5GlvR-8BDsiCRol6nrB_CQmFNhzpPoSXgvoOXeW4m2ko5&requrl=https%3A%2F%2Fwww.dfast.app%2F&vi=1705839514777690590&ugd=4&cc=SG&bdrid=319&subBdr=99&startTime=1705839514479&l1ch=1&l1hcsd=l1!Otp9r|374&mmm=2220hnUFyF4bJCArfa2LH5y0wmNrjzCuHmvfnsya5HU=&buid=350625&sttm=1705839514488&upk=1705839514.29265&hvsid=00001705839514488017446200663323&acid=6f0f7d652e83f05ee8a968e6a4e51bf0&verid=3111299&infr=1&twna=1&stime=1705839514391&tsrc=abtest&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1705839514138886448&vgd_ecrid=1700090000480900250025000039800&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0125515194t202401211218&vgd_pgids=1&vgd_end=1

Protocol

Security

QUIC, , AES_256_GCM

Server

23.54.56.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://a9ffa138419d3d47f3cc9336456531d0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=21600
date: Sun, 21 Jan 2024 12:18:36 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 15
expires: Sun, 21 Jan 2024 12:18:36 GMT

GET
DATA 200
OK truncated
/ Frame 9AD7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 012c0cba99238b161cfdeac0ea5c05b735bf0919ab1824e0d4c4bc97594da80b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9AD7 42 B
108 B 101ms
100ms Fetch
image/gif 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHvOjUF3-cdzhYNEKy_sQrDlaGJvqy0P9V8qre-h2LkBKHGgAQ6Fs_x-OGf39lcdCsVX19CyIKR69MWiE1Z8PN6g2kEHIe4tSzw5T4kZJesnZ33MY9cvtavkLwkidqbZQu-ho5zfaABJpx7iGDwf-jC0YA&sig=Cg0ArKJSzONpsiX9GxbmEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2405367900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705839514518&rpt=305&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS