userupload.in Open in urlscan Pro
139.99.8.140  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

• https://l.sharethis.com/pview?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&cms=unknown&publisher=5c3f7ca0c9830d001319a65d&sop=true&version=st_sop.js&lang=en&description=Download%20File%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&ua=&ua_mobile=false&ua_full_version_list=&uuid=1ee50f9a-44dd-4cf2-8f7a-eb248d8d3627 HTTP 301
• https://l.sharethis.com/sc?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&cms=unknown&publisher=5c3f7ca0c9830d001319a65d&sop=true&version=st_sop.js&lang=en&description=Download%20File%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&ua=&ua_mobile=false&ua_full_version_list=&uuid=1ee50f9a-44dd-4cf2-8f7a-eb248d8d3627&samesite=None

Request Chain 63

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&C=1

Request Chain 64

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVew.m11dzAwig9N7X2qGQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2

Request Chain 65

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1

Request Chain 66

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D

Request Chain 78

• https://googleads.g.doubleclick.net/pagead/adview?ai=CfFkO-rBXZfnXCcyh9fwPu9qg0A-o1qrTc_-DkNHHEoiU-IezAhABIN-3sC9gvwWgAZffnsAByAEBqQLt25hfLvWoPqgDAcgDywSqBJUCT9CBSL4NmquKIohag2CuU7epGf3tc9OVlEp8ZzinwaMNdVvLmfNnr7mLcfL9hfasXgBZXf-ovzN6xRxvdMKxpQcdv6ZGQFf5FsZ-W3F2wjUCQPh6DhGHXthsiL_f-tmhFkpdACiMl1mK0uKwiCgRnCGeO3X7uMInUAL14FR8TVGg6CGHx75gw0KgXCD6pE6-EVdTTyM9ut0SvcV8QXo_7kEffujLvUvfWWh-QaeDb6NVNy5o7XtY74Z2f2TMFlMf2WLpr3-h6eRCBh0Bvd2vi9K2gWzGVB_8wCBQFGyrL2f4E_fb4Ok52La0ny3hfHoeguqG5uqz5LwcKVw3llvgGHxFSNv3O07OlOR1FkpDCRqWavayCcAEm_TBqboEiAXMvr7YLpIFBAgEGAGSBQQIBRgEgAfRoOG_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELb-GNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkVaHR0cHM6Ly9udHJvbmljcy5uZXQvgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQ4LiywpCq4KQVEgIBA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi01NTkzMzM3MDMzMjExNDMzGAA&sigh=EP0b9rj-s50&uach_m=[UACH]&ase=2&cid=CAQSTgDICaaN3EdaNxnyRFGteUyN9pTZCOI4BLWI6SF7rpVkJnNIKMETnmiQU5nL2RMsYtaOCcFkuV9RO_BsQV8TNsJXXQBYgBChUG8EsP9eRRgB&template_id=5020&nis=5 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2214389236489738013249%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214271315944001233569%22}&andc=true

Request Chain 99

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDv7tjNggEQgAIYgAIyCCpiCsH0b4RV HTTP 301
• https://tpc.googlesyndication.com/simgad/9005490777285690683

Request Chain 101

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 115

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

• https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://sync.sharethis.com/int/lotame?uid=2d44758ee2d4d40f2c3efaafc775e6f5&gdpr=0&gdpr_consent=

Request Chain 127

• https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/eyeota?uid=2rLQ2eGDMgZGB8D4loWTqon-hdRaHNS3NWBxT3ej9zdM&gdpr=0&gdpr_consent=

Request Chain 128

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/ttd?uid=93bf1c2f-68ea-4014-bd6c-c04e7283f720&gdpr=0&gdpr_consent=

Request Chain 129

• https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
• https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
• https://sync.sharethis.com/yahoo?uid=y-F8qXaX5E2oOXPxsAzSf_fK68LRXv0BW2a68-~A&gdpr=0

Request Chain 130

• https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
• https://idsync.rlcdn.com/395886.gif?partner_uid=3640006085072912456 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDAwNjA4NTA3MjkxMjQ1NhAAGg0I_OHeqgYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=2bc3485dd086ac7e75e457c0886c41566b447259f7de05be627d60f865fafc97f4cb09cee1a4f8eb&person_id=3640006085072912456&eid=50082

Request Chain 135

• https://googleads.g.doubleclick.net/pagead/adview?ai=C9rad-rBXZYvbCd6D9fwP5pCZqAqE9bCcdKPOtq-rEtLCrsCMDhABIN-3sC9gvwWgAeS759gCyAEJqQLt25hfLvWoPqgDAcgDywSqBIQCT9DWtS6YfgRgFLk8b_rCVN_kY0mzXEb4coRv3jZp08VgjNxyq3ifTiWTeL73fUkDsFFk7FePABo2pPpFX0mHdElrI9paVmSjw6qMrLvpO-SblW3raDpQbIhWkylxYPhusUvQWZCNx7xbaujP9x-CM4d5w_QijFC4QNGkMoNUkRmVv6BsTgpTUI3Ptu5410CUkhSegscuFnR9vQXvvRp42ek74SMKfQGxoWSDAFeKiRdE5PlpW5gFm4E5Vw0sjwNevK1Z061HUWMzupnPTZaZwqI8vYsMauEunwFPi3-87v0PWihTI-NF7uqiDP1Yy60UUOHL1HssZoWOQuWV6Dkj_R2fKhHABPnJxJzRBIgF1M6Ds02SBQQIBBgBkgUECAUYBKAGLoAHhMSYpwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCkygjSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJfmh0dHBzOi8vd3d3Lm93bmRheXMuY29tL3NnL2VuL3Nob3BzLzkyMj91dG1fc291cmNlPWFkYSZ1dG1fbWVkaXVtPUdETiZ1dG1fY2FtcGFpZ249QXVnX0dETl9JTU1PdXRsZXRTdG9yZUNhbXBhaWduX1N0b3JlVHJhZmZpY4AKAcgLAZgM_7LpzNEEogwUKhIKEOS0sQLutbECtbixAqy6sQLaDBAKChDgqpyCyf3llU4SAgEDuBODBNgTDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTkzMzM3MDMzMjExNDMzGAA&sigh=rUGPlruHSp8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNsCALH6XPj3oO9UfUhvr_BgKkn2UipSointdMW1fhm6w3FwDs75TAqySDv1w7TM0HwdxPzXeZnlbF_jDcOQDtWymb0B4LsCvhIvAYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3fa51c4fff196de10000000000000000%22,%222%22:%220x43ed071f979659240000000000000000%22,%223%22:%220x28fdcde2c1f5b09a0000000000000000%22,%224%22:%220xa8817dad099a9d8e0000000000000000%22,%225%22:%220x4915c742f149365c0000000000000000%22},%22debug_key%22:%224764825957774808330%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22723115492%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218426250839515114353%22}&andc=true

Request Chain 142

• https://googleads.g.doubleclick.net/pagead/adview?ai=CclKN-rBXZYj-Cde39fwPloSikASo1qrTc_-DkNHHEoiU-IezAhABIN-3sC9gvwWgAZffnsAByAEBqQLt25hfLvWoPqgDAcgDywSqBJgCT9A9pO64z7EsKVltOvOxZxhwsuCBAsHCE9jaNtnP54vAepsVf5SdkOdZ8tTG9CY94rnWUWB7QlqEMHdelo3nQbTMCZiPfXfMXXVb08jIHNFmn8g5AY6QdLbIgOPbdlnZ9WRrbMDdTQRfV-0k86P0VLzWQRbsa-rS8Ybx3EWKkMvFRbGxDcLISU58GIZcGaHiFQ51p_xm_4775rE_Mh0zQbn8LCOPMrSRzoabLG8ALVvAmk-I15V9Ds41CgtStedu6lNcl5VUTstt8MNCMYa11M6exBwes2wN1DaxMj8Ue0diy5JTXKtEXITMfCNpohIn3Db0PVVnevxMcTAgaPrbHSw_Rp-Y6td6eodj270FkZC3iMBTiZf8xsAEm_TBqboEiAXMvr7YLpIFBAgEGAGSBQQIBRgEgAfRoOG_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOXjHtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkVaHR0cHM6Ly9udHJvbmljcy5uZXQvgAoByAsBogwQKg4KDOS0sQLutbECtbixAtoMEAoKELCd5ueM3Y2lPBICAQPYEwrQFQGAFwGyFxwKGggAEhRwdWItNTU5MzMzNzAzMzIxMTQzMxgA&sigh=UL5vhVFQqBk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaN0l4quvYTG8q_LqaGUNdx3spybm6nfMW605JWJ9pOfWBVjs-ocTMfq0uhk1t6jSO0OWlFOWPkWUXyEr11b0CFKapFOabtUFeY6xgB&template_id=5020&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2212350866289889679418%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210846237748940898929%22}&andc=true

Request Chain 146

• https://googleads.g.doubleclick.net/pagead/adview?ai=CTvGs-rBXZcD6CbCB9fwPu92SyAqp9-fhc_7C58noEdrZHhABIN-3sC9gvwWgAeqS8eEByAEJqQLt25hfLvWoPqgDAcgDywSqBP8BT9ALh7Rsw5OO2Rp9E90D1O_zNwJ76kjmPSrSU5Q6PUv1BYP3ws7XExMvBGoFvdlgiawQotIrXKN5XVwBQyuUERxto8awNMqFOeSxqzTmy12c16n_buSEWjOK2_0OISpccnM-uBMJA_wqQU5mDw_hscIHbdIWjPmIY0EQ4ccphWPKISbiop2xjIXh2F7BAzG6f1bzfJSc4dPyv1kR8QnRRRsx11kPWhjuhidjpO4sZNXjjhzwGZRnU3W_v21q2XohzO3Cv_66gfqWNG-blP1kwbA2WwBHRe55lNSsbSEBxc62eey0EAAfE8N5v0_Xl5vAXpBRRhH47Ef2Xz-sZIlWwATDsfmfuQSIBfzphpxMkgUECAQYAZIFBAgFGASgBi6AB_GQ3K0CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEMaXGdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkraHR0cHM6Ly9zdGVycmEuc2cvY29sbGVjdGlvbnMvYWlyLXB1cmlmaWVyc4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBAKChCw-d-N9vj4pHISAgED2BMMiBQB0BUBgBcBshccChoIABIUcHViLTU1OTMzMzcwMzMyMTE0MzMYAA&sigh=7ftZF1IpP5s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTQDICaaNVroCeGH9D-BxHsewWohrBeMBEcH2EMlavSqDJYplodJQlTo0xa81SebMuTdkhcrbSZZCphYyG_5k2tBvaOkyO-0uSMs38TgSGAE&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x86c0796d0e555a220000000000000000%22,%222%22:%220x1c5718c11562f7930000000000000000%22,%223%22:%220x6521f8120b1724c60000000000000000%22,%224%22:%220x87b6af28473a62770000000000000000%22,%225%22:%220x949be4e5f51bcc030000000000000000%22},%22debug_key%22:%225146358058912954237%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222283423675309435665%22}&andc=true

Request Chain 197

• https://www.doubleclickbygoogle.com/favicon.ico HTTP 301
• https://marketingplatform.google.com/about/enterprise/

Request Chain 199

• https://promote.pair.com/IKK5QqREtxwvM.jpg HTTP 302
• https://www.pair.com/

Request Chain 204

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1

Request Chain 205

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVew.m11dzAwig9N7X2qGQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2

Request Chain 206

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1

Request Chain 207

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request ysq2doxs9566 Show response userupload.in/	15 KB 5 KB	498ms 213ms	Document text/html	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 66fcf0ff7d59e439f3a9780235102786e6c057dc3cffdb3411b9bb827e8c3414 Security Headers Name Value Strict-Transport-Security max-age=0;includeSubDomains; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 4565 Content-Type text/html; charset=UTF-8 Date Fri, 17 Nov 2023 18:29:11 GMT Expires Thu, 16 Nov 2023 18:29:11 GMT Keep-Alive timeout=5, max=100 Server Apache Strict-Transport-Security max-age=0;includeSubDomains; Vary Accept-Encoding,User-Agent X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response userupload.in/ds2/js/	90 KB 32 KB	114ms 111ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/jquery-1.9.1.min.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:34 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 32775 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	jquery.paging.js Show response userupload.in/ds2/js/	19 KB 5 KB	377ms 104ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/jquery.paging.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:35 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4362 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	jquery.cookie.js Show response userupload.in/ds2/js/	3 KB 2 KB	376ms 103ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/jquery.cookie.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:35 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1365 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	paging.js Show response userupload.in/ds2/js/	2 KB 1 KB	371ms 99ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/paging.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash e1d4f21db649ec5795e70cb72e59fdec97af300c64b5d8abbc67f00688eb0ecd Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:37 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 662 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	style.min.css userupload.in/ds2/css/	179 KB 35 KB	264ms 113ms	Stylesheet text/css	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/css/style.min.css?v=0.2 Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash f79c8c5d16a9dd37461d1c9c82df0fd384d3cf2bc733e2948f636cd4ce6f3fda Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:22 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=2678400, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 35070 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H2	200	amp-auto-ads-0.1.js Show response cdn.ampproject.org/v0/	24 KB 8 KB	688ms 118ms	Script text/javascript	74.125.130.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f132.1e100.net Software sffe / Resource Hash b9af50452e218305fbe9232a6e1833455f75bb6160439d2079caa7980791294a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Fri, 17 Nov 2023 18:29:12 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7563 x-xss-protection 0 server sffe etag "f37d84849f14a15d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Fri, 17 Nov 2023 18:29:12 GMT
GET H/1.1	200 OK	logo.png userupload.in/ds2/img/	9 KB 9 KB	127ms 127ms	Image image/png	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://userupload.in/ds2/img/logo.png Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 9aec2d3da8dfbd3e8727c1b25afec4abf903c6a17851c4f1dd2c6774cfe8371f Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Last-Modified Tue, 16 Feb 2021 16:36:16 GMT Server Apache Content-Type image/png Cache-Control max-age=2678400, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8980 Expires Sat, 16 Nov 2024 18:29:11 GMT
GET H/1.1	200 OK	countdown.js Show response userupload.in/ds2/js/	640 B 746 B	125ms 124ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/countdown.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 6b1116dbdcc8665059c0163cb6cd034a949402f5bc6294390e8ffee39952f6ae Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:34 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 353 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 4 KB	690ms 118ms	Script application/javascript	104.17.72.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.72.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:12 GMT strict-transport-security max-age=15780000; includeSubDomains x-content-type-options nosniff last-modified Thu, 16 Nov 2023 21:55:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"65568fe4-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cX8J2MMCD%2FkhqklUePdbq%2Fao9yki5AYMb9X%2BWo8v26ppPtxSR21YsnBCrqmHgVVim5yFCOXkcC2WARv1NZhH5Vy%2BZURw7JSAyUTDNtVjedzxlDQoLrdl3P9PtEgmVjjCj6yfJU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 827a09b168c53f4a-SIN expires Sun, 19 Nov 2023 18:29:12 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	681ms 103ms	Script text/javascript	142.251.12.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f104.1e100.net Software GSE / Resource Hash 638e6fcce42a5484cb50bc68c597a10ac331227082ba15aec821d96d7ad5a3a3 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:12 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 17 Nov 2023 18:29:12 GMT
GET H/1.1	200 OK	tele.png userupload.in/ds2/img/	4 KB 5 KB	112ms 110ms	Image image/png	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://userupload.in/ds2/img/tele.png Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 58a5608dd5df2fe0edf71e0f3f1bf2c583040a9579817b26e392d0c1d1af979a Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Last-Modified Sat, 27 Feb 2021 18:45:14 GMT Server Apache Content-Type image/png Cache-Control max-age=2678400, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4441 Expires Sat, 16 Nov 2024 18:29:11 GMT
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	208 KB 47 KB	401ms 104ms	Script text/javascript	13.33.88.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.41 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-41.sin2.r.cloudfront.net Software / Resource Hash f6c72789b4be7183c5626eed5975d7c22403d4a8ceb73db591128f7fabdbe9c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:25:19 GMT content-encoding gzip via 1.1 a3cd9a6705f4dbb064ddd133a5134142.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN2-P2 age 234 etag W/"33fbe-N51ttSXIC05eae0N3/gGTPPbUMQ" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id ivx8xwp7y_A8GULuuT-HvDj8leE4IM8aq3RwBqYfu1ziSbhv993NZw==
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	151 KB 52 KB	693ms 120ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 6bfdc450ff66f2b1a02f7ef9cf0f8c23b2317727540c0a940a1c839aee799253 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52938 x-xss-protection 0 server cafe etag 1933596615319642953 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 17 Nov 2023 18:29:13 GMT
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	669ms 99ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 609237 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6646 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7wx4a7uAzC1xIqc%2B7b3JGZMLTaku8OJ%2FxKhCoNZIPuoW0fiRsail1toopzo5PCX6Q%2Bc5BFNjgIzfzeXmRtNkvZgrCAyc%2FCz%2BJqXk1Bv9ZrDXQAq6Fk4gy5ZBCDvZBFFVNrDo4M0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 827a09b08cd73fa5-SIN expires Wed, 06 Nov 2024 18:29:12 GMT
GET H/1.1	200 OK	bootstrap.min.js Show response userupload.in/ds2/js/	57 KB 15 KB	104ms 103ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/bootstrap.min.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:33 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 15437 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	clipboard.min.js Show response userupload.in/ds2/js/	11 KB 4 KB	94ms 94ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/clipboard.min.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:33 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3397 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	main.js Show response userupload.in/ds2/js/	423 B 643 B	94ms 94ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/main.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash c1bd88cc54165fd50700598361e7484401e4cc1525866fa5a73e8a463df5c226 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:36 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 250 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	script.js Show response userupload.in/ds2/js/	520 B 652 B	116ms 115ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/js/script.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 3653640dd81b2b40edab3d87bc89dfa5ebd5cc4a8bdd439b996fcefccce972a5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:37 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 259 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	662ms 91ms	Script text/javascript	142.251.10.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f97.1e100.net Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 17 Nov 2023 16:39:16 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6597 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Fri, 17 Nov 2023 18:39:16 GMT
GET H/1.1	200 OK	bootstrap.min.css userupload.in/ds2/css/	152 KB 23 KB	131ms 131ms	Stylesheet text/css	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/css/bootstrap.min.css Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ds2/css/style.min.css?v=0.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:20 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=2678400, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 23238 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	brandon_bld-webfont.woff2 userupload.in/ds2/fonts/	27 KB 27 KB	108ms 108ms	Font font/woff2	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/fonts/brandon_bld-webfont.woff2 Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash c56fd6b910ca93a3fb1875e35074b8ce8501c319ebaa0e8b7252f7e4a7023fe6 Request headers Referer https://userupload.in/ds2/css/style.min.css?v=0.2 Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:11 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:26 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type font/woff2 Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 27492 Expires Sun, 17 Dec 2023 18:29:11 GMT
GET H/1.1	200 OK	fa-duotone-900.woff2 userupload.in/ds2/fa/webfonts/	162 KB 161 KB	162ms 107ms	Font font/woff2	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/fa/webfonts/fa-duotone-900.woff2 Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 3477023d8b7129eb517abf377492a608f2469ae91405fa62974e6771751e04ae Request headers Referer https://userupload.in/ds2/css/style.min.css?v=0.2 Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:42 GMT Server Apache Vary Accept-Encoding,User-Agent Transfer-Encoding chunked Content-Type font/woff2 Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H2	200	va9E4kDNxMZdWfMOD5Vvl4jO.ttf fonts.gstatic.com/s/firasans/v10/	54 KB 27 KB	687ms 111ms	Font font/ttf	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jO.ttf Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 08d4e6308d4549372380e8a8d6b3de7613d304b43c2e6f50053af0338e5e0f67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:07:05 GMT content-encoding gzip x-content-type-options nosniff age 217327 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26757 x-xss-protection 0 last-modified Mon, 22 Jul 2019 19:21:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:07:05 GMT
GET H2	200	va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf fonts.gstatic.com/s/firasans/v10/	58 KB 28 KB	720ms 151ms	Font font/ttf	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnLK3eRhf_.ttf Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 7b1ed14c8d4e5852e773d44304a3a33507ff993a4b6b70ea1d9fb8c6f68e7318 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:55:29 GMT content-encoding gzip x-content-type-options nosniff age 214423 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 last-modified Mon, 22 Jul 2019 19:22:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:55:29 GMT
GET H2	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	474 KB 189 KB	670ms 99ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:12:19 GMT content-encoding gzip x-content-type-options nosniff age 213414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 07:12:19 GMT
GET H/1.1	200 OK	/ Show response tgwidget.com/widget/count/ Frame FFE1	1 KB 868 B	1501ms 353ms	Document text/html	37.18.21.10 EKACOD-AS
General Check archive.org Show headers Download Go to Full URL https://tgwidget.com/widget/count/?id=633e946d0ed82c422001446b Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 37.18.21.10 , Russian Federation, ASN61276 (EKACOD-AS, RU), Reverse DNS Software nginx / Resource Hash 9870194182bc6295b9b96d253115d7f76f9efcb77aeb1bd967bf0a900348c7f1 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 17 Nov 2023 18:29:13 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	get.php Show response userupload.in/ds2/file_info/	327 B 515 B	143ms 143ms	XHR text/html	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/file_info/get.php?ext=apk Requested by Host: userupload.in URL: https://userupload.in/ds2/js/jquery-1.9.1.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 739f8fd9f6a110835a0901eeeec97c8c76840147a99314629103e9bf3ef98ca2 Request headers Accept */* Referer https://userupload.in/ysq2doxs9566 X-Requested-With XMLHttpRequest accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control max-age=2592000 Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 197 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H/1.1	200 OK	brandon_med-webfont.woff2 userupload.in/ds2/fonts/	27 KB 28 KB	96ms 95ms	Font font/woff2	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/fonts/brandon_med-webfont.woff2 Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 8bedd3a9d3d20f71aa28c17e75c18ddc9a323b823275ae9bec6a1b673ea646f5 Request headers Referer https://userupload.in/ds2/css/style.min.css?v=0.2 Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:27 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type font/woff2 Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 28003 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H/1.1	200 OK	fa-brands-400.woff2 userupload.in/ds2/fa/webfonts/	73 KB 73 KB	96ms 96ms	Font font/woff2	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/fa/webfonts/fa-brands-400.woff2 Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 433d970f04c9cfdfe1eef18106807714cffa2ec96651af41c1be35d00a87bc1c Request headers Referer https://userupload.in/ds2/css/style.min.css?v=0.2 Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:41 GMT Server Apache Vary Accept-Encoding,User-Agent Transfer-Encoding chunked Content-Type font/woff2 Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H/1.1	200 OK	brandon_blk-webfont.woff2 userupload.in/ds2/fonts/	26 KB 27 KB	95ms 94ms	Font font/woff2	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/ds2/fonts/brandon_blk-webfont.woff2 Requested by Host: userupload.in URL: https://userupload.in/ds2/css/style.min.css?v=0.2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash f13d4a23664d1a212e275c7ccd6073d3751cd3554820a78fbf697a1fd6e251a3 Request headers Referer https://userupload.in/ds2/css/style.min.css?v=0.2 Origin https://userupload.in accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Thu, 11 Feb 2021 17:47:26 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type font/woff2 Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 26941 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H/1.1	200 OK	1.min.js Show response userupload.in/assets/js/	23 KB 8 KB	103ms 102ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/assets/js/1.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 0f36b1fb32a4629666406b3cddae258555f52cd7a33ee7877a0cb9215d521e08 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Sun, 14 Feb 2021 18:19:49 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 7722 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H/1.1	200 OK	fuckadblock.js Show response userupload.in/assets/js/	6 KB 2 KB	101ms 100ms	Script application/javascript	139.99.8.140 OVH
General Check archive.org Show headers Download Go to Full URL https://userupload.in/assets/js/fuckadblock.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.99.8.140 Singapore, Singapore, ASN16276 (OVH, FR), Reverse DNS ns536021.ip-139-99-8.net Software Apache / Resource Hash 36b7cdabca53eda8f9ccdb9e449f9c22dc4841ab4b2a888bb5700fb5dfbc778c Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ysq2doxs9566 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:12 GMT Content-Encoding gzip Last-Modified Sun, 14 Feb 2021 18:19:00 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2678400, private Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1688 Expires Sun, 17 Dec 2023 18:29:12 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/	94 KB 30 KB	103ms 102ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1371788 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 29929 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-176f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsVWinD%2BexZBsebgddjbQ3MgUoY89Hd2ztpoX3dcXHjt%2F3%2F7KQ3sdSImJ%2B6dRfK9aun07YCmtmdrdjmycP4%2FRVsnXQBNEzLgtiQz%2FN3HQVyL6JR2rpSK9aNh8GDPOOYNXQ8Zf%2Bsi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 827a09b22e4a3fa5-SIN expires Wed, 06 Nov 2024 18:29:12 GMT
GET H2	200	5c3f7ca0c9830d001319a65d.js Show response buttons-config.sharethis.com/js/	975 B 1 KB	1714ms 1097ms	Script text/javascript	13.227.254.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://buttons-config.sharethis.com/js/5c3f7ca0c9830d001319a65d.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.254.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-254-13.sin52.r.cloudfront.net Software AmazonS3 / Resource Hash 64ef1788e2c86fe9b9f65689843ec0d459ee8c1477b4fe26b88a3b3cc1e98c56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT via 1.1 0fa3b62de49c01129844acc24e390b56.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 11 Apr 2020 08:06:55 GMT server AmazonS3 x-amz-cf-pop SIN52-C3 x-amz-server-side-encryption AES256 etag "603d865a6a864b43f642e595a6f198f6" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/javascript cache-control public, max-age=60 accept-ranges bytes content-length 975 x-amz-cf-id EknQsdnacJDH06nFr5NufpS_0gGGPDSep3wBFpOpVVUwa9hXrqO0jw==
GET H/1.1	200 OK	sc Show response l.sharethis.com/ Redirect Chain https://l.sharethis.com/pview?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&... https://l.sharethis.com/sc?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&fcm...	176 B 695 B	265ms 265ms	XHR text/plain	52.57.180.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/sc?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&cms=unknown&publisher=5c3f7ca0c9830d001319a65d&sop=true&version=st_sop.js&lang=en&description=Download%20File%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&ua=&ua_mobile=false&ua_full_version_list=&uuid=1ee50f9a-44dd-4cf2-8f7a-eb248d8d3627&samesite=None Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Server 52.57.180.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-180-141.eu-central-1.compute.amazonaws.com Software / Resource Hash 82aed1185aa6e10cc879139ce2a8b950dcb1f31ba33f1b9675658c790948cc93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:14 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://userupload.in Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== Access-Control-Allow-Headers * Content-Length 176 X-Robots-Tag noindex, nofollow Redirect headers Date Fri, 17 Nov 2023 18:29:14 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://userupload.in Location /sc?event=pview&hostname=userupload.in&location=%2Fysq2doxs9566&product=inline-share-buttons&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Download%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&cms=unknown&publisher=5c3f7ca0c9830d001319a65d&sop=true&version=st_sop.js&lang=en&description=Download%20File%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&ua=&ua_mobile=false&ua_full_version_list=&uuid=1ee50f9a-44dd-4cf2-8f7a-eb248d8d3627&samesite=None Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== Access-Control-Allow-Headers * Content-Length 703 X-Robots-Tag noindex, nofollow
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	93ms 90ms	Image image/gif	142.251.10.97 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=162226440&utmhn=userupload.in&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download%20Spotify%20538%20build%20103288502%20Amoled%20Mod%20arm64%20v8auserupload%20apk&utmhid=160287129&utmr=-&utmp=%2Fysq2doxs9566&utmht=1700245753417&utmac=UA-112936282-1&utmcc=__utma%3D131695627.1126928332.1700245753.1700245753.1700245753.1%3B%2B__utmz%3D131695627.1700245753.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=70717064&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f97.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	400 KB 135 KB	161ms 160ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 1b168e0c8cbe83d8ba9d503c38f96579efa08bd6b4d8710e5850cf2b13679781 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138500 x-xss-protection 0 server cafe etag 13264798946773155260 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 17 Nov 2023 18:29:13 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame FC7D	9 KB 4 KB	663ms 97ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 41423 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 06:58:51 GMT etag 16674218716276178799 expires Fri, 01 Dec 2023 06:58:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5557	117 KB 38 KB	885ms 546ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 5441aece96673d9a12250b578265c4f8d238122cd48b4e0973c1a40ae7229f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 39225 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7C1E	194 KB 46 KB	896ms 569ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 5ce9739c5a7d44b1900f0f5a1919661f0acdc84b9e5eee8aa6e8fec8468725b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 47292 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9660	120 KB 40 KB	1169ms 849ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 056ca846697b542a7bd9d9ed024045bf8a724d5ba943bfedf2bb7b8e1ebd332b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40742 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7127	157 KB 47 KB	727ms 414ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 68e2299c9c953408fd7b6b79a2ca0c9af6cfdb3f6d3511fad71ba1d9fa9a7db6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 47743 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 32C0	22 KB 10 KB	712ms 405ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 38afd186983f309fed49f441fb40b44d0fa2772d5d67f7447f462caf007afc22 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 10061 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	tg.png tgwidget.com/widget/count/img/ Frame FFE1	7 KB 7 KB	330ms 329ms	Image image/png	37.18.21.10 EKACOD-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tgwidget.com/widget/count/img/tg.png Requested by Host: tgwidget.com URL: https://tgwidget.com/widget/count/?id=633e946d0ed82c422001446b Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 37.18.21.10 , Russian Federation, ASN61276 (EKACOD-AS, RU), Reverse DNS Software nginx / Resource Hash b106807d0b065185b4fb475481db10ee8457583101dc9a8b13385627e07d01c0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tgwidget.com/widget/count/?id=633e946d0ed82c422001446b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:14 GMT Last-Modified Sun, 27 Mar 2022 14:17:56 GMT Server nginx ETag "62407214-1c1d" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7197
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 32C0	42 B 110 B	110ms 108ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ac_9KQ4XdhVG_Te4fsKlGmu9QLZVdGBFmH7dbkaGyxvYyG9oDzp37LLUurU8vfmZuQAurdYsbifd6eF5huC2_fXsONLS0Tg-jpYkvVaPUfWbfy-jU Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 32C0	0 121 B	109ms 107ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8987481985926806827&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 32C0	89 KB 31 KB	110ms 109ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 17 Nov 2023 18:29:14 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 32C0	3 KB 1 KB	776ms 205ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 32C0	20 KB 8 KB	708ms 132ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5171	624 B 508 B	102ms 99ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXp1oPZz54pMvul4oWXerXArOu7sFjJE9HSL2dwY2PLo9DS--pE80z81KkNh9Mt4a1EP1_Hn1kqcLBDizx_eUnnOwUw5A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 32C0	203 KB 64 KB	776ms 208ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7127	14 KB 2 KB	739ms 127ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Nov 2023 17:33:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	nessie_icon_tiamat_white.png tpc.googlesyndication.com/pagead/images/ Frame 7127	225 B 355 B	724ms 185ms	Image image/png	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 04:57:50 GMT x-content-type-options nosniff server cafe age 48685 etag 14085932017949564970 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Sat, 18 Nov 2023 04:57:50 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7127	2 KB 856 B	726ms 206ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:09:11 GMT content-encoding br x-content-type-options nosniff age 40804 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 07:09:11 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 7127	23 KB 9 KB	702ms 186ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:27:07 GMT content-encoding br x-content-type-options nosniff age 128 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 18:27:07 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7127	3 KB 1 KB	109ms 108ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7127	20 KB 9 KB	645ms 130ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 7127	203 KB 64 KB	164ms 163ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 7127	37 KB 15 KB	737ms 173ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:45:38 GMT content-encoding gzip x-content-type-options nosniff age 215017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 13 Feb 2024 06:45:38 GMT
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/d/	2 KB 2 KB	531ms 129ms	Script application/javascript	184.50.85.169 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=userupload.in&rnd=1700245754600 Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-50-85-169.deploy.static.akamaitechnologies.com Software / Resource Hash d1c7db59626b674717ba8c9f43d2e70f27768a26624e4d45b5ff23f904286e3b Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:15 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type application/javascript Cache-Control private, max-age=3600 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1365 Expires Fri, 17 Nov 2023 19:29:15 GMT
GET H2	200	data=veIUOf7aMGvkrWOmXiplQ53rDNJE-4Anpzw2UI8htKh08EA2GGaTD_PpvvLFUDEVyu-knKtq7tBj2zrCxCCTN75vdCYjNUITb5YTCknAJNEsShajYVmUv8tO mts0.google.com/vt/ Frame 7127	97 KB 97 KB	727ms 100ms	Image image/png	142.251.10.102 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://mts0.google.com/vt/data=veIUOf7aMGvkrWOmXiplQ53rDNJE-4Anpzw2UI8htKh08EA2GGaTD_PpvvLFUDEVyu-knKtq7tBj2zrCxCCTN75vdCYjNUITb5YTCknAJNEsShajYVmUv8tO Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.102 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f102.1e100.net Software scaffolding on HTTPServer2 / Resource Hash 6e70a40143917ff1bae7534e4da39e34d881da3cc1e67c8dd8976392b38c8c50 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none'; base-uri 'none' date Fri, 17 Nov 2023 18:27:53 GMT x-content-type-options nosniff age 82 cross-origin-resource-policy cross-origin server-timing gfet4t7; dur=1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 99227 x-xss-protection 0 x-server-version-bin CggIBBDc0tGqBg== server scaffolding on HTTPServer2 etag 0fb9d1c893b6d25ee x-frame-options SAMEORIGIN content-type image/png access-control-allow-origin * cache-control public, max-age=3600 expires Fri, 17 Nov 2023 19:27:53 GMT
GET DATA	200 OK	truncated / Frame 7127	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 7127	333 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	rum dsum-sec.casalemedia.com/ Frame 5171 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&C=1	43 B 336 B	153ms 153ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXp1oPZz54pMvul4oWXerXArOu7sFjJE9HSL2dwY2PLo9DS--pE80z81KkNh9Mt4a1EP1_Hn1kqcLBDizx_eUnnOwUw5A Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkfEQVpQWrWRwTPjNmCVdhjotBwgP2mXmpIkzScaXm0kXQFxJOpOnFra%2F8zthQQ83%2BnoXeYt6jcxvapurqHHLIswwKDYQljVHZZ5cTMMOKsXHI4bhbeXiLo5jFrHL1gQ3nWrVj15RI9qdg%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 827a09c24fc43de7-SIN alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iPqYHSUJWTF3xbKbN%2B3wH4bLFmn3P6SStrEyaDMEkRyuX8X29w8CE2aJAxU6aNQdkntWHwGQThfyvJdkGhxfh8NbOgu7G%2BnVIEM9GvmcFuu8FCr%2BWam9803kT5QLsMIo44eDDZbbnSzgQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&C=1 cache-control no-cache cf-ray 827a09c13ef33de7-SIN alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5171 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVew.m11dzAwig9N7X2qGQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2	43 B 772 B	119ms 119ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXp1oPZz54pMvul4oWXerXArOu7sFjJE9HSL2dwY2PLo9DS--pE80z81KkNh9Mt4a1EP1_Hn1kqcLBDizx_eUnnOwUw5A Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snUtGkDxRoVArRQ1et%2FvamdVK29iT7cZNh0z5z8IKKMk6Ldk14GYxhouh82TmVnwyrapP%2Fp%2FKH9Bt%2Bmz1N3KdlY1o5mWN%2F9YB%2Btqju0OORRq2PUlwcr6J4SkY2BE1fUJswSgjhVhlCZdbA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 827a09c398764110-SIN alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 5171 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1	43 B 841 B	156ms 156ms	Image image/gif	103.43.89.4 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXp1oPZz54pMvul4oWXerXArOu7sFjJE9HSL2dwY2PLo9DS--pE80z81KkNh9Mt4a1EP1_Hn1kqcLBDizx_eUnnOwUw5A Protocol H2 Server 103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US), Reverse DNS 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT an-x-request-uuid 35bfe4f0-8dab-4693-a794-77a0d272a688 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 138.75.45.144; 138.75.45.144; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 5171 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D	170 B 243 B	123ms 122ms	Image image/png	142.250.4.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICSjpAFEO3O4J0FGILv__kBMAE&v=APEucNXp1oPZz54pMvul4oWXerXArOu7sFjJE9HSL2dwY2PLo9DS--pE80z81KkNh9Mt4a1EP1_Hn1kqcLBDizx_eUnnOwUw5A Protocol H2 Server 142.250.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f156.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT an-x-request-uuid 3afa33a1-6c8d-446c-a7e7-a9c1177cdfc5 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D x-proxy-origin 138.75.45.144; 138.75.45.144; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 32C0	0 56 B	92ms 91ms	Ping image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2071297699627&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 32C0	0 47 B	93ms 92ms	Ping image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2071297699627&version=m202309260101&ct=76&x=1&cor=8987481985926807000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 32C0	91 KB 38 KB	148ms 147ms	Script text/javascript	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYq3Zkb5JsfrzTzJ-Hn_uVielTb2NsKBko83QkDAdWbM2D62MiKkHcCRGjFxuq4W8ooJ2S9z5ntFRdpfUYjL-QpA6tQTjeUax_AiM0TUOR4UVgXTvgPcqsVd0-dWbH0mLnuJ7XCA6yM_lyULu1yL3Q5xfIE9YgnSwBplyn8OD4cqds8so&dbm_d=AKAmf-BvLJVAlduRmTFa2NB1iYKpELjmiD0znM9pFq6R1YZkzDPWpmBI9_owLz1DUpm3_DN37x5NqHXPhP-dnQuVJhW9oCoKWbFD4Tj3Z86PUYSGL2CAzBF4ThShgqRYyzsYDkcnBadZLfyZNe-ZT1PMdJizNky-f0pRy8P0FmWeDeqg3CFuXfrhnSSGa4vnK0r58vpntsIV6ldGrUv3rSqn-8p2lJpEXfw7EALCZMI0iX6iTEGO0R9yP4T9DTG97oJDqs_fbrYnQayeDOpxRbcV-LdbEuhww_wbZ4ItTbCb2lXLRg7kq4TftV8iHH-XpmjkQjl5dMTJ7JEFpnm6E9GYXc2bmUOq5vgqo491pe6-VzAG5sEcKN1OwsG318E5xG47Jal8iKSc-hXNyGAo4I38xUISR-1GEb1PlggCp_kYy09J6FEVNMrRhqbnWo2tDcR_fIfRxPJDWQYoCAvuG_F46K6yu5PZh8ghY4l9CP-ZaytIVAEBWXpchzANJZOQynIUM_fkPFkZoqvGbcV7Dc2omyjxgIp8TK90IvgVBWy7dQB7X-AD7R1q4NsHWbN1rL65lUdQXzem2lJOz26Uq0CStdsFEkk3eNGYd0L6ioom5aZY2WXxHI-ovmZPc_ECSfuOqt3mh3OF2OoG79U_sv1utjIK5j-lFQ_at_KWblZskR9eBDYv4O5gfw4y0nKTDfM3aSs63GjFQhFmwKwVsgDireuVV6-nFM8d8t2Kj27ESyA8S9IUbOb9sUMBhcomh7wri8yygNJ3Ykai0fr6gkBN9n_bHrf7X2vfrlNsuHsxvE1_nnEvzWe_b8MV44gMmFcgDlvqnmqosHHk-OT9Sl8f-ymZCd7F6h8S3DwZ2v2ML-TzppXkIUNRrV7SmvS4M9BlZ3lAhDqEqngVj46aqIYJcqvWADCMZf3CJyGZpG9thBxzfmkYUNVxnv00VdNQZ8YVzzNI6YC7sECETb7D-At6oZLV8MjbEdqPUi3CNYkeeqIuDX-XaKvhx6PE4PI-n69vEf33C2nOMHZxqRrKBGp8cH7LU3Tgy73BLArvCFYMX0nm541znG78rN6XZXep7rbreDNnTuMDWEyLjGKT_gvdv7_jXpLFPyy1MxZeH11Gm3Uvb5DZB1Oq3h6NgHuw_V10u6qfcgrrGZNBJozoSzw8lpj0kJLdMg5jnbCOpHcDhrXRJ_eNcjzLMQvP9jCHpdv52Bs3f6VwDTfSX01YHKNnIRxVjJvOTS6ltq8BxqxFvDnVzrb6lZxVZBCdBk-oVvkErpVQteG-0pe7Bte6nkKaEh0T16ap0aNRCVk9qW559cDvGB_xlKFFv03Vm_W-UbRpBpKuKKuAhK5jmb8bMHENRpr98NJjOCVAC7zfVjMphnOehfMB9Y0yeUB9w1ZaPAvgYJxmYJRFkZxqlrzyNx8UH65A4H4B_kJZyyQ757_zn7I0BDrhQce3SCZZB3A6t2xfSDooGheu7mF3aRe8JdYMLbBpLyCsG3szfk38rEc2MlINgt2WmMyYLm5CcMpm7V0eG3HQhJoKAtGbjQWB8HFO3vhJRt2gpJgnlR3muNZvgnB-b5u959dO10KA6uURbW8fG-Yb05RbitmtpggRa0MKVVdsLrrTHQgRb1msHAkyYPn3BpR_sPisAjy5XhK0yOysLMEpcEvO7QnSrN53sk-ftc3BlOqgOjwCy4sl75YTRGsnlrHuwm_KdwymFfjH20qdQL1GI3qJxZAwSskbjfa8jY8qA6aEMD7HCpIaVRjkljl3y1JkQBc5126ql9S55lHos9XU2s1bUi8psz9fPJu-n6SVlXsCEiZ9RxZnXtmNNkCYHJmGVFgdiEqHajZGYxL2nuHlQKzKDASWlilXOz3rSL7Fc-D5ZV8dsVoyxAIAnAmZVO6Czl6sm6O9kXdcopptRY9oNJRWe_lPY7oSheJn12c7fPD7vB9fzW46KMdzV5G0Gi7e_wx2cKvEvdMvWWtFzAYuaqn9LZKi9mFeSb2vLZySUlazvu4w1R9OSNZZmujyuiRW3Ln29gLfwbU8-33rqrB2CEeyw-pu-xfg_AbLrN1Wqx58KDpoZ9E4zSiWVuI5N_THJ7Wu3kN1NB7PCk_v_odGdMbMSyHosHn1u81hY_ndGThJRQLoy_38VdZ5VpvvXRqw9UE4XrwSpbivqAoMv8hnPSkOu_0nyTm0CZjeE-e5Mm5EqtHPOk4ImZCPuQKIuUgD7JRGyL_y2AJ0aBbP4RMeCc_PtGXnKhcSXqGfNiIoEsY8Y-qn5dE6RVAfn1lYuoOknMx9nvRAwBfYBQPbbh9ygwXZfa7laQdJfKfrsPwvH2cNcnHp4jjIa_6JTnNlyPnb4qr6gQaTeDK-su2zp0-Ix6JIPEAFfbg4-sD3jRTyXhQbor__IDx1_BtEWiWFP8nTirZGAj9lUdYQk-lC01uClFbA6RF-V83segAv6z9BsGJ_9_6kMVBD--HwUMKw_XH65lG6UGIOOfCbeT8iTJRETW3nQO9jd4eilgMk7Mfw5o-t_eKOTtFRn-0QAW1CTjy0GwqWFOMOZ9H9FK2eSqIkWc2iRBHlpmnTdmL7CEZRdOQuzPEUbWIpZEA2fVogLU1TZc8RLI4xpAKh4h3yNfiYq_bwU-Y2HBzd8pXDOgsGgdeEWizL4A2DU1DyVihCyEZYW7ugvaEKs_OElLCn7HhBSzy8pSgqGmZugPEFLvmnvjgrodXmn_Meq3M-IqXeB6PJv-ECeY5XtbaDIC2WUpybKVAYqgdW-aVdCPlFYF3Gv4kZ17nmuvAFKkRk8kSxq8Bczi0vjeOBQj12IYKCqPTai_AQOfzPwr2op5VtOUPGEB5oymcFMYtXm90av4-Na846JTTvnsIlAiHwiGCqcbeJFkLfF_5nWr8pyGqyCWczvHUaxKe1UtGBdTYpYsuB_DcwJ31fMRw5dxcbNiQy3OVkOm__fyi8kVvhpqIJlfiI6uHg1NouENQSwkrN1er6bpT-QRuUgDVTDMp0lR2p_BqL0_eGe0jXzJ9O4y5Bx3Q6Qx00Viu6_ypkOWlSilIonroT_1A62IUo39TiE0LBKheR4r5ADiALrKU7MbqEDtw-NgZMHsULwoLIv9LqQZHZINMKHQ3XBP2ePBfpmP3eGK4GcGL7MLAhB_2uoDM-mknRUrcDuQcxp8aPTUKMYh1oCNijz3DfxoVJLV_FjWPwYW4ohjf5zmahi_D7W51aGdLlp9jgVhQFSbF48o9hpBGEZbJErvbsSteBAHwm4ETSdnV8h9qKmUGrTu7KR_o0VsVNVk0spj8htl7QwcRZgbEn0vA8NI1SQ9a7C6qL6T8CU25iQ4JhBZJ5SHoksnu6uwj_2vlPmtGXnIxSA9Qgsm2ro9Z18GF6zwf6adhlt3yRm9wCI5Rba7IzE2vD0j7J623Pvo7U4XZXqzWUc_0ld6OMgLaUMeYc8zIys2ZivWeZOpDiJH3ziG5MHsWksXCCV0QAFkmV6pUrjMvG1BZE6ojet0KFWlTLWhA7epcbykX9AR8IsqVYTDWZe38Xal1DfvsYl0cqU7gvDZM93ZOcFUQB4QztVvaER3iWPw0Nn5YtdLQoJQT149qjIzAq4Cz4Xi9jpKXMha7j8D-BHgS3NmDSJeQ6UCY9V0L1xbmUGH_Beh2qfUC88wx0GZbfDAzjw5mnsD3oqeSnmPgFNENGwWUrrdt9K1w&cid=CAQSTwDICaaNOB7s2N-lScQx0JcyXh0ntPp-RFiqcjqT6RxkvIHU-hrQkWGNe1FAP4L04x4sWEeMA459TN_nMLLzaeZvIqz-mUHK61Sg6GqNCVEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuserupload.in%2F&ds=l&xdt=1&iif=1&cor=8987481985926807000&adk=3047537735&idt=113&cac=0&dtd=28 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash b430a46a1ef1bc95e4b2c82007c74035cd6bf2124f74db2f39d58e5b159ede02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:14 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38662 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5557	14 KB 1 KB	604ms 142ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash 682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Nov 2023 17:39:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5557	2 KB 856 B	609ms 194ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:09:11 GMT content-encoding br x-content-type-options nosniff age 40804 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 07:09:11 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5557	23 KB 9 KB	111ms 107ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:27:07 GMT content-encoding br x-content-type-options nosniff age 128 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 18:27:07 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5557	3 KB 1 KB	114ms 113ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5557	20 KB 8 KB	551ms 136ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 5557	203 KB 64 KB	549ms 134ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 5557	37 KB 15 KB	706ms 142ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:45:38 GMT content-encoding gzip x-content-type-options nosniff age 215017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 13 Feb 2024 06:45:38 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7C1E	17 KB 1 KB	591ms 141ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash d5e399feb2a8a7f2992276d740f7966519f5e46194f83d82a0a6a77c45dcea11 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Nov 2023 17:58:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 5557 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CfFkO-rBXZfnXCcyh9fwPu9qg0A-o1qrTc_-DkNHHEoiU-IezAhABIN-3sC9gvwWgAZffnsAByAEBqQLt25hfLvWoPqgDAcgDywSqBJUCT9CBSL4NmquKIohag2CuU7epGf3tc9OVlEp8Zzi... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1...	0 0	399ms 120ms	Fetch text/css	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2214389236489738013249%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214271315944001233569%22}&andc=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x10f860da201746f00000000000000000","2":"0xfaaee2402336dd100000000000000000","3":"0xfaf0d1da949046910000000000000000","4":"0xc14d94c41e51a3130000000000000000","5":"0xf4ee5f4bce8903c90000000000000000"},"debug_key":"14389236489738013249","debug_reporting":true,"destination":"https://ntronics.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["403156887"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"14271315944001233569"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 17 Nov 2023 18:29:15 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 17 Nov 2023 18:29:14 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x10f860da201746f00000000000000000","2":"0xfaaee2402336dd100000000000000000","3":"0xfaf0d1da949046910000000000000000","4":"0xc14d94c41e51a3130000000000000000","5":"0xf4ee5f4bce8903c90000000000000000"},"debug_key":"14389236489738013249","debug_reporting":true,"destination":"https://ntronics.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["403156887"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"14271315944001233569"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5557	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7F27	143 B 229 B	92ms 92ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 3148 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 17:36:46 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7C1E	2 KB 856 B	571ms 201ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:09:11 GMT content-encoding br x-content-type-options nosniff age 40804 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 07:09:11 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 7C1E	23 KB 9 KB	562ms 195ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:27:07 GMT content-encoding br x-content-type-options nosniff age 128 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 18:27:07 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7C1E	3 KB 1 KB	572ms 205ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7C1E	20 KB 8 KB	536ms 169ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 7C1E	203 KB 64 KB	621ms 255ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 7C1E	37 KB 15 KB	395ms 92ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:45:38 GMT content-encoding gzip x-content-type-options nosniff age 215018 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 13 Feb 2024 06:45:38 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 7C1E	49 KB 50 KB	844ms 97ms	Image image/jpeg	64.233.170.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR2Z3xf6O_GZjor2Aw2dpXrtfcHcMH7xdHoVUqambZI6gcUtgHt&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f113.1e100.net Software sffe / Resource Hash 497afa2a515251efaa9cca8989f05d9b01b9a2f7b11e7ca3bd53be4c4ee15e43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:53:15 GMT x-content-type-options nosniff age 84960 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50577 x-xss-protection 0 last-modified Tue, 06 Sep 2022 02:16:28 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 18:53:15 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame 7C1E	56 KB 56 KB	773ms 97ms	Image image/jpeg	74.125.130.139 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcThMc0lMze8oJ_yKN9VMbUpgK1IrProC9aJplcfdGJ00VaijZF4A_CCAUEcYA&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.139 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f139.1e100.net Software sffe / Resource Hash f938705b36cb4542f211ff3bfaf0e24278917303c1bfd0993b7c30c92a82d249 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:17:51 GMT x-content-type-options nosniff age 213084 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56857 x-xss-protection 0 last-modified Tue, 02 Jan 2024 05:16:29 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 07:17:51 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 7C1E	15 KB 15 KB	956ms 209ms	Image image/jpeg	64.233.170.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR_0-0ja8kvCgcCx8AXGZlj3p2Us0vGd_2hVBknfO5u_WhGgjHVZMzuyp3fMTg&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f113.1e100.net Software sffe / Resource Hash 83fe3457d6c0244fab02dcf6466f2ac6764e02ceda54fdda36b267f9cd5b0093 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:01:03 GMT x-content-type-options nosniff age 88092 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15216 x-xss-protection 0 last-modified Thu, 11 Apr 2024 21:17:50 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 18:01:03 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 7C1E	20 KB 20 KB	844ms 167ms	Image image/jpeg	172.253.118.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsqeapFjyJ9Z1t3MvEyGu24ztRHMlsU2PM70u5KdgeLFRUi79RGyUo2VyDGnY&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f100.1e100.net Software sffe / Resource Hash 5911f88a18210a45f55e6d3f72bacce49ac19ed439ccc3aef6bd61bc9b0227f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:58:15 GMT x-content-type-options nosniff age 214260 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19985 x-xss-protection 0 last-modified Wed, 03 Apr 2024 06:40:27 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 06:58:15 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 7C1E	17 KB 17 KB	960ms 214ms	Image image/jpeg	64.233.170.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRvjF1vuXDenCme32d-fULds8FrylQJ18sRG9kr5V8o8oMmAgtgJEqaWkALtA&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f113.1e100.net Software sffe / Resource Hash 2db0a7c98965d1c77148a13e35ca7fd83d22f23e64ee22a404f56dfebabb3c38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 19:25:23 GMT x-content-type-options nosniff age 83032 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17738 x-xss-protection 0 last-modified Tue, 09 Jan 2024 07:00:55 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 19:25:23 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 7C1E	52 KB 52 KB	905ms 159ms	Image image/jpeg	64.233.170.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTHPAwHMMDROhWfv9JVNVhz66M1Ue1-GEmY6YdmoBMbSrdixes&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f113.1e100.net Software sffe / Resource Hash f2f2c265663ce3fae870fa7a3798df119dc67f709fd61a943b25eb601577f7d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:12:56 GMT x-content-type-options nosniff age 87379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52895 x-xss-protection 0 last-modified Tue, 02 Jan 2024 05:10:21 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 18:12:56 GMT
GET H2	200	shopping encrypted-tbn2.gstatic.com/ Frame 7C1E	72 KB 72 KB	844ms 166ms	Image image/jpeg	74.125.130.139 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQM4RsJ9a3uh5_yZBtM8Y2mDMeV6dB1CMpm7WzDVjyyf8CZ5CBO6fdCKDiueZo&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.139 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f139.1e100.net Software sffe / Resource Hash ff7891dfc88dcce373997887ba2fb4c5e659116659fae61cf4ad798d12fec34c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:02:52 GMT x-content-type-options nosniff age 213983 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73758 x-xss-protection 0 last-modified Tue, 02 Jan 2024 03:59:17 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 07:02:52 GMT
GET H2	200	shopping encrypted-tbn1.gstatic.com/ Frame 7C1E	15 KB 15 KB	807ms 93ms	Image image/jpeg	172.217.194.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTu0s7qJZUXM8o6wXJQJzivm1dbizugHzU3VVavJqdLO0M-Yfs&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f100.1e100.net Software sffe / Resource Hash 4972e175627b22e5c95f3fb81109786d32bbfaeb59d13068386f9023796eb49e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 19:49:42 GMT x-content-type-options nosniff age 81573 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15130 x-xss-protection 0 last-modified Sun, 16 Apr 2023 06:53:23 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 19:49:42 GMT
GET H2	200	shopping encrypted-tbn1.gstatic.com/ Frame 7C1E	19 KB 19 KB	820ms 106ms	Image image/jpeg	172.217.194.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRfhKdpQzSw9roU4DisrAmV4XroIvq8KaYB5oBVKzy3fBVli-8XURqclodnZw&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f100.1e100.net Software sffe / Resource Hash a3f758ffef70e34a1879e1e78bb13656e0f4cf15d0975e0eff5317ffc3451ffe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 18:08:09 GMT x-content-type-options nosniff age 174066 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19590 x-xss-protection 0 last-modified Sun, 16 Apr 2023 07:59:18 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 18:08:09 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 7C1E	55 KB 56 KB	776ms 99ms	Image image/jpeg	172.253.118.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR1lTXLCU05f1CWtoADtgsLvVtbosR9te1m2zs8uu1FJFiAzpGvVnh57ZB3_g&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f100.1e100.net Software sffe / Resource Hash 6b1211f4471d377fb46676129926a76d26e31a9bdd7c14a460e489fce9ad78af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:00:49 GMT x-content-type-options nosniff age 214106 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56315 x-xss-protection 0 last-modified Tue, 02 Jan 2024 05:01:41 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 07:00:49 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 7C1E	36 KB 36 KB	886ms 210ms	Image image/jpeg	172.253.118.100 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSetKCxqH3qyRTGXqClMyOPpQT2KJMCjVjhYFBRmCw_ubjgHBQl0TMmJMFe7A&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f100.1e100.net Software sffe / Resource Hash c0dac888aa83d88f29420e8809f1a9acd57abe0b2c3dd635fafca4a5838dbf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:44:49 GMT x-content-type-options nosniff age 215066 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36765 x-xss-protection 0 last-modified Mon, 18 Sep 2023 02:57:36 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 14 Nov 2024 06:44:49 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame 7C1E	16 KB 17 KB	944ms 196ms	Image image/jpeg	64.233.170.113 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ32EMFWgSUca-hlJ8RWx7pA1_BOpWSARyCyoXdy4AmsqX4CQxDrSendoTnTBQ&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.113 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f113.1e100.net Software sffe / Resource Hash 4089b1ba70afdbe9757345575754a03f9851d40506e69b7015d3f396950bc057 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:12:56 GMT x-content-type-options nosniff age 87379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16815 x-xss-protection 0 last-modified Thu, 15 Jun 2023 06:48:00 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 15 Nov 2024 18:12:56 GMT
GET H2	200	9005490777285690683 tpc.googlesyndication.com/simgad/ Frame 7C1E Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDv7tjNggEQgAIYgAIyCCpiCsH0b4RV https://tpc.googlesyndication.com/simgad/9005490777285690683	7 KB 8 KB	115ms 113ms	Image image/jpeg	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9005490777285690683 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 0d0d21c331514c886edf5f2ecf44a0dd181fdb06372413d30a2f0bbe489172e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:11:59 GMT x-content-type-options nosniff age 217036 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7379 x-xss-protection 0 last-modified Tue, 26 Oct 2021 02:42:04 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 14 Nov 2024 06:11:59 GMT Redirect headers date Fri, 17 Nov 2023 06:54:21 GMT x-content-type-options nosniff server cafe age 41694 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/9005490777285690683 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 17 Dec 2023 06:54:21 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	414ms 129ms	Preflight text/html	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2214389236489738013249%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214271315944001233569%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 18:29:15 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7F27 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 145 B	90ms 90ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT expires Fri, 17 Nov 2023 18:29:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:14 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 32C0	111 KB 39 KB	798ms 117ms	Script text/javascript	142.251.10.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f149.1e100.net Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:05:48 GMT content-encoding gzip x-content-type-options nosniff age 1407 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 18 Nov 2023 18:05:48 GMT
GET H2	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 32C0	11 KB 4 KB	96ms 96ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYq3Zkb5JsfrzTzJ-Hn_uVielTb2NsKBko83QkDAdWbM2D62MiKkHcCRGjFxuq4W8ooJ2S9z5ntFRdpfUYjL-QpA6tQTjeUax_AiM0TUOR4UVgXTvgPcqsVd0-dWbH0mLnuJ7XCA6yM_lyULu1yL3Q5xfIE9YgnSwBplyn8OD4cqds8so&dbm_d=AKAmf-BvLJVAlduRmTFa2NB1iYKpELjmiD0znM9pFq6R1YZkzDPWpmBI9_owLz1DUpm3_DN37x5NqHXPhP-dnQuVJhW9oCoKWbFD4Tj3Z86PUYSGL2CAzBF4ThShgqRYyzsYDkcnBadZLfyZNe-ZT1PMdJizNky-f0pRy8P0FmWeDeqg3CFuXfrhnSSGa4vnK0r58vpntsIV6ldGrUv3rSqn-8p2lJpEXfw7EALCZMI0iX6iTEGO0R9yP4T9DTG97oJDqs_fbrYnQayeDOpxRbcV-LdbEuhww_wbZ4ItTbCb2lXLRg7kq4TftV8iHH-XpmjkQjl5dMTJ7JEFpnm6E9GYXc2bmUOq5vgqo491pe6-VzAG5sEcKN1OwsG318E5xG47Jal8iKSc-hXNyGAo4I38xUISR-1GEb1PlggCp_kYy09J6FEVNMrRhqbnWo2tDcR_fIfRxPJDWQYoCAvuG_F46K6yu5PZh8ghY4l9CP-ZaytIVAEBWXpchzANJZOQynIUM_fkPFkZoqvGbcV7Dc2omyjxgIp8TK90IvgVBWy7dQB7X-AD7R1q4NsHWbN1rL65lUdQXzem2lJOz26Uq0CStdsFEkk3eNGYd0L6ioom5aZY2WXxHI-ovmZPc_ECSfuOqt3mh3OF2OoG79U_sv1utjIK5j-lFQ_at_KWblZskR9eBDYv4O5gfw4y0nKTDfM3aSs63GjFQhFmwKwVsgDireuVV6-nFM8d8t2Kj27ESyA8S9IUbOb9sUMBhcomh7wri8yygNJ3Ykai0fr6gkBN9n_bHrf7X2vfrlNsuHsxvE1_nnEvzWe_b8MV44gMmFcgDlvqnmqosHHk-OT9Sl8f-ymZCd7F6h8S3DwZ2v2ML-TzppXkIUNRrV7SmvS4M9BlZ3lAhDqEqngVj46aqIYJcqvWADCMZf3CJyGZpG9thBxzfmkYUNVxnv00VdNQZ8YVzzNI6YC7sECETb7D-At6oZLV8MjbEdqPUi3CNYkeeqIuDX-XaKvhx6PE4PI-n69vEf33C2nOMHZxqRrKBGp8cH7LU3Tgy73BLArvCFYMX0nm541znG78rN6XZXep7rbreDNnTuMDWEyLjGKT_gvdv7_jXpLFPyy1MxZeH11Gm3Uvb5DZB1Oq3h6NgHuw_V10u6qfcgrrGZNBJozoSzw8lpj0kJLdMg5jnbCOpHcDhrXRJ_eNcjzLMQvP9jCHpdv52Bs3f6VwDTfSX01YHKNnIRxVjJvOTS6ltq8BxqxFvDnVzrb6lZxVZBCdBk-oVvkErpVQteG-0pe7Bte6nkKaEh0T16ap0aNRCVk9qW559cDvGB_xlKFFv03Vm_W-UbRpBpKuKKuAhK5jmb8bMHENRpr98NJjOCVAC7zfVjMphnOehfMB9Y0yeUB9w1ZaPAvgYJxmYJRFkZxqlrzyNx8UH65A4H4B_kJZyyQ757_zn7I0BDrhQce3SCZZB3A6t2xfSDooGheu7mF3aRe8JdYMLbBpLyCsG3szfk38rEc2MlINgt2WmMyYLm5CcMpm7V0eG3HQhJoKAtGbjQWB8HFO3vhJRt2gpJgnlR3muNZvgnB-b5u959dO10KA6uURbW8fG-Yb05RbitmtpggRa0MKVVdsLrrTHQgRb1msHAkyYPn3BpR_sPisAjy5XhK0yOysLMEpcEvO7QnSrN53sk-ftc3BlOqgOjwCy4sl75YTRGsnlrHuwm_KdwymFfjH20qdQL1GI3qJxZAwSskbjfa8jY8qA6aEMD7HCpIaVRjkljl3y1JkQBc5126ql9S55lHos9XU2s1bUi8psz9fPJu-n6SVlXsCEiZ9RxZnXtmNNkCYHJmGVFgdiEqHajZGYxL2nuHlQKzKDASWlilXOz3rSL7Fc-D5ZV8dsVoyxAIAnAmZVO6Czl6sm6O9kXdcopptRY9oNJRWe_lPY7oSheJn12c7fPD7vB9fzW46KMdzV5G0Gi7e_wx2cKvEvdMvWWtFzAYuaqn9LZKi9mFeSb2vLZySUlazvu4w1R9OSNZZmujyuiRW3Ln29gLfwbU8-33rqrB2CEeyw-pu-xfg_AbLrN1Wqx58KDpoZ9E4zSiWVuI5N_THJ7Wu3kN1NB7PCk_v_odGdMbMSyHosHn1u81hY_ndGThJRQLoy_38VdZ5VpvvXRqw9UE4XrwSpbivqAoMv8hnPSkOu_0nyTm0CZjeE-e5Mm5EqtHPOk4ImZCPuQKIuUgD7JRGyL_y2AJ0aBbP4RMeCc_PtGXnKhcSXqGfNiIoEsY8Y-qn5dE6RVAfn1lYuoOknMx9nvRAwBfYBQPbbh9ygwXZfa7laQdJfKfrsPwvH2cNcnHp4jjIa_6JTnNlyPnb4qr6gQaTeDK-su2zp0-Ix6JIPEAFfbg4-sD3jRTyXhQbor__IDx1_BtEWiWFP8nTirZGAj9lUdYQk-lC01uClFbA6RF-V83segAv6z9BsGJ_9_6kMVBD--HwUMKw_XH65lG6UGIOOfCbeT8iTJRETW3nQO9jd4eilgMk7Mfw5o-t_eKOTtFRn-0QAW1CTjy0GwqWFOMOZ9H9FK2eSqIkWc2iRBHlpmnTdmL7CEZRdOQuzPEUbWIpZEA2fVogLU1TZc8RLI4xpAKh4h3yNfiYq_bwU-Y2HBzd8pXDOgsGgdeEWizL4A2DU1DyVihCyEZYW7ugvaEKs_OElLCn7HhBSzy8pSgqGmZugPEFLvmnvjgrodXmn_Meq3M-IqXeB6PJv-ECeY5XtbaDIC2WUpybKVAYqgdW-aVdCPlFYF3Gv4kZ17nmuvAFKkRk8kSxq8Bczi0vjeOBQj12IYKCqPTai_AQOfzPwr2op5VtOUPGEB5oymcFMYtXm90av4-Na846JTTvnsIlAiHwiGCqcbeJFkLfF_5nWr8pyGqyCWczvHUaxKe1UtGBdTYpYsuB_DcwJ31fMRw5dxcbNiQy3OVkOm__fyi8kVvhpqIJlfiI6uHg1NouENQSwkrN1er6bpT-QRuUgDVTDMp0lR2p_BqL0_eGe0jXzJ9O4y5Bx3Q6Qx00Viu6_ypkOWlSilIonroT_1A62IUo39TiE0LBKheR4r5ADiALrKU7MbqEDtw-NgZMHsULwoLIv9LqQZHZINMKHQ3XBP2ePBfpmP3eGK4GcGL7MLAhB_2uoDM-mknRUrcDuQcxp8aPTUKMYh1oCNijz3DfxoVJLV_FjWPwYW4ohjf5zmahi_D7W51aGdLlp9jgVhQFSbF48o9hpBGEZbJErvbsSteBAHwm4ETSdnV8h9qKmUGrTu7KR_o0VsVNVk0spj8htl7QwcRZgbEn0vA8NI1SQ9a7C6qL6T8CU25iQ4JhBZJ5SHoksnu6uwj_2vlPmtGXnIxSA9Qgsm2ro9Z18GF6zwf6adhlt3yRm9wCI5Rba7IzE2vD0j7J623Pvo7U4XZXqzWUc_0ld6OMgLaUMeYc8zIys2ZivWeZOpDiJH3ziG5MHsWksXCCV0QAFkmV6pUrjMvG1BZE6ojet0KFWlTLWhA7epcbykX9AR8IsqVYTDWZe38Xal1DfvsYl0cqU7gvDZM93ZOcFUQB4QztVvaER3iWPw0Nn5YtdLQoJQT149qjIzAq4Cz4Xi9jpKXMha7j8D-BHgS3NmDSJeQ6UCY9V0L1xbmUGH_Beh2qfUC88wx0GZbfDAzjw5mnsD3oqeSnmPgFNENGwWUrrdt9K1w&cid=CAQSTwDICaaNOB7s2N-lScQx0JcyXh0ntPp-RFiqcjqT6RxkvIHU-hrQkWGNe1FAP4L04x4sWEeMA459TN_nMLLzaeZvIqz-mUHK61Sg6GqNCVEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuserupload.in%2F&ds=l&xdt=1&iif=1&cor=8987481985926807000&adk=3047537735&idt=113&cac=0&dtd=28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 00:13:06 GMT content-encoding br x-content-type-options nosniff age 65768 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 00:13:06 GMT
GET H2	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 32C0	31 KB 12 KB	105ms 104ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYq3Zkb5JsfrzTzJ-Hn_uVielTb2NsKBko83QkDAdWbM2D62MiKkHcCRGjFxuq4W8ooJ2S9z5ntFRdpfUYjL-QpA6tQTjeUax_AiM0TUOR4UVgXTvgPcqsVd0-dWbH0mLnuJ7XCA6yM_lyULu1yL3Q5xfIE9YgnSwBplyn8OD4cqds8so&dbm_d=AKAmf-BvLJVAlduRmTFa2NB1iYKpELjmiD0znM9pFq6R1YZkzDPWpmBI9_owLz1DUpm3_DN37x5NqHXPhP-dnQuVJhW9oCoKWbFD4Tj3Z86PUYSGL2CAzBF4ThShgqRYyzsYDkcnBadZLfyZNe-ZT1PMdJizNky-f0pRy8P0FmWeDeqg3CFuXfrhnSSGa4vnK0r58vpntsIV6ldGrUv3rSqn-8p2lJpEXfw7EALCZMI0iX6iTEGO0R9yP4T9DTG97oJDqs_fbrYnQayeDOpxRbcV-LdbEuhww_wbZ4ItTbCb2lXLRg7kq4TftV8iHH-XpmjkQjl5dMTJ7JEFpnm6E9GYXc2bmUOq5vgqo491pe6-VzAG5sEcKN1OwsG318E5xG47Jal8iKSc-hXNyGAo4I38xUISR-1GEb1PlggCp_kYy09J6FEVNMrRhqbnWo2tDcR_fIfRxPJDWQYoCAvuG_F46K6yu5PZh8ghY4l9CP-ZaytIVAEBWXpchzANJZOQynIUM_fkPFkZoqvGbcV7Dc2omyjxgIp8TK90IvgVBWy7dQB7X-AD7R1q4NsHWbN1rL65lUdQXzem2lJOz26Uq0CStdsFEkk3eNGYd0L6ioom5aZY2WXxHI-ovmZPc_ECSfuOqt3mh3OF2OoG79U_sv1utjIK5j-lFQ_at_KWblZskR9eBDYv4O5gfw4y0nKTDfM3aSs63GjFQhFmwKwVsgDireuVV6-nFM8d8t2Kj27ESyA8S9IUbOb9sUMBhcomh7wri8yygNJ3Ykai0fr6gkBN9n_bHrf7X2vfrlNsuHsxvE1_nnEvzWe_b8MV44gMmFcgDlvqnmqosHHk-OT9Sl8f-ymZCd7F6h8S3DwZ2v2ML-TzppXkIUNRrV7SmvS4M9BlZ3lAhDqEqngVj46aqIYJcqvWADCMZf3CJyGZpG9thBxzfmkYUNVxnv00VdNQZ8YVzzNI6YC7sECETb7D-At6oZLV8MjbEdqPUi3CNYkeeqIuDX-XaKvhx6PE4PI-n69vEf33C2nOMHZxqRrKBGp8cH7LU3Tgy73BLArvCFYMX0nm541znG78rN6XZXep7rbreDNnTuMDWEyLjGKT_gvdv7_jXpLFPyy1MxZeH11Gm3Uvb5DZB1Oq3h6NgHuw_V10u6qfcgrrGZNBJozoSzw8lpj0kJLdMg5jnbCOpHcDhrXRJ_eNcjzLMQvP9jCHpdv52Bs3f6VwDTfSX01YHKNnIRxVjJvOTS6ltq8BxqxFvDnVzrb6lZxVZBCdBk-oVvkErpVQteG-0pe7Bte6nkKaEh0T16ap0aNRCVk9qW559cDvGB_xlKFFv03Vm_W-UbRpBpKuKKuAhK5jmb8bMHENRpr98NJjOCVAC7zfVjMphnOehfMB9Y0yeUB9w1ZaPAvgYJxmYJRFkZxqlrzyNx8UH65A4H4B_kJZyyQ757_zn7I0BDrhQce3SCZZB3A6t2xfSDooGheu7mF3aRe8JdYMLbBpLyCsG3szfk38rEc2MlINgt2WmMyYLm5CcMpm7V0eG3HQhJoKAtGbjQWB8HFO3vhJRt2gpJgnlR3muNZvgnB-b5u959dO10KA6uURbW8fG-Yb05RbitmtpggRa0MKVVdsLrrTHQgRb1msHAkyYPn3BpR_sPisAjy5XhK0yOysLMEpcEvO7QnSrN53sk-ftc3BlOqgOjwCy4sl75YTRGsnlrHuwm_KdwymFfjH20qdQL1GI3qJxZAwSskbjfa8jY8qA6aEMD7HCpIaVRjkljl3y1JkQBc5126ql9S55lHos9XU2s1bUi8psz9fPJu-n6SVlXsCEiZ9RxZnXtmNNkCYHJmGVFgdiEqHajZGYxL2nuHlQKzKDASWlilXOz3rSL7Fc-D5ZV8dsVoyxAIAnAmZVO6Czl6sm6O9kXdcopptRY9oNJRWe_lPY7oSheJn12c7fPD7vB9fzW46KMdzV5G0Gi7e_wx2cKvEvdMvWWtFzAYuaqn9LZKi9mFeSb2vLZySUlazvu4w1R9OSNZZmujyuiRW3Ln29gLfwbU8-33rqrB2CEeyw-pu-xfg_AbLrN1Wqx58KDpoZ9E4zSiWVuI5N_THJ7Wu3kN1NB7PCk_v_odGdMbMSyHosHn1u81hY_ndGThJRQLoy_38VdZ5VpvvXRqw9UE4XrwSpbivqAoMv8hnPSkOu_0nyTm0CZjeE-e5Mm5EqtHPOk4ImZCPuQKIuUgD7JRGyL_y2AJ0aBbP4RMeCc_PtGXnKhcSXqGfNiIoEsY8Y-qn5dE6RVAfn1lYuoOknMx9nvRAwBfYBQPbbh9ygwXZfa7laQdJfKfrsPwvH2cNcnHp4jjIa_6JTnNlyPnb4qr6gQaTeDK-su2zp0-Ix6JIPEAFfbg4-sD3jRTyXhQbor__IDx1_BtEWiWFP8nTirZGAj9lUdYQk-lC01uClFbA6RF-V83segAv6z9BsGJ_9_6kMVBD--HwUMKw_XH65lG6UGIOOfCbeT8iTJRETW3nQO9jd4eilgMk7Mfw5o-t_eKOTtFRn-0QAW1CTjy0GwqWFOMOZ9H9FK2eSqIkWc2iRBHlpmnTdmL7CEZRdOQuzPEUbWIpZEA2fVogLU1TZc8RLI4xpAKh4h3yNfiYq_bwU-Y2HBzd8pXDOgsGgdeEWizL4A2DU1DyVihCyEZYW7ugvaEKs_OElLCn7HhBSzy8pSgqGmZugPEFLvmnvjgrodXmn_Meq3M-IqXeB6PJv-ECeY5XtbaDIC2WUpybKVAYqgdW-aVdCPlFYF3Gv4kZ17nmuvAFKkRk8kSxq8Bczi0vjeOBQj12IYKCqPTai_AQOfzPwr2op5VtOUPGEB5oymcFMYtXm90av4-Na846JTTvnsIlAiHwiGCqcbeJFkLfF_5nWr8pyGqyCWczvHUaxKe1UtGBdTYpYsuB_DcwJ31fMRw5dxcbNiQy3OVkOm__fyi8kVvhpqIJlfiI6uHg1NouENQSwkrN1er6bpT-QRuUgDVTDMp0lR2p_BqL0_eGe0jXzJ9O4y5Bx3Q6Qx00Viu6_ypkOWlSilIonroT_1A62IUo39TiE0LBKheR4r5ADiALrKU7MbqEDtw-NgZMHsULwoLIv9LqQZHZINMKHQ3XBP2ePBfpmP3eGK4GcGL7MLAhB_2uoDM-mknRUrcDuQcxp8aPTUKMYh1oCNijz3DfxoVJLV_FjWPwYW4ohjf5zmahi_D7W51aGdLlp9jgVhQFSbF48o9hpBGEZbJErvbsSteBAHwm4ETSdnV8h9qKmUGrTu7KR_o0VsVNVk0spj8htl7QwcRZgbEn0vA8NI1SQ9a7C6qL6T8CU25iQ4JhBZJ5SHoksnu6uwj_2vlPmtGXnIxSA9Qgsm2ro9Z18GF6zwf6adhlt3yRm9wCI5Rba7IzE2vD0j7J623Pvo7U4XZXqzWUc_0ld6OMgLaUMeYc8zIys2ZivWeZOpDiJH3ziG5MHsWksXCCV0QAFkmV6pUrjMvG1BZE6ojet0KFWlTLWhA7epcbykX9AR8IsqVYTDWZe38Xal1DfvsYl0cqU7gvDZM93ZOcFUQB4QztVvaER3iWPw0Nn5YtdLQoJQT149qjIzAq4Cz4Xi9jpKXMha7j8D-BHgS3NmDSJeQ6UCY9V0L1xbmUGH_Beh2qfUC88wx0GZbfDAzjw5mnsD3oqeSnmPgFNENGwWUrrdt9K1w&cid=CAQSTwDICaaNOB7s2N-lScQx0JcyXh0ntPp-RFiqcjqT6RxkvIHU-hrQkWGNe1FAP4L04x4sWEeMA459TN_nMLLzaeZvIqz-mUHK61Sg6GqNCVEYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuserupload.in%2F&ds=l&xdt=1&iif=1&cor=8987481985926807000&adk=3047537735&idt=113&cac=0&dtd=28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 22:09:48 GMT content-encoding br x-content-type-options nosniff age 73166 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11874 x-xss-protection 0 server cafe etag 3876053170955424897 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 30 Nov 2023 22:09:48 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 32C0	41 KB 14 KB	466ms 207ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:43:21 GMT content-encoding br x-content-type-options nosniff age 215154 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:43:21 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9660	14 KB 1 KB	318ms 143ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash 682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Nov 2023 17:44:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9660	2 KB 903 B	320ms 192ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:09:11 GMT content-encoding br x-content-type-options nosniff age 40804 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 07:09:11 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9660	23 KB 9 KB	111ms 106ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:27:07 GMT content-encoding br x-content-type-options nosniff age 128 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 18:27:07 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9660	3 KB 1 KB	114ms 112ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31634 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9660	20 KB 8 KB	304ms 177ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 9660	203 KB 64 KB	396ms 269ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:15 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 9660	37 KB 16 KB	706ms 129ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:45:38 GMT content-encoding gzip x-content-type-options nosniff age 215017 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 13 Feb 2024 06:45:38 GMT
GET DATA	200 OK	truncated / Frame 9660	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 85D1	143 B 205 B	100ms 99ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 3149 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 17:36:46 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 85D1 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 159 B	114ms 113ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:15 GMT expires Fri, 17 Nov 2023 18:29:15 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:15 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	t_.htm Show response t.sharethis.com/a/ Frame 627B	2 KB 1 KB	115ms 115ms	Document text/html	184.50.85.169 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=B&dmn=userupload.in&rnd=1700245754600 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-50-85-169.deploy.static.akamaitechnologies.com Software / Resource Hash ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Cache-Control max-age=604800 Connection keep-alive Content-Encoding gzip Content-Length 1160 Content-Type text/html Date Fri, 17 Nov 2023 18:29:15 GMT Expires Fri, 24 Nov 2023 18:29:15 GMT Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow
GET DATA	200 OK	truncated / Frame 7127	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a5133ff630e7b40e7fd0ff765afa1d779bd8e438db7c96d8104738c78c7f7c9 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 32C0	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c95d93adb690d6fdf27b0334b5f33929bdeca6010e69876df42d290dec47517f Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 5557	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07602098473de50de0acea44d1e039213888ebe00c130a5e76c8cebd1a28a1bb Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	t_.js Show response t.sharethis.com/1.1258.23364/a/SG/ Frame 302B	22 KB 9 KB	119ms 116ms	Script text/javascript	184.50.85.169 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1.1258.23364/a/SG/t_.js?cid=c010&cls=B Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 184.50.85.169 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a184-50-85-169.deploy.static.akamaitechnologies.com Software / Resource Hash 9ed812e785006064483914e69a010136b30161010c95d2d5692ada875679f161 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.1258.23364&cid=c010&cls=B User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:15 GMT Content-Encoding gzip Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type text/javascript Cache-Control max-age=604800 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 9288 Expires Fri, 24 Nov 2023 18:29:15 GMT
GET DATA	200 OK	truncated / Frame 7C1E	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a5fc7a0c6cd79f2addbd338d80b042c8aaf806ae2c120f4ed1cbf2d21af2fbbf Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9660	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc3cfd9cf4a47812984b952db8103d22e9e318dfb2bfcd7f588e4f50abf95af5 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame C623	38 KB 13 KB	93ms 93ms	Document text/html	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes age 218112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 15 Nov 2023 05:54:03 GMT expires Thu, 14 Nov 2024 05:54:03 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 5557	33 KB 33 KB	100ms 99ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:10:50 GMT x-content-type-options nosniff age 217105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:10:50 GMT
GET H2	204	/ loadus.exelator.com/load/ Frame 302B	0 324 B	678ms 236ms	Image text/plain	54.150.10.110 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.150.10.110 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-150-10-110.ap-northeast-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:16 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
GET H/1.1	200 OK	lotame sync.sharethis.com/int/ Frame 302B Redirect Chain https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_con... https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdp... https://sync.sharethis.com/int/lotame?uid=2d44758ee2d4d40f2c3efaafc775e6f5&gdpr=0&gdpr_consent=	42 B 297 B	1113ms 254ms	Image image/gif	3.75.125.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/int/lotame?uid=2d44758ee2d4d40f2c3efaafc775e6f5&gdpr=0&gdpr_consent= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Server 3.75.125.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-125-244.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:17 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:16 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.sharethis.com/int/lotame?uid=2d44758ee2d4d40f2c3efaafc775e6f5&gdpr=0&gdpr_consent= cache-control no-cache x-server 10.42.22.16 content-length 0 expires 0
GET H/1.1	200 OK	eyeota sync.sharethis.com/ Frame 302B Redirect Chain https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://sync.sharethis.com/eyeota?uid=2rLQ2eGDMgZGB8D4loWTqon-hdRaHNS3NWBxT3ej9zdM&gdpr=0&gdpr_consent=	42 B 297 B	1126ms 261ms	Image image/gif	3.75.125.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/eyeota?uid=2rLQ2eGDMgZGB8D4loWTqon-hdRaHNS3NWBxT3ej9zdM&gdpr=0&gdpr_consent= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Server 3.75.125.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-125-244.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:17 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers Location https://sync.sharethis.com/eyeota?uid=2rLQ2eGDMgZGB8D4loWTqon-hdRaHNS3NWBxT3ej9zdM&gdpr=0&gdpr_consent= Date Fri, 17 Nov 2023 18:29:16 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	ttd sync.sharethis.com/ Frame 302B Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://sync.sharethis.com/ttd?uid=93bf1c2f-68ea-4014-bd6c-c04e7283f720&gdpr=0&gdpr_consent=	42 B 297 B	1117ms 268ms	Image image/gif	3.75.125.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/ttd?uid=93bf1c2f-68ea-4014-bd6c-c04e7283f720&gdpr=0&gdpr_consent= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Server 3.75.125.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-125-244.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:17 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers location https://sync.sharethis.com/ttd?uid=93bf1c2f-68ea-4014-bd6c-c04e7283f720&gdpr=0&gdpr_consent= date Fri, 17 Nov 2023 18:29:16 GMT server Kestrel content-length 215
GET H/1.1	200 OK	yahoo sync.sharethis.com/ Frame 302B Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= https://sync.sharethis.com/yahoo?uid=y-F8qXaX5E2oOXPxsAzSf_fK68LRXv0BW2a68-~A&gdpr=0	42 B 297 B	1056ms 246ms	Image image/gif	3.75.125.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/yahoo?uid=y-F8qXaX5E2oOXPxsAzSf_fK68LRXv0BW2a68-~A&gdpr=0 Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Server 3.75.125.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-75-125-244.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:17 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMABGVXsPoAAAAIHs/xAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers location https://sync.sharethis.com/yahoo?uid=y-F8qXaX5E2oOXPxsAzSf_fK68LRXv0BW2a68-~A&gdpr=0 date Fri, 17 Nov 2023 18:29:16 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	csync.ashx ml314.com/ Frame 302B Redirect Chain https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGMABGVXsPoAAAAIHs%2FxAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D https://idsync.rlcdn.com/395886.gif?partner_uid=3640006085072912456 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MDAwNjA4NTA3MjkxMjQ1NhAAGg0I_OHeqgYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=2bc3485dd086ac7e75e457c0886c41566b447259f7de05be627d60f865fafc97f4cb09cee1a4f8eb&person_id=3640006085072912456&eid=50082	43 B 124 B	108ms 107ms	Image image/gif	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=2bc3485dd086ac7e75e457c0886c41566b447259f7de05be627d60f865fafc97f4cb09cee1a4f8eb&person_id=3640006085072912456&eid=50082 Protocol H2 Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language zh-SG,zh;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers expires Sat, 18 Nov 2023 18:29:16 GMT date Fri, 17 Nov 2023 18:29:16 GMT via 1.1 google, 1.1 google server Google Frontend alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif Redirect headers date Fri, 17 Nov 2023 18:29:16 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=2bc3485dd086ac7e75e457c0886c41566b447259f7de05be627d60f865fafc97f4cb09cee1a4f8eb&person_id=3640006085072912456&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 7C1E	33 KB 33 KB	92ms 91ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:10:50 GMT x-content-type-options nosniff age 217105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:10:50 GMT
GET H2	200	ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C1E	21 KB 21 KB	139ms 136ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:41:04 GMT x-content-type-options nosniff age 215291 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21428 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:32:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:41:04 GMT
GET H2	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C1E	20 KB 20 KB	152ms 150ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:04:25 GMT x-content-type-options nosniff age 217490 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:21:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:04:25 GMT
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 9660	33 KB 33 KB	126ms 125ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:10:50 GMT x-content-type-options nosniff age 217105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:10:50 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 7127 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=C9rad-rBXZYvbCd6D9fwP5pCZqAqE9bCcdKPOtq-rEtLCrsCMDhABIN-3sC9gvwWgAeS759gCyAEJqQLt25hfLvWoPqgDAcgDywSqBIQCT9DWtS6YfgRgFLk8b_rCVN_kY0mzXEb4coRv3jZ... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3fa51c4fff196de10000000000000000%22,%222%22:%220x43ed071f979659240000000000000000%22,%223%22:%220x28fdcd...	0 0	97ms 95ms	Fetch text/css	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3fa51c4fff196de10000000000000000%22,%222%22:%220x43ed071f979659240000000000000000%22,%223%22:%220x28fdcde2c1f5b09a0000000000000000%22,%224%22:%220xa8817dad099a9d8e0000000000000000%22,%225%22:%220x4915c742f149365c0000000000000000%22},%22debug_key%22:%224764825957774808330%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22723115492%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218426250839515114353%22}&andc=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H3 Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:15 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x3fa51c4fff196de10000000000000000","2":"0x43ed071f979659240000000000000000","3":"0x28fdcde2c1f5b09a0000000000000000","4":"0xa8817dad099a9d8e0000000000000000","5":"0x4915c742f149365c0000000000000000"},"debug_key":"4764825957774808330","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["723115492"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"18426250839515114353"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 17 Nov 2023 18:29:15 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 17 Nov 2023 18:29:15 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3fa51c4fff196de10000000000000000","2":"0x43ed071f979659240000000000000000","3":"0x28fdcde2c1f5b09a0000000000000000","4":"0xa8817dad099a9d8e0000000000000000","5":"0x4915c742f149365c0000000000000000"},"debug_key":"4764825957774808330","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["723115492"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"18426250839515114353"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 7127	33 KB 33 KB	125ms 124ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:10:50 GMT x-content-type-options nosniff age 217105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:10:50 GMT
GET H2	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame C623	39 KB 15 KB	113ms 112ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 20:18:30 GMT content-encoding br x-content-type-options nosniff age 79845 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Nov 2024 20:18:30 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 32C0	0 0	413ms 103ms	Fetch image/gif	74.125.130.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstu182LrCTWBcm74507HNMxRATGJ5-06zAR4tjjY9c0ofu5bKNcLFnwHpEYVoITQNjMyS2vmhgR636IdqqrkfGpvTkQIMl3jwMaOsh_tqv4LZh0kU3J4THyqTCc5NKezFnJTR1wfhEzMuTzAupk5nOt92wUo43mzwI9pOffUCYt9rhpbmB6ymVbMBx8GScxASdvfkVuurOuH8bXUBsnETdhgaKZuIYkCoCX24UsDZlJcJfLTXPX4HAEp9SQ46HZJrxSX8XO39XnxBLV_xH2IV4wX_z6405GUwSuzVl5_9S4TLfPbQGNKBKbjFmlCv1jYrTgGRIlbJlvdHxqJOByhVNwWTF-SepUsswR38gOZJRq_NbWuZ8sqyi4sYjMTlfCqOTx1YyuGj47XFHaeMQhYyiVomP_RdbXPNUdElKvWCsaYZG5kiYW44oC1fMTAXuRV7MPgrylPcJNxmxJ4sXxhHedhh7QA03wS8-heMBGnvrtWKOSTKg7jX04mEM7SfdAOAo6npW1wJDfTa56lp63MDpM0_6nRxtfR9U0I81UmD7MAHJyScnBXwxSRg3zHHmCCFcUdxkP24qzLfXOL38WRQyKy77B2rZzU3mBHrPx3Oub406XHBVZnLKpnEOhlJ5wXbnLUkoG67_mSc3bSONXmKfAnCMAikuCxBWeWZHXFBcKiQsk9L6Kd72Cbu9aUW2nh0CrOC2x6YzpjLFc-a3w-xvcA4BMnCyDPAJR1fbgQ5P9FcwnKQcIH8K9gvdAyC4UZgaLhWZLqU2f5qxucmec3hGqWSFW4mA-0r3i3WjEMG5tIsHueRCbhGY0-oMY2Hx7LssQG6SsSWV4musajKpV0f2kLp8RDHtlSolK_I0mZ8X2Xbne-2QfMVhrUXWQJvb5wt53U62uvI1B_WTlNAbIbnkdF9IZyk4MsNOjkvc2Tp6Na-e5r4N7L4lpHvyJxedfDE0k3xArNLWfsQSadHdFLTF27FMKOUJqxHybIhOaOf_92fvS_EqkKnI2VukW7rnJKzl3Uat0rzFqKcN8L7iT4wD_ndqlo0ySOGRjbcCy7m6iE4mxK_7Sc7h65KXgmgRvtiU79Ch4OQQF3aabyss4ziqyHNN2ca0nL5GWugtnqExvPEnaD8O9aRHGgECsDgku33Xd7cdidUNkSAzObyMGr1nGgnul7pfx8SPGVaxBLSIuFi3blV0bISULs7LiRkxBE9VP4QIacGpTvpBbRLzbRQ9KUznHi50LgldI19GMz8knPBsC8yU_he9W-egUAY44zeKc_tNNOheUvYMKQEslxpfM5IOOTl_7gChDH8ctT3eVhgS59sOO6qWjN0q0CNUBg0NS5O3f1SZXOEW01KmbJPNctRnpsY4UmlM1nnWKkoN7N_QbwrdJT_cKUVbeOXppiE--X8gr6DAsyzEaYauvSYnVQDP5jC5W4iNDZaBI6qoIXDcLqz3T0rL4vw&sai=AMfl-YS6xyYh3DqoLwijiXLLDTNGIRoOc0IHi0NP-BTSo96g_G1HikPQVm_47ZJsQdjMC6N7ZLDRJAvWjQJEJhTRrdwDUX3ge0CjyXZ9crVfMn82igISqycjESv_ulSveT_4HVaSwr70g-kBvNs-5udXeQWsOP9XBK6g-j4uQ2SV-ORywuK3jLeEc4lFBVFKIBpb3t0MfFALjxWUSBJpNRxLKbkic3NZfX7IQUfJiSTbkTopeVf3u8lh4soCP77CcAqHdhuvX_8WY6f9w39pPK76KUmqMDB29d4PxMyFkDmMTsdxTHbzIBuCYBfZntzVJnGuojjC&sig=Cg0ArKJSzLqWH1oJSR5aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=866&cbvp=1&cisv=r20231109.01653&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	9498592498111498621 s0.2mdn.net/simgad/ Frame 32C0	16 KB 16 KB	969ms 94ms	Image image/jpeg	142.251.10.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/9498592498111498621 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f149.1e100.net Software sffe / Resource Hash 6cd0d8424d6c86b735896599488feefce4cad20f33375bd9702b0381b2a9ad96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:30:54 GMT x-content-type-options nosniff age 86302 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16147 x-xss-protection 0 last-modified Thu, 19 Oct 2023 14:54:55 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 15 Nov 2024 18:30:54 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	100ms 96ms	Preflight text/html	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3fa51c4fff196de10000000000000000%22,%222%22:%220x43ed071f979659240000000000000000%22,%223%22:%220x28fdcde2c1f5b09a0000000000000000%22,%224%22:%220xa8817dad099a9d8e0000000000000000%22,%225%22:%220x4915c742f149365c0000000000000000%22},%22debug_key%22:%224764825957774808330%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22723115492%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218426250839515114353%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 18:29:15 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C623	0 56 B	99ms 98ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDFDK-rBXZe7WLMj6ogP8toRIAAAAADgB4AQC&bg=!ExClEF_NAAZxrfrxUa07ADQBe5WfOBv2OlhQTa1BKqG8VMRLoNURNYvWOiAzMLeMXP3n-Y7LdO1ZN0EnRSWDJFHExq2MAgAAAGxSAAAABGgBB5kC5v2HuDfMBRzi9F7GoyxvjPEnx8NZORGQgwHktPtySWKsHsBlma1B11I5mPh8rSOgVR5fTa4hmJfW84M6ZcNa3nvToOaf7tGhv4zX2x22xfKn1vY-hMB0rLMpaJ02wRpCubY8G0DPpV9rY4BMeKnXh3CxED1uMOhnZcnYeONB1N2LmRjsbVX3jQqzW3Uj1GVgwPStO-hcRpz1oOMSFgupHY8Y9dWiheAvk034IHqxLrzffjqtCv8JHoaLTLz93IqKVrXmWUDrfyeQEvjrPxVKuj4K5v6JtBcTLFM9Q8TdvPUwamCHDrKTfXCXYfyH2eXCnqWALqTrdvq9jo4O8OPnWFR7sBjOut79qUemt1sPB9nmoN4N6piaeej6O24JulZXEXS1SO7788zd_roQ4bQrPiqGPcKnaMm8kMMujBn3sKPCEg_wbPm8szHEjXCVohqr2mt6kZV_oNuDvYN95ZFaIItdCv12AcAavXc5viqfFZOj9UQlVJu3dA0dCRqa619nyGbF638wD2ctlgKTfcs9Q3Ec5enylpm0CH0h8mHsDiox03fsXyCow2UByT7PQ8DHFXXJ0loy4a5nhfnoWrFLDIxfnvyhl-AHPFPAG6HP-lRVlBefgO5cEjwGLc-GDTut5FHUCCawU93Tv5OPrpYhRqp9pZ1wLXJ_s8dZxI38tsMLcqNPveI-CcIdMew9i2jt5pSHFsZkhQOVtAv_3RFuje7Hgp08pcUZoXxlUb_xoATB49wg4gq-E7Ae_8BTsc1erjQxUqUbMe6Gn1K2UA7X3Cy3Nvqphjon0C-hnV3m4KOvaG8Nj1p3Kqpdwr4A85kv5NO5llaldhRuATIQy1OZuRcMjD4hElP_odheg2JiBF5_wGh4l3MFqxAP573vnOxVQEVpi4oKDZGCkJjI_Ikdarcm5xtkqYVcGpBTIkEs04PQYwwqkIHJ9x3IXz0YeXkGYnA7o32dD2qDwitzHvLTjG160Y1ljxA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2511331045&adf=2833722400&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753501&bpp=1&bdt=2103&idt=284&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280%2C730x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=845&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=289 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:15 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 9660 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CclKN-rBXZYj-Cde39fwPloSikASo1qrTc_-DkNHHEoiU-IezAhABIN-3sC9gvwWgAZffnsAByAEBqQLt25hfLvWoPqgDAcgDywSqBJgCT9A9pO64z7EsKVltOvOxZxhwsuCBAsHCE9jaNtn... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1...	0 0	103ms 102ms	Fetch text/css	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2212350866289889679418%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210846237748940898929%22}&andc=true Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H3 Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x10f860da201746f00000000000000000","2":"0xfaaee2402336dd100000000000000000","3":"0xfaf0d1da949046910000000000000000","4":"0xc14d94c41e51a3130000000000000000","5":"0xf4ee5f4bce8903c90000000000000000"},"debug_key":"12350866289889679418","debug_reporting":true,"destination":"https://ntronics.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["403156887"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"10846237748940898929"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 17 Nov 2023 18:29:16 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x10f860da201746f00000000000000000","2":"0xfaaee2402336dd100000000000000000","3":"0xfaf0d1da949046910000000000000000","4":"0xc14d94c41e51a3130000000000000000","5":"0xf4ee5f4bce8903c90000000000000000"},"debug_key":"12350866289889679418","debug_reporting":true,"destination":"https://ntronics.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["403156887"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"10846237748940898929"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response pagead2.googlesyndication.com/bg/ Frame 1E97	39 KB 15 KB	91ms 91ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2075473793&adf=2560393268&pi=t.ma~as.7121334551&w=480&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=480x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2103&idt=271&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=695&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:11:52 GMT content-encoding br x-content-type-options nosniff age 166644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15051 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 20:11:52 GMT
GET H2	200	IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response pagead2.googlesyndication.com/bg/ Frame AEB5	39 KB 15 KB	92ms 92ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=4108538649&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753495&bpp=4&bdt=2097&idt=244&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=6781277839410&frm=20&pv=2&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=260 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:11:52 GMT content-encoding br x-content-type-options nosniff age 166644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15051 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 20:11:52 GMT
GET H2	200	IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response pagead2.googlesyndication.com/bg/ Frame 99B7	39 KB 15 KB	93ms 92ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=3620254019&adf=3760600436&pi=t.ma~as.7121334551&w=730&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=730x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753500&bpp=1&bdt=2102&idt=279&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280%2C350x280%2C480x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=625&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=283 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:11:52 GMT content-encoding br x-content-type-options nosniff age 166644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15051 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 20:11:52 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 7C1E Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CTvGs-rBXZcD6CbCB9fwPu92SyAqp9-fhc_7C58noEdrZHhABIN-3sC9gvwWgAeqS8eEByAEJqQLt25hfLvWoPqgDAcgDywSqBP8BT9ALh7Rsw5OO2Rp9E90D1O_zNwJ76kjmPSrSU5Q6PUv... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x86c0796d0e555a220000000000000000%22,%222%22:%220x1c5718c11562f7930000000000000000%22,%223%22:%220x6521f8...	0 0	92ms 91ms	Fetch text/css	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x86c0796d0e555a220000000000000000%22,%222%22:%220x1c5718c11562f7930000000000000000%22,%223%22:%220x6521f8120b1724c60000000000000000%22,%224%22:%220x87b6af28473a62770000000000000000%22,%225%22:%220x949be4e5f51bcc030000000000000000%22},%22debug_key%22:%225146358058912954237%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222283423675309435665%22}&andc=true Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H3 Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x86c0796d0e555a220000000000000000","2":"0x1c5718c11562f7930000000000000000","3":"0x6521f8120b1724c60000000000000000","4":"0x87b6af28473a62770000000000000000","5":"0x949be4e5f51bcc030000000000000000"},"debug_key":"5146358058912954237","debug_reporting":true,"destination":"https://sterra.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["473713002"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2283423675309435665"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 17 Nov 2023 18:29:16 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x86c0796d0e555a220000000000000000","2":"0x1c5718c11562f7930000000000000000","3":"0x6521f8120b1724c60000000000000000","4":"0x87b6af28473a62770000000000000000","5":"0x949be4e5f51bcc030000000000000000"},"debug_key":"5146358058912954237","debug_reporting":true,"destination":"https://sterra.sg","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["473713002"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2283423675309435665"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response pagead2.googlesyndication.com/bg/ Frame A56B	39 KB 15 KB	98ms 97ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&h=280&slotname=7121334551&adk=2022696270&adf=3044448856&pi=t.ma~as.7121334551&w=350&fwrn=4&fwrnh=100&lmt=1700245753&rafmt=1&format=350x280&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245753499&bpp=1&bdt=2101&idt=266&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x280&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=562&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=270 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 20:11:52 GMT content-encoding br x-content-type-options nosniff age 166644 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15051 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 20:11:52 GMT
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	96ms 96ms	Preflight text/html	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x10f860da201746f00000000000000000%22,%222%22:%220xfaaee2402336dd100000000000000000%22,%223%22:%220xfaf0d1da949046910000000000000000%22,%224%22:%220xc14d94c41e51a3130000000000000000%22,%225%22:%220xf4ee5f4bce8903c90000000000000000%22},%22debug_key%22:%2212350866289889679418%22,%22debug_reporting%22:true,%22destination%22:%22https://ntronics.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22403156887%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210846237748940898929%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 18:29:16 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H3	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	103ms 102ms	Preflight text/html	64.233.170.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x86c0796d0e555a220000000000000000%22,%222%22:%220x1c5718c11562f7930000000000000000%22,%223%22:%220x6521f8120b1724c60000000000000000%22,%224%22:%220x87b6af28473a62770000000000000000%22,%225%22:%220x949be4e5f51bcc030000000000000000%22},%22debug_key%22:%225146358058912954237%22,%22debug_reporting%22:true,%22destination%22:%22https://sterra.sg%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22473713002%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222283423675309435665%22}&andc=true Protocol H3 Security QUIC, , AES_128_GCM Server 64.233.170.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sg-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 18:29:16 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 32C0	42 B 108 B	982ms 102ms	Fetch image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst__FLWilsDF1C5YajUu0-6IMZ7HX1B0AjaeANsNmd0uVQX3LQ_PG2PTS1jBTuev0rFbp4cGz2y9gV3BIawP92D9mAGRPYiX4C5wfj7GrQ7zIB650BxKx9yTvKzy3Mu_wmb_aPnJWzdNw&sai=AMfl-YTlNSI5jADu0EC2ottBg97ujFBJYI0iIa19Fp71k3EAGKBVEh5e_74VGGxuBkrJfkIYgM3Gq6AiWowsaOE7qfc_ndl9I8kyK5FqO8sVXiyEGgetOsl04kJCmbunT267rAfW2t-BcqR5jtRtlB2qqg&sig=Cg0ArKJSzJhpYuYSiUayEAE&cid=CAQSTwDICaaNOB7s2N-lScQx0JcyXh0ntPp-RFiqcjqT6RxkvIHU-hrQkWGNe1FAP4L04x4sWEeMA459TN_nMLLzaeZvIqz-mUHK61Sg6GqNCVEYAQ&id=lidar2&mcvt=1000&p=0,0,280,350&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2511331045&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700245753791&rpt=1782&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 32C0	0 0	97ms 97ms	Fetch image/gif	74.125.130.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstu182LrCTWBcm74507HNMxRATGJ5-06zAR4tjjY9c0ofu5bKNcLFnwHpEYVoITQNjMyS2vmhgR636IdqqrkfGpvTkQIMl3jwMaOsh_tqv4LZh0kU3J4THyqTCc5NKezFnJTR1wfhEzMuTzAupk5nOt92wUo43mzwI9pOffUCYt9rhpbmB6ymVbMBx8GScxASdvfkVuurOuH8bXUBsnETdhgaKZuIYkCoCX24UsDZlJcJfLTXPX4HAEp9SQ46HZJrxSX8XO39XnxBLV_xH2IV4wX_z6405GUwSuzVl5_9S4TLfPbQGNKBKbjFmlCv1jYrTgGRIlbJlvdHxqJOByhVNwWTF-SepUsswR38gOZJRq_NbWuZ8sqyi4sYjMTlfCqOTx1YyuGj47XFHaeMQhYyiVomP_RdbXPNUdElKvWCsaYZG5kiYW44oC1fMTAXuRV7MPgrylPcJNxmxJ4sXxhHedhh7QA03wS8-heMBGnvrtWKOSTKg7jX04mEM7SfdAOAo6npW1wJDfTa56lp63MDpM0_6nRxtfR9U0I81UmD7MAHJyScnBXwxSRg3zHHmCCFcUdxkP24qzLfXOL38WRQyKy77B2rZzU3mBHrPx3Oub406XHBVZnLKpnEOhlJ5wXbnLUkoG67_mSc3bSONXmKfAnCMAikuCxBWeWZHXFBcKiQsk9L6Kd72Cbu9aUW2nh0CrOC2x6YzpjLFc-a3w-xvcA4BMnCyDPAJR1fbgQ5P9FcwnKQcIH8K9gvdAyC4UZgaLhWZLqU2f5qxucmec3hGqWSFW4mA-0r3i3WjEMG5tIsHueRCbhGY0-oMY2Hx7LssQG6SsSWV4musajKpV0f2kLp8RDHtlSolK_I0mZ8X2Xbne-2QfMVhrUXWQJvb5wt53U62uvI1B_WTlNAbIbnkdF9IZyk4MsNOjkvc2Tp6Na-e5r4N7L4lpHvyJxedfDE0k3xArNLWfsQSadHdFLTF27FMKOUJqxHybIhOaOf_92fvS_EqkKnI2VukW7rnJKzl3Uat0rzFqKcN8L7iT4wD_ndqlo0ySOGRjbcCy7m6iE4mxK_7Sc7h65KXgmgRvtiU79Ch4OQQF3aabyss4ziqyHNN2ca0nL5GWugtnqExvPEnaD8O9aRHGgECsDgku33Xd7cdidUNkSAzObyMGr1nGgnul7pfx8SPGVaxBLSIuFi3blV0bISULs7LiRkxBE9VP4QIacGpTvpBbRLzbRQ9KUznHi50LgldI19GMz8knPBsC8yU_he9W-egUAY44zeKc_tNNOheUvYMKQEslxpfM5IOOTl_7gChDH8ctT3eVhgS59sOO6qWjN0q0CNUBg0NS5O3f1SZXOEW01KmbJPNctRnpsY4UmlM1nnWKkoN7N_QbwrdJT_cKUVbeOXppiE--X8gr6DAsyzEaYauvSYnVQDP5jC5W4iNDZaBI6qoIXDcLqz3T0rL4vw&sai=AMfl-YS6xyYh3DqoLwijiXLLDTNGIRoOc0IHi0NP-BTSo96g_G1HikPQVm_47ZJsQdjMC6N7ZLDRJAvWjQJEJhTRrdwDUX3ge0CjyXZ9crVfMn82igISqycjESv_ulSveT_4HVaSwr70g-kBvNs-5udXeQWsOP9XBK6g-j4uQ2SV-ORywuK3jLeEc4lFBVFKIBpb3t0MfFALjxWUSBJpNRxLKbkic3NZfX7IQUfJiSTbkTopeVf3u8lh4soCP77CcAqHdhuvX_8WY6f9w39pPK76KUmqMDB29d4PxMyFkDmMTsdxTHbzIBuCYBfZntzVJnGuojjC&sig=Cg0ArKJSzLqWH1oJSR5aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1861&vt=11&dtpt=995&dett=3&cstd=1856&cisv=r20231109.01653&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.130.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS sb-in-f154.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:16 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	SG_CFD_Price-2-Singapore-300x250-638333240865800417-0b3f8932-6f3b-4d00-bbb0-04e3f3386fab.html Show response s0.2mdn.net/sadbundle/10489061135955787776/ Frame 2D4D	6 KB 2 KB	91ms 91ms	Document text/html	142.251.10.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/10489061135955787776/SG_CFD_Price-2-Singapore-300x250-638333240865800417-0b3f8932-6f3b-4d00-bbb0-04e3f3386fab.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f149.1e100.net Software sffe / Resource Hash 85e02eb1bf03b2a897816fcd2f5ee506cf31b37e312193213ce3c3b77e17a5f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 112987 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 1857 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 16 Nov 2023 11:06:09 GMT expires Fri, 15 Nov 2024 11:06:09 GMT last-modified Thu, 19 Oct 2023 14:54:55 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	get_counts Show response count-server.sharethis.com/v2.0/	145 B 507 B	386ms 101ms	Script text/javascript	13.224.250.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566 Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.250.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-250-110.sin52.r.cloudfront.net Software / Resource Hash 7eed4030cab2a91caaed0503baef0cd063c2101291085165e7bad72689bebfd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:27:55 GMT via 1.1 314aa53e803ca952f52cb68ad4be899e.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN52-C2 age 82 etag e516ad4c52c0067ad636e52ea9b6829d x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=900 content-length 145 apigw-requestid OjiKzhtOIAMEafA= x-amz-cf-id UOLFJPVMhOHQaIMOeyHcr8gFoQeKhx7TnVBtgirccvZDxwMlKzyGhg==
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame F38A	61 KB 35 KB	111ms 110ms	Document text/html	142.251.12.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f104.1e100.net Software GSE / Resource Hash 0a2a772fb50e30e77c23d774baf6b1a5454407419d5b2ebebf092d75f7520579 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0Pyo33Ei4jA7wXZJ5G5G9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-0Pyo33Ei4jA7wXZJ5G5G9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:16 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	842ms 104ms	XHR application/json	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash fd5fce819f31b6a9eb63ee8b315617cdec097ea2113f9b121caa61f576400272 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12485 x-xss-protection 0
GET H2	200	facebook.svg platform-cdn.sharethis.com/img/	301 B 743 B	675ms 97ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/facebook.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 03 Nov 2023 00:07:07 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN2-P1 age 1275731 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 301 last-modified Thu, 10 Oct 2019 01:20:12 GMT server AmazonS3 etag "c6e9be45643e197ce1db1d7e24a99adc" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id QP4aWMkM9a0dkIj4InuCvvDbPRRvuUBRiPcJb-01a_oTdcRfzBDELg==
GET H2	200	whatsapp.svg platform-cdn.sharethis.com/img/	832 B 1 KB	676ms 98ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/whatsapp.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 06 Nov 2023 03:10:36 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN2-P1 age 1005521 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 832 last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 etag "afe7fc60ed757db39a88d2950fce69c9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id lutxJO1aHKTfYvp8d8EUJGaBa9ERtUfjD2zykkOHRqg8oxlDzH3mjg==
GET H2	200	messenger.svg platform-cdn.sharethis.com/img/	372 B 815 B	677ms 99ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/messenger.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 10:54:45 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN2-P1 age 113672 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 372 last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 etag "a5aa43fa302867d3e888ac2f69b7b288" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id _K-mDHTL1DybtwMqq_yoZLF52BAoOyBEcL1j8eDQoqfK_aK3JH-Frg==
GET H2	200	twitter.svg platform-cdn.sharethis.com/img/	368 B 777 B	682ms 104ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/twitter.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:25:34 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 15 Sep 2023 16:58:49 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 223 x-amz-server-side-encryption AES256 etag "2deb3d5121d475d195577a70b0a91a0c" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 368 x-amz-cf-id c0jVgZ4ZNf1P1Kq69ax2mLO-uWxFEkKBk2qicbejqzf7IzhoPlG99Q==
GET H2	200	telegram.svg platform-cdn.sharethis.com/img/	858 B 1 KB	317ms 105ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/telegram.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:28:45 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 12 Aug 2022 01:07:51 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 32 x-amz-server-side-encryption AES256 etag "e3f5e90fa57764cd951db1b1bc688edd" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 858 x-amz-cf-id zb9Oou8E7XSyJf_-p5rzzf-OWKa3pEivZqjFbBQ_f3MGBPevc9_QmA==
GET H2	200	sharethis.svg platform-cdn.sharethis.com/img/	514 B 955 B	123ms 122ms	Image image/svg+xml	13.33.33.76 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/sharethis.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-76.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 08 Nov 2023 06:54:17 GMT via 1.1 8248a9421b8bab0850ae6bce48a54636.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop SIN2-P1 age 819301 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 514 last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 etag "deecdaa377907db5cc1722fc831670a1" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id 156dxx1DWnK9qnAlXK_2gO84Yy8INFsNNcxYcOiCiKmEXSYvf8qVCg==
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5814	50 KB 19 KB	433ms 431ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5593337033211433&output=html&adk=1812271804&adf=3025194257&lmt=1700245756&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fuserupload.in%2Fysq2doxs9566&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700245756701&bpp=3&bdt=5304&idt=3&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da93b1fa4d052204b%3AT%3D1700245754%3ART%3D1700245754%3AS%3DALNI_MZdbnwvp3zuTaUGi_Xr1yBY-hltsQ&gpic=UID%3D00000c8cc094eaf4%3AT%3D1700245754%3ART%3D1700245754%3AS%3DALNI_MZHOoRn1GoQKfAruVZlCcV9iJzVvA&prev_fmts=350x280%2C350x280%2C480x280%2C730x280%2C350x280&nras=1&correlator=6781277839410&frm=20&pv=1&ga_vid=1126928332.1700245753&ga_sid=1700245753&ga_hid=160287129&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532604%2C31079605%2C31079758%2C44795921%2C31078297%2C31079772%2C44807751%2C44807763%2C44808148%2C44808284%2C44809055&oid=2&psts=AOrYGsmzvvW2jVG3p1_kFYYCh_4xWLmeZho5YgoTMfwxF4gG3lq-hLetzu98GTrrzO1LqbAYfQcVZTswoXZ2gihk15GS15oA%2CAOrYGsm45sl5yFgxzLDFCCRPb9dMnVCenbVbMnnBY-jRqN2dQ7_in-MC54ZwJfUteALXPEkSAegjHJfoSeVPgznZb9Am-CJD%2CAOrYGsmjj748MgCmcejX7bzDa7JYYkhyLLd02wfFLhIiXFD9YsyLYQqu-zIuPWjP1m6iUAIHTU1XpbfKbquHkDmY0_SqirRm%2CAOrYGsniKLWKOfQ5AtDFmTpeciVb8V_w1I3et0L4bDVMJnKSno_lTRqsDe-5NploWAsUUJAFWFrWCvJik8xUp7AGQl5l8Nuw%2CAOrYGslIjoDRnqmDaIxHHkEgR9tf1O67zqJqX2ms43Xj4llbCwWo3PYrtEvW-FtjeHyvKZOJrSTPCHycZ7aAErkcFFSeDJE1&pvsid=4382104723001976&tmod=790754460&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&dtd=58 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash f50b1a36a524b3b840510add808bfb78f1434f61e0619aee74d7c3050b438bfc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 19843 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:17 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	65314322843eb9eeda76b60d Show response c.bannerflow.net/a/ Frame 2D4D	74 KB 25 KB	727ms 153ms	Script application/javascript	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/a/65314322843eb9eeda76b60d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4phTuO_n1ErW2nRBs7QKS9xbIp_4K9ylGs8DdnWpMMrPq1UnvfcRByxnMa5tAFQM2CDpaH3oCwvqJodMHfrExFMriFXBM0HOyEZWpnZnpKBfA17N7aD7AfCzVmnCZbIbva56QacJpKfc2lFDtylKqkc3tLO6Uc5CeH-8oZLXQ7BAEqDuK5M0iGSjlZTD2JeHpRl-2cnULsmbEZ7etHns-86_7RmKL97PMAIPgo8-mmfrs_dPDxCuY6gBOPwU7jPJJBkPjz6cV00QgbiePIgcoiuxAkTBlqLkecsUFKe9wQkyzWmHWgXOlrKkrnOgSxMHdItBPKeOJIpUXGQEpqDHaoCKT9olDaOnafvo4sAPGLAIbhLCuaGTKO0u6R_-mh9hWxa-Z8xgKHB8TFqXhrRiLXNhaxK13651Gs7rsKPnA_-WkviA3wWPuGtp1q_31kYfDW5Nx0yJooTcVED9Cv848CZQvE9wYi9-kBvMpNDKA200tLZZmbc6OJYMGoDfusCNyR1LsFL6nCHRmqb-K0TEqF2a0kc8CH8FhymwYVggwXn_7x_5LDlrw9Nf_XaRWOQhooXIMcIb6HvKSe2Q1et8zj_yG3pTOdzr-1LTJd49NA15oY5DqCQi_fxe92XjfTsuHfzfn3ZNuHSA1Caysg2hqYxCfMewn2UhiohiVJmOw_Wu4_OeZhkuQiVAjRsOCk022KExKHU2uqYcvPiBmmIt8SVu9jSUKYhuOffYf9Ye7xRyHS1om28ZkKigRFadyJVI5WpErkc-hAh2N--H6_nDW-kXg7R4O_E1bUtDsdPbW6_eLIkQQmm58FSQZSP3P0dUWansu0AzFdnlfYdIb2ouXFe9eLHbL_UjZSU_06rMeifc0h6qzWUn9Axknh8KZgv_mNiPZzTLG4UdlRV-v6JtK2MU3wLbw1MyYRkOw6dftWTLFuC_dX6KQVqbH4uDW348bYR-qDkEamuLJQz81xj3rGBEgkhmOBke71DYLglbRbj3FLjkmrUkfEZRuy3RCSC_4uSUZCn7UiWfIYxrGHxLAJdaUalyol6kqOw4NrHx8Se8B-M19uI7XpOKkkxLV8_GlZJvEsdlmTOSzK7q_MbVXMnvKgx3P-cwuOoBvh1g4oe9Gq7GwI_HUJD1tG4gS9XYrpHnZyoiHY0AbQbTYCxpZ6ziTjTsjCN-Fuv7ZINtCuNokoAqcp-mKJ52DcslwX2WZ5oufYCmqLdDCsawAO0kxwKO73DzQXfPXix4mC4KOQN0Q4_3wdTbcXwokelkH9qZlQhA9Y1V60dI_dRSSQg8nvFf6kXjvLJ-ObikrGP6fG2ryV1MqEcItvIFmkgQWowNBAMfzfH04mq1TXsrdUoRyqY2JqGn3GBSHt0lPfaeQoiqV7x-haaTURXKZrGrj5Zz4b8DWEFMYM9xUPzjnfg4_a9ddJB2BzJefVjq1Xu99tjmgPDa0MJWMXL-iSyB_rBVXli-sYg%26sai%3DAMfl-YTzsGb4IE1Jca35lG9rfEw0RbmNTKLcQXEZj3UWfUQr9s1HIrOmmZbOSFGoWYzkw4E5dEYeoN3NnInhGiY6BTfs9xYTXzAUTbgw59uGFVfXXTGM5L8Qdv2K03pPDF56gA5RY3XqxTOk54mZM3VeQac6Bmce9XaBfpHEkCHcWEtegpPs7SLV-Png4fvnI0hlxd-zGIlvjF0i9ICiJkAcaMcMsD2iGHFpq6qm_AjDzlG8dFEstPfnbF-wyJNDxSLWi9h8sd_M95HQft8yx3nPLe1bIhTZtC1tdwdD69bA41OsLpeZPLp2PgfIJRu-bWoJ9SE5tctGlOROKHqAfg%26sig%3DCg0ArKJSzBtnB6dU19TOEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10489061135955787776/SG_CFD_Price-2-Singapore-300x250-638333240865800417-0b3f8932-6f3b-4d00-bbb0-04e3f3386fab.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cc4d12397502efab2b983d31b78c85b985e468c3c6ed16e1a003cb8c86ab1de Request headers accept-language zh-SG,zh;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br cf-cache-status MISS last-modified Fri, 17 Nov 2023 18:29:17 GMT server cloudflare vary Accept-Encoding content-type application/javascript cache-control public, s-maxage=10 cf-ray 827a09d02bee4014-SIN request-context appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F38A	55 KB 24 KB	96ms 95ms	Stylesheet text/css	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:01:36 GMT content-encoding gzip x-content-type-options nosniff age 214060 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 07:01:36 GMT
GET H2	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame F38A	474 KB 188 KB	107ms 106ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:12:19 GMT content-encoding gzip x-content-type-options nosniff age 213417 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 07:12:19 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9660	42 B 404 B	556ms 100ms	Fetch image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSxbvnMxjUPfAcZBuWYKEQzB20O7nJfDJXEYB5fOsq9ruJlV5jkB8uENcggE0xdP3OTN07UBzZvcSICKisyJGUpMAPwUNUp_pfv75G14hn-bGr89Cb5nI00tUzsXJyIqnO8nzQC0ffRQ&sai=AMfl-YT3lOH3_uxwZAmtXjNNu8k-kf99HZfaHVmrx0F6MC5Dhko-zdJR8KwB0NXEPOtBwyKSJSuRGO-bnnli8HgjuLamkOnhIbd_8ZjEdd7B93EysKnuHsQAgCulysKn_C04Q7l_6p778Ek9oNTP1KeN&sig=Cg0ArKJSzEb_hJvrpR1xEAE&cid=CAQSTgDICaaN0l4quvYTG8q_LqaGUNdx3spybm6nfMW605JWJ9pOfWBVjs-ocTMfq0uhk1t6jSO0OWlFOWPkWUXyEr11b0CFKapFOabtUFeY6xgB&id=lidar2&mcvt=1000&p=0,0,280,480&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2075473793&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700245753777&rpt=2238&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame F38A	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame F38A	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame F38A	2 KB 2 KB	99ms 97ms	Image image/png	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 05:52:55 GMT x-content-type-options nosniff age 218182 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Wed, 22 Nov 2023 05:52:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame F38A	15 KB 15 KB	93ms 93ms	Font font/woff2	142.250.4.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f94.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:49:07 GMT x-content-type-options nosniff age 214810 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:49:07 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5557	42 B 108 B	477ms 101ms	Fetch image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH1hrafZgSXraLnOF74hlw-PHbXVXr2hnrBzdCyfyWxBwhs4XOYqNpwJRFoeEX1NQeDsQEHTCPPrWgxm3loyHEbMLI7mVn_TCRLnqQTIsxLvTw7B18_5BSIMXlb1nVReTqrmcz4wTK2Q&sai=AMfl-YR3wD7fbGYhUC4obseWX9yraFDcwNOiAZFwD8K_jARmB-6gglA3NMGdV0kej1hLXKeIGa9RHmAmNHWLMXB3N3Eq-uWJ8__nRWIQjLTX5NnPZWme63P03J9QioZQESjnznmp9nKxSGVA0oP6EDsa&sig=Cg0ArKJSzPiCPmxSAfwxEAE&cid=CAQSTgDICaaN3EdaNxnyRFGteUyN9pTZCOI4BLWI6SF7rpVkJnNIKMETnmiQU5nL2RMsYtaOCcFkuV9RO_BsQV8TNsJXXQBYgBChUG8EsP9eRRgB&id=lidar2&mcvt=1051&p=0,0,280,350&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2022696270&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700245753758&rpt=2287&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	webworker.js www.google.com/recaptcha/api2/ Frame F38A	105 B 212 B	105ms 103ms	Other text/javascript	142.251.12.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f104.1e100.net Software GSE / Resource Hash 4787f9e735e3032fa6116ee02971beb9601559533e788b87f61511b333b0163d Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5&co=aHR0cHM6Ly91c2VydXBsb2FkLmluOjQ0Mw..&hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=rwhns12c5ek7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=utf-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 17 Nov 2023 18:29:17 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7127	42 B 108 B	468ms 103ms	Fetch image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ2Pvczr9xiAEpbKqfXIKwFwzclI-R4vSRSZDpsIv2QptUuvfjb9_-tneqfzUaN2dJfp5bWgtyCw4UE8pycwxpWcnqmdkW16xfsuwTq9jHhOZSuW7ceKShxTAD-pKwUexC5h0lguKW1PfgE4fIF8ydEJI40Ij7vI9_Im7jcW6j-UOwFG7HrWhU9GAopZnh6DjIP7oq2ObE5sTaiEV5-p2DLmz6wCK7XG5wFGviJ5tksDx4u6u7QLc4358TAF8llPKSzA-Dqn4kP1lhmh-zmCpMJSQBkQ7RPnUH7Kq_hQadeOsEp3JHEDp5c3OkQPv9oPbV1Pvs4YDQASyBMBjU_fJ_FpqVdneH8ejGS1KTQQKEa6ygdWNyCAMhhdqIorgfo45YZbrsmJeIs6419cgKwUSpt8H_83XOfQgyn3DznaBv8lgMhthtB0cNIv8lCcqhYkktr_sZ3I42DDtG9Bxl1PbEqYY7mEWlcJk0yBpaEVWw5Geywopbd1j47N6TuuC3TLby-kAV4ACBNl5BRBTqt_8J1xlFlYAHXk5oA2vBxSkrnDyyrDtcMh7PPMke_8FJp_Ozmb16pFZ-jq-rD_rVvhmrELpFTRu9EoJerOU5DX3fg3BMI3FF0H45NR9CZNJaBgR8_qrUdnfc29tcZUqsXMIcUBQmLNZjGPgrs1u5E39Puc0VVVyINVwQ7sycUivAKWYKIz53y_7Wn0inIPcs4ThWVIfr-0M4gVpSrbA54FvQDWnTAn_4-6DlkHTE453Nl4nEYLdA0208mAyNjt7ZmMv1wM7-mP0meDcQfE-XLwpAsnNXDh8bHc061zu1uqp_PETq9dbLG3688TIJdNcWAN0uXUeHlMKW1xlvUQWy8MPAqfvVyLyT6FmCs9J0SZUu3ufREBGu_u94e4fN0eToCQgLzVXvkOaKI8JbAgDZikYlt0pJsrfiq2N0XtSae2bEYh7rFHVqJIn1MFjL2Frd56fAqmd29ov-8CyK8BUCXQpbh1cg0w7g6MZs7Gj1QUNlsOwLw3QAZYFF2f3xNkK0eBEOR1EVfIJpJaTR0BesBLDpVucl3FIaGBaupULd48g6BtlQoAF4lXfOlTJz-oIYVuEF6Rg4o13SkOtYKCOYLU_KIZrtMWNOhZo5Wa_LpGpHikyrVVDH_8HvIyJyyWShoLdjy_BOzgfRr0UNCka_qiirA5QBjx9yOkIj46BBS6OjPkV8NrFqfVyP5-iGX4puMc6lvzQ-NlXLdF1kJYXEriqsuwnZm19iD_DyrtLXeF3TQqKWD3qvHEP4yThwDXltYKDIaHEjKVD2-1-rwAgrmh-i35dIodn3MFyJoA6umuUBtqUIxQM7bRd-Lbv_3RSSvPVhdxoNbFBTjbzB8Io3XHRdwSQOO9iFzv547YSPeF6mBSsYQ0LIvTw3PvdTJ5o50Fo8_9L3JuaMk-r_2LY9Ytc7dPsd37EokJ4fIsM&sai=AMfl-YR8V4Pc9vk6DwuzjOJwRVPAD5vxGUpCrLMWUhBZh1L_JSTEy6WD4Wiknb9EfRVpo2G_1GSr3jnZQ24GSMaSmrrY2jANhY8pZPecdk-ZMsIMNFStbgfdB08FSQQBN7RVlo6akDn0pNJ982VmYbcufMm0CdrDTSdBMlJdEWI&sig=Cg0ArKJSzD-KND7Sqey0EAE&cid=CAQSTwDICaaNsCALH6XPj3oO9UfUhvr_BgKkn2UipSointdMW1fhm6w3FwDs75TAqySDv1w7TM0HwdxPzXeZnlbF_jDcOQDtWymb0B4LsCvhIvAYAQ&id=lidar2&mcvt=1043&p=0,0,280,730&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3620254019&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700245753784&rpt=2279&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7C1E	42 B 108 B	419ms 102ms	Fetch image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCeJf1rjY6wTpArgUPq8Iz4_VzislYwubA9fGq4KnSw2z0BCznEw5uZ4dQrpb1ntvy4K-fR-C7ND0eX8saQ7Ffe_a2AaE9aBeyunojfJJXawL4uOv-xKwoMja8BmTNx7IS9yhSO3jJzpRVNLCg5Y8PZswYeEcnPRIoM1Xj&sai=AMfl-YQihb9-dy6eW9_2i5Ba7uj9dTp3XWM0NOxz-RuocsH3q5KGF84i3a8j0hoim4N6Ntw89G5QUSyO6MpGSh7MNYFRlog92jiNIlheeTZrKXi3R3DjuHMUkVZvHP4qTr3VMjU4CqqLJ9GAcH7BgJg&sig=Cg0ArKJSzEAOoNtU-DAjEAE&cid=CAQSTQDICaaNVroCeGH9D-BxHsewWohrBeMBEcH2EMlavSqDJYplodJQlTo0xa81SebMuTdkhcrbSZZCphYyG_5k2tBvaOkyO-0uSMs38TgSGAE&id=lidar2&mcvt=1038&p=0,0,280,350&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2022696270&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700245753770&rpt=2347&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	160 KB 55 KB	106ms 105ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079772 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash a77b96c30b6e391f8d4d3752e22c3456c1cdd251042cfc0993cb3e31aef93bdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55802 x-xss-protection 0 server cafe etag 2326492050979750078 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 17 Nov 2023 18:29:17 GMT
GET H2	200	bframe Show response www.google.com/recaptcha/api2/ Frame D074	7 KB 1 KB	107ms 105ms	Document text/html	142.251.12.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f104.1e100.net Software GSE / Resource Hash a5880b6d9f1f4b405dd4474a25461bf6ebccadc472d150d2a5a4b01dc06f3eb2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-iM4uWugrTDAfrdZ7xCRhtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-iM4uWugrTDAfrdZ7xCRhtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:17 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D074	55 KB 24 KB	106ms 106ms	Stylesheet text/css	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:01:36 GMT content-encoding gzip x-content-type-options nosniff age 214061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 07:01:36 GMT
GET H2	200	recaptcha__zh_cn.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame D074	474 KB 188 KB	107ms 107ms	Script text/javascript	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__zh_cn.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-CN&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lexb0gUAAAAABsOIDHHHhDLRvLcFa5PLVWWABl5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 4cc987f62e0b9441dd048b42e0aadb743c8d08b29efeb685fbc37f5812fb0e41 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:12:19 GMT content-encoding gzip x-content-type-options nosniff age 213418 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192746 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 14 Nov 2024 07:12:19 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 37CB	9 KB 4 KB	90ms 90ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 41026 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 07:05:31 GMT etag 16674218716276178799 expires Fri, 01 Dec 2023 07:05:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	95ms 91ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js?bust=31079772 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 17 Nov 2023 18:29:17 GMT
GET H2	200	widget.e53c0145f118df2f5218.js Show response c.bannerflow.net/scripts/ Frame 2D4D	24 KB 9 KB	133ms 132ms	Script application/javascript	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/scripts/widget.e53c0145f118df2f5218.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/65314322843eb9eeda76b60d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4phTuO_n1ErW2nRBs7QKS9xbIp_4K9ylGs8DdnWpMMrPq1UnvfcRByxnMa5tAFQM2CDpaH3oCwvqJodMHfrExFMriFXBM0HOyEZWpnZnpKBfA17N7aD7AfCzVmnCZbIbva56QacJpKfc2lFDtylKqkc3tLO6Uc5CeH-8oZLXQ7BAEqDuK5M0iGSjlZTD2JeHpRl-2cnULsmbEZ7etHns-86_7RmKL97PMAIPgo8-mmfrs_dPDxCuY6gBOPwU7jPJJBkPjz6cV00QgbiePIgcoiuxAkTBlqLkecsUFKe9wQkyzWmHWgXOlrKkrnOgSxMHdItBPKeOJIpUXGQEpqDHaoCKT9olDaOnafvo4sAPGLAIbhLCuaGTKO0u6R_-mh9hWxa-Z8xgKHB8TFqXhrRiLXNhaxK13651Gs7rsKPnA_-WkviA3wWPuGtp1q_31kYfDW5Nx0yJooTcVED9Cv848CZQvE9wYi9-kBvMpNDKA200tLZZmbc6OJYMGoDfusCNyR1LsFL6nCHRmqb-K0TEqF2a0kc8CH8FhymwYVggwXn_7x_5LDlrw9Nf_XaRWOQhooXIMcIb6HvKSe2Q1et8zj_yG3pTOdzr-1LTJd49NA15oY5DqCQi_fxe92XjfTsuHfzfn3ZNuHSA1Caysg2hqYxCfMewn2UhiohiVJmOw_Wu4_OeZhkuQiVAjRsOCk022KExKHU2uqYcvPiBmmIt8SVu9jSUKYhuOffYf9Ye7xRyHS1om28ZkKigRFadyJVI5WpErkc-hAh2N--H6_nDW-kXg7R4O_E1bUtDsdPbW6_eLIkQQmm58FSQZSP3P0dUWansu0AzFdnlfYdIb2ouXFe9eLHbL_UjZSU_06rMeifc0h6qzWUn9Axknh8KZgv_mNiPZzTLG4UdlRV-v6JtK2MU3wLbw1MyYRkOw6dftWTLFuC_dX6KQVqbH4uDW348bYR-qDkEamuLJQz81xj3rGBEgkhmOBke71DYLglbRbj3FLjkmrUkfEZRuy3RCSC_4uSUZCn7UiWfIYxrGHxLAJdaUalyol6kqOw4NrHx8Se8B-M19uI7XpOKkkxLV8_GlZJvEsdlmTOSzK7q_MbVXMnvKgx3P-cwuOoBvh1g4oe9Gq7GwI_HUJD1tG4gS9XYrpHnZyoiHY0AbQbTYCxpZ6ziTjTsjCN-Fuv7ZINtCuNokoAqcp-mKJ52DcslwX2WZ5oufYCmqLdDCsawAO0kxwKO73DzQXfPXix4mC4KOQN0Q4_3wdTbcXwokelkH9qZlQhA9Y1V60dI_dRSSQg8nvFf6kXjvLJ-ObikrGP6fG2ryV1MqEcItvIFmkgQWowNBAMfzfH04mq1TXsrdUoRyqY2JqGn3GBSHt0lPfaeQoiqV7x-haaTURXKZrGrj5Zz4b8DWEFMYM9xUPzjnfg4_a9ddJB2BzJefVjq1Xu99tjmgPDa0MJWMXL-iSyB_rBVXli-sYg%26sai%3DAMfl-YTzsGb4IE1Jca35lG9rfEw0RbmNTKLcQXEZj3UWfUQr9s1HIrOmmZbOSFGoWYzkw4E5dEYeoN3NnInhGiY6BTfs9xYTXzAUTbgw59uGFVfXXTGM5L8Qdv2K03pPDF56gA5RY3XqxTOk54mZM3VeQac6Bmce9XaBfpHEkCHcWEtegpPs7SLV-Png4fvnI0hlxd-zGIlvjF0i9ICiJkAcaMcMsD2iGHFpq6qm_AjDzlG8dFEstPfnbF-wyJNDxSLWi9h8sd_M95HQft8yx3nPLe1bIhTZtC1tdwdD69bA41OsLpeZPLp2PgfIJRu-bWoJ9SE5tctGlOROKHqAfg%26sig%3DCg0ArKJSzBtnB6dU19TOEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccc73644afcea0862b8aec123ddee9e17c8a2cd8e82f8526e63700a5d4e4e3cf Request headers accept-language zh-SG,zh;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br cf-cache-status HIT content-md5 O/JEW+6nwDFyi4qO2v1f5Q== age 579436 cf-polished origSize=24228 x-ms-lease-status unlocked cf-bgj minify last-modified Fri, 18 Aug 2023 11:29:30 GMT server cloudflare etag W/"0x8DB9FDE635FCEFB" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 8514cd92-801e-0021-573e-14f1a8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 827a09d17cf34014-SIN
GET H2	200	document.000000DC341A61.js Show response c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5152565/7252651/ Frame 2D4D	105 KB 27 KB	138ms 137ms	Script application/javascript	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/published/5152565/7252651/document.000000DC341A61.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/65314322843eb9eeda76b60d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4phTuO_n1ErW2nRBs7QKS9xbIp_4K9ylGs8DdnWpMMrPq1UnvfcRByxnMa5tAFQM2CDpaH3oCwvqJodMHfrExFMriFXBM0HOyEZWpnZnpKBfA17N7aD7AfCzVmnCZbIbva56QacJpKfc2lFDtylKqkc3tLO6Uc5CeH-8oZLXQ7BAEqDuK5M0iGSjlZTD2JeHpRl-2cnULsmbEZ7etHns-86_7RmKL97PMAIPgo8-mmfrs_dPDxCuY6gBOPwU7jPJJBkPjz6cV00QgbiePIgcoiuxAkTBlqLkecsUFKe9wQkyzWmHWgXOlrKkrnOgSxMHdItBPKeOJIpUXGQEpqDHaoCKT9olDaOnafvo4sAPGLAIbhLCuaGTKO0u6R_-mh9hWxa-Z8xgKHB8TFqXhrRiLXNhaxK13651Gs7rsKPnA_-WkviA3wWPuGtp1q_31kYfDW5Nx0yJooTcVED9Cv848CZQvE9wYi9-kBvMpNDKA200tLZZmbc6OJYMGoDfusCNyR1LsFL6nCHRmqb-K0TEqF2a0kc8CH8FhymwYVggwXn_7x_5LDlrw9Nf_XaRWOQhooXIMcIb6HvKSe2Q1et8zj_yG3pTOdzr-1LTJd49NA15oY5DqCQi_fxe92XjfTsuHfzfn3ZNuHSA1Caysg2hqYxCfMewn2UhiohiVJmOw_Wu4_OeZhkuQiVAjRsOCk022KExKHU2uqYcvPiBmmIt8SVu9jSUKYhuOffYf9Ye7xRyHS1om28ZkKigRFadyJVI5WpErkc-hAh2N--H6_nDW-kXg7R4O_E1bUtDsdPbW6_eLIkQQmm58FSQZSP3P0dUWansu0AzFdnlfYdIb2ouXFe9eLHbL_UjZSU_06rMeifc0h6qzWUn9Axknh8KZgv_mNiPZzTLG4UdlRV-v6JtK2MU3wLbw1MyYRkOw6dftWTLFuC_dX6KQVqbH4uDW348bYR-qDkEamuLJQz81xj3rGBEgkhmOBke71DYLglbRbj3FLjkmrUkfEZRuy3RCSC_4uSUZCn7UiWfIYxrGHxLAJdaUalyol6kqOw4NrHx8Se8B-M19uI7XpOKkkxLV8_GlZJvEsdlmTOSzK7q_MbVXMnvKgx3P-cwuOoBvh1g4oe9Gq7GwI_HUJD1tG4gS9XYrpHnZyoiHY0AbQbTYCxpZ6ziTjTsjCN-Fuv7ZINtCuNokoAqcp-mKJ52DcslwX2WZ5oufYCmqLdDCsawAO0kxwKO73DzQXfPXix4mC4KOQN0Q4_3wdTbcXwokelkH9qZlQhA9Y1V60dI_dRSSQg8nvFf6kXjvLJ-ObikrGP6fG2ryV1MqEcItvIFmkgQWowNBAMfzfH04mq1TXsrdUoRyqY2JqGn3GBSHt0lPfaeQoiqV7x-haaTURXKZrGrj5Zz4b8DWEFMYM9xUPzjnfg4_a9ddJB2BzJefVjq1Xu99tjmgPDa0MJWMXL-iSyB_rBVXli-sYg%26sai%3DAMfl-YTzsGb4IE1Jca35lG9rfEw0RbmNTKLcQXEZj3UWfUQr9s1HIrOmmZbOSFGoWYzkw4E5dEYeoN3NnInhGiY6BTfs9xYTXzAUTbgw59uGFVfXXTGM5L8Qdv2K03pPDF56gA5RY3XqxTOk54mZM3VeQac6Bmce9XaBfpHEkCHcWEtegpPs7SLV-Png4fvnI0hlxd-zGIlvjF0i9ICiJkAcaMcMsD2iGHFpq6qm_AjDzlG8dFEstPfnbF-wyJNDxSLWi9h8sd_M95HQft8yx3nPLe1bIhTZtC1tdwdD69bA41OsLpeZPLp2PgfIJRu-bWoJ9SE5tctGlOROKHqAfg%26sig%3DCg0ArKJSzBtnB6dU19TOEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 701ac709028d35cca917472ef91e0c3dae7cec430ea993a15880a6488ff58e28 Request headers accept-language zh-SG,zh;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br cf-cache-status HIT content-md5 fsghb972XTKD2w8n5rc2tg== age 692365 cf-polished origSize=111212 x-ms-lease-status unlocked cf-bgj minify last-modified Fri, 08 Sep 2023 13:13:20 GMT server cloudflare etag W/"0x8DBB06D5FC01DB5" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 32dd4c3f-401e-002e-5037-1387c4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 827a09d17cf44014-SIN
GET H2	200	animated-creative.b105a4e6577fb08357fd.js Show response c.bannerflow.net/scripts/ Frame 2D4D	156 KB 53 KB	160ms 159ms	Script application/javascript	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/65314322843eb9eeda76b60d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4phTuO_n1ErW2nRBs7QKS9xbIp_4K9ylGs8DdnWpMMrPq1UnvfcRByxnMa5tAFQM2CDpaH3oCwvqJodMHfrExFMriFXBM0HOyEZWpnZnpKBfA17N7aD7AfCzVmnCZbIbva56QacJpKfc2lFDtylKqkc3tLO6Uc5CeH-8oZLXQ7BAEqDuK5M0iGSjlZTD2JeHpRl-2cnULsmbEZ7etHns-86_7RmKL97PMAIPgo8-mmfrs_dPDxCuY6gBOPwU7jPJJBkPjz6cV00QgbiePIgcoiuxAkTBlqLkecsUFKe9wQkyzWmHWgXOlrKkrnOgSxMHdItBPKeOJIpUXGQEpqDHaoCKT9olDaOnafvo4sAPGLAIbhLCuaGTKO0u6R_-mh9hWxa-Z8xgKHB8TFqXhrRiLXNhaxK13651Gs7rsKPnA_-WkviA3wWPuGtp1q_31kYfDW5Nx0yJooTcVED9Cv848CZQvE9wYi9-kBvMpNDKA200tLZZmbc6OJYMGoDfusCNyR1LsFL6nCHRmqb-K0TEqF2a0kc8CH8FhymwYVggwXn_7x_5LDlrw9Nf_XaRWOQhooXIMcIb6HvKSe2Q1et8zj_yG3pTOdzr-1LTJd49NA15oY5DqCQi_fxe92XjfTsuHfzfn3ZNuHSA1Caysg2hqYxCfMewn2UhiohiVJmOw_Wu4_OeZhkuQiVAjRsOCk022KExKHU2uqYcvPiBmmIt8SVu9jSUKYhuOffYf9Ye7xRyHS1om28ZkKigRFadyJVI5WpErkc-hAh2N--H6_nDW-kXg7R4O_E1bUtDsdPbW6_eLIkQQmm58FSQZSP3P0dUWansu0AzFdnlfYdIb2ouXFe9eLHbL_UjZSU_06rMeifc0h6qzWUn9Axknh8KZgv_mNiPZzTLG4UdlRV-v6JtK2MU3wLbw1MyYRkOw6dftWTLFuC_dX6KQVqbH4uDW348bYR-qDkEamuLJQz81xj3rGBEgkhmOBke71DYLglbRbj3FLjkmrUkfEZRuy3RCSC_4uSUZCn7UiWfIYxrGHxLAJdaUalyol6kqOw4NrHx8Se8B-M19uI7XpOKkkxLV8_GlZJvEsdlmTOSzK7q_MbVXMnvKgx3P-cwuOoBvh1g4oe9Gq7GwI_HUJD1tG4gS9XYrpHnZyoiHY0AbQbTYCxpZ6ziTjTsjCN-Fuv7ZINtCuNokoAqcp-mKJ52DcslwX2WZ5oufYCmqLdDCsawAO0kxwKO73DzQXfPXix4mC4KOQN0Q4_3wdTbcXwokelkH9qZlQhA9Y1V60dI_dRSSQg8nvFf6kXjvLJ-ObikrGP6fG2ryV1MqEcItvIFmkgQWowNBAMfzfH04mq1TXsrdUoRyqY2JqGn3GBSHt0lPfaeQoiqV7x-haaTURXKZrGrj5Zz4b8DWEFMYM9xUPzjnfg4_a9ddJB2BzJefVjq1Xu99tjmgPDa0MJWMXL-iSyB_rBVXli-sYg%26sai%3DAMfl-YTzsGb4IE1Jca35lG9rfEw0RbmNTKLcQXEZj3UWfUQr9s1HIrOmmZbOSFGoWYzkw4E5dEYeoN3NnInhGiY6BTfs9xYTXzAUTbgw59uGFVfXXTGM5L8Qdv2K03pPDF56gA5RY3XqxTOk54mZM3VeQac6Bmce9XaBfpHEkCHcWEtegpPs7SLV-Png4fvnI0hlxd-zGIlvjF0i9ICiJkAcaMcMsD2iGHFpq6qm_AjDzlG8dFEstPfnbF-wyJNDxSLWi9h8sd_M95HQft8yx3nPLe1bIhTZtC1tdwdD69bA41OsLpeZPLp2PgfIJRu-bWoJ9SE5tctGlOROKHqAfg%26sig%3DCg0ArKJSzBtnB6dU19TOEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45 Request headers accept-language zh-SG,zh;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br cf-cache-status HIT content-md5 lEV9j3pUvMgu01szZkbLog== age 1355728 cf-polished origSize=159577 x-ms-lease-status unlocked cf-bgj minify last-modified Thu, 31 Aug 2023 09:36:51 GMT server cloudflare etag W/"0x8DBAA05CE239A64" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 21d4fbb8-301e-0079-1f2f-0d1102000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 827a09d17cf54014-SIN
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4635	624 B 391 B	117ms 115ms	Document text/html	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIY3OKEvQEwAQ&v=APEucNWsm9QrnlhYymBLRyH8bLcOEcJc5pjcuMiagtlnwTIaQTP74hMmmoM0lptlPz8vz9M5WWceDss80cPnzo65JBKGP8EvXQ Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:17 GMT expires Fri, 17 Nov 2023 18:29:17 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 55A3	89 KB 31 KB	110ms 107ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 17 Nov 2023 18:29:17 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame 55A3	2 KB 1 KB	714ms 103ms	Script application/javascript	23.59.80.128 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115843&plc=4215347&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJ4Ok5u1JjadGOJp1joy_6&DVP_DBM_1=3060631&DVP_DBM_2=23018840&DVP_DBM_3=14589638147&DVP_DBM_4=396439900&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=473896398903&turl=https://userupload.in/ysq2doxs9566&DVP_PP_BUNDLE_ID= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.59.80.128 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-59-80-128.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 56109fa3da6aa8f73ea350d38977235631ed519eb883aa78b13f530b2744d67d Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:18 GMT Content-Encoding gzip Last-Modified Wed, 08 Nov 2023 09:32:24 GMT Server UploadServer ETag "ecfd819e1e247598f4ed0f18c70f6f53" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 932 Expires Sat, 18 Nov 2023 18:29:18 GMT
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame 55A3	9 KB 4 KB	704ms 93ms	Script application/javascript	23.59.80.128 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hJ4Ok5u1JjadGOJp1joy_6&DVP_DBM_1=3060631&DVP_DBM_2=23018840&DVP_DBM_3=14589638147&DVP_DBM_4=396439900&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=473896398903&turl=https://userupload.in/ysq2doxs9566&DVP_PP_BUNDLE_ID= Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.59.80.128 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-59-80-128.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 8ab43ef523c52e830a7706ae32581ae882ebe14920d3e88ee191ac6aea78c401 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:18 GMT Content-Encoding gzip Last-Modified Wed, 15 Nov 2023 14:21:20 GMT Server UploadServer ETag "4fd30d56128c4e7705e200cd98cfb057" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3639 Expires Fri, 17 Nov 2023 18:44:18 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 55A3	3 KB 1 KB	93ms 93ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:42:01 GMT content-encoding br x-content-type-options nosniff age 31636 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:42:01 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 55A3	20 KB 8 KB	99ms 98ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 09:41:59 GMT content-encoding br x-content-type-options nosniff age 31638 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 01 Dec 2023 09:41:59 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 55A3	203 KB 64 KB	100ms 98ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65395 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700052045412510" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 17 Nov 2023 18:29:17 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 55A3	42 B 107 B	94ms 94ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DF6Z_2Sbd8XrMx0FQkNriIJatgVgTIIACh6Iw8PepRqwwf908U51zI05ss1MvxolcEr7_GuyBKSUDaPXN4GgtVdKF7CKvbTQjGhl5M78XTEoO6mYQ Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 55A3	0 56 B	91ms 91ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11287378438974283414&x=1&ct=77 Requested by Host: userupload.in URL: https://userupload.in/ysq2doxs9566 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 32C0	0 56 B	97ms 97ms	Ping image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2071297699627&version=m202309260101&ct=76&x=1&cor=8987481985926807000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE3D	13 KB 5 KB	104ms 99ms	Document text/html	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes age 64103 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 00:40:54 GMT expires Sat, 16 Nov 2024 00:40:54 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame C797	829 B 768 B	110ms 108ms	Document text/html	142.251.12.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f104.1e100.net Software GSE / Resource Hash 1ec529df35bc471ef054ec86de697b6c813a21ec95f1ea7096df66dda4a09cba Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fA_dGMws56mPCjb53Ibumw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://userupload.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-fA_dGMws56mPCjb53Ibumw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 18:29:17 GMT expires Fri, 17 Nov 2023 18:29:17 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	404	favicon.ico a.livesportmedia.eu/	0 0	1711ms 249ms	Image application/json	188.92.40.77
General Check archive.org Show headers Download Go to Show image Full URL https://a.livesportmedia.eu/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.92.40.77 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H2	200	/ marketingplatform.google.com/about/enterprise/ Redirect Chain https://www.doubleclickbygoogle.com/favicon.ico https://marketingplatform.google.com/about/enterprise/	0 0	679ms 99ms	Image text/html	74.125.130.102
General Check archive.org Show headers Download Go to Show image Full URL https://marketingplatform.google.com/about/enterprise/ Protocol H2 Server 74.125.130.102 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Redirect headers location https://marketingplatform.google.com/about/enterprise/ x-cloud-trace-context 38eb9b73cf5c42951baa069594756365 date Fri, 17 Nov 2023 18:29:18 GMT server Google Frontend content-length 0 content-type text/html; charset=utf-8
GET		h1uDGAjNfzxB.jpg ads.zynga.com/	0 0
GET		/ www.pair.com/ Redirect Chain https://promote.pair.com/IKK5QqREtxwvM.jpg https://www.pair.com/	0 0
GET H2	404	dupvIZXKgZne26viwe1SjA.jpg ad.mail.ru/	0 0	1851ms 389ms	Image text/html	95.163.41.56
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mail.ru/dupvIZXKgZne26viwe1SjA.jpg Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 55A3	0 47 B	92ms 92ms	Ping image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2356956248959&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 55A3	0 56 B	106ms 106ms	Ping image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2356956248959&version=m202309260101&ct=77&x=1&cor=11287378438974284000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 55A3	20 KB 14 KB	146ms 146ms	Script text/javascript	74.125.200.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BreWWps2fPmdYDDffVzSEQ2nJmEYcOBdWUSy2Kpa8OT9V2MS5_szMYJiZxtLiWfHdOmemY67-ucKg_BCvS1vFqwOwkch-uVPwvN-fnjdzwaJn78ynTx5sBBBlpilC9ri4ZwUXK0AAvfcMww2x9x5yzgRT2BHKlmYqY_32ryNS0AB--SIJdi3P4iC4Qm670z3j4v-MTvE-73oYMntqSUa_NTZTSiw&cry=1&dbm_d=AKAmf-ABIAvlE4uTEvlHV7MhCVIdmtHzdDLbg_l6WCMqSjcUuHujGbF99RcYvmOw4bTS2M0RyOPalciTwUuUPYtXUi5k9kDajYRXdS62T69x9RX3SZtJiT7yJ8F7Shry0dhp05QnjZkS3kItQ8mMm6C3MmOIHlnUxKAsRtdDRaMs-HzqcpMuLbJr8jEvkZ8VThTIz4fmbY_8aFlC0C_USKS46Udl6EIPyTDWGRSau699FEWnBMqPu7NsohdGEyWg26NEWCQSjVOmwivfVXanrNbU8joVBxhqy2aenAwfOu-LKVI45n6VRyxOctBG_-Gsvy5N3cRqP3YrMRAd4uvjiJttR3VdER4jBNZt8iMKgJJHVIqdXPsMm7oNoi4ATp1LbPQYNcGhzl8dCuHFbt-7EpIWrlSBjHka7UpLQSmK-22_70vDyNj0mbPK7LtSoSTzZTgfMVUn4wc7fRvXsCUJDcI42gAyptJC6_D7oMG2ildp-WA42_gOxKCB_V4bMRWKvM87xNv3Uvf_ZskwNFfNiO_WL_LBndSDQoHIhIxRCnFkZbdQm2XFLLgyAbNuOxmAoTM9YrIcEbSrJjsrEZlvfmuWcDNQAlpERBWEug58pFk_gfmoqnLe9bVqmTM1iPAbAskIUCN_c0u3yimbYO6pmlgCdbf_INgmPZcrXxgXBT27Kpa7ndy7ZAl-Dm7ZZHE_eKnHHbnoSXpKGQ8KzeKcWEuBD0P0wqUdlylju-AOTZBnot9628K5xACisxswtSJXxbxPnCgf3Ng4aU8-4EZ003G4tFyYzO-HVyMbb6l-pZkN7-rxC8in7BIZa30_1Igo2yiEUVe_ByyWCSUtej5AReWRwqdDqwp4wEHipLhUAc7tkO_xoNDq7dEfC2FosJHuocupqgwcrwxC6s0ACw-Lw-MG7Ze7ZbGt8tLONAa_NNrYqLonectLQDWDpk-ZlMGI_MwrErpcT9UCkX8-nGRLdHWiZHzZF0-BODB3ifKNhr_BPj0uNSLjrpNxw9cscY46lV5cOVO8htVctaZOVxZnoncpyDrlvB2DzqtQ2VhYUVKzrVIDqCDQJidK3yIm7mF1j9AmORU-EI06otRXkuYezEw3aUTUyFIFcAtc3E2V_9AApLeh1sz9i5Cj91wtecU05cvDzvI9JEs5bcA-OXmWaMGTuZenPZ3vt3vgc0OD0yknubhxHJlVlfS1urGriRSQ5LLdU2n2VRQBcrSM6_h0WIzlyRnd5WdKD5nVL93XjQM1FDo6sNXfeXHlkMkoCgqAc9jWYvix4cKjwvSFTRTWJB1UlBPgmBKMepVjz7zorAsiGlepxtmz1zRNEuPsO8Ko15qjnY7zfoSdpu_YH5rKFuowGIc3KGi22gT6yBO1PZbLMV89jdBENU3ZfuBB0qy_Igd4tSlkW1lr07dU6OBpnGjUlvF6JbCfFqYfsreLm7KBTZfZKOLbzBJLQu_2n3AQx8xkJmnEnolP7fbTHcAJ8vIBiNqrOPSRbVk74jc1rsO5ve5h3vJYYTAzx5S87RTsOCCPe2orBRGkHpNK1Hhnt4yIFSQdEvga8d4jWk5JmTR_5U1cvvc2O6MMCVDOMy5ZMu5FdcWp7BN7zPf94Oc6xmRohUeg7qMRf2VXCxJNRSnUsdkSXAFN3HBDx7C8Mfx3qpmRCj_R4cIhy-6Ql8HFhoOT-x5JTu5ImeivVg66H_63smRusYRbIhmP-hJMVVuXk7i7v4sLJNN35yRmAcPKOkNO6ivzRvP0QacTcHA3bDKYcv0LqGYtylvnlOOwoFbEZACm3gekwYlxH9DFNQADCJbamMdTQi9QCdphp3RJ5kvHOR8GEYUOSfbxDBu-GUgi2fOF6vSXBRJKEsdfq8ar_iUKVfATdL_g4s_QtXEDLo9YxvxCQPGHg8gAsBVPspSw3YdQ5d4oCU-WUmxFXTVrXF8nYSR4cl4y9S0NxO3i-92Z0KNed7feAaLNnu45C22cgISTpwV3c34c3-EJ77GfHUxG_fLEESHlJOkA52Jq-E0Otbmv2zpQeQVPU2qikkPgEXPlQhoD-tg4yNPZ0JceqaM5yGfTGdZtNPdvZWHuFaOVBpE0Eh86mZ4t0kqnrRyvqh1ipTbKZ36WURi4Xb8U-kEjhPHQut6XWvIp8CndQdHYcI09RxC-C2f4p-VYb9Pc7SafAm7uPGdE95K8nSmRl-1HXN7EqBhAatyttDdMExZ4PmfcUU2HdlAnrV7aO0Oovn3imimScNSlrDjM1rxoZqPwM5thrwbU58IwrZugHP3kZVA2SsGo55drC-muU3_KoRMrjlaKh-Wr-h9GZHa8tU0fqqYQRYPt45RxJQO-RMWsOKXbKHGbVJGASzsZ1Im33goOtHSHqWqdRkMRWt-I1UbSYQWnmLEW97IIcHixT8Td3TRu1GnVOlFaeNccB-9_uABYppKQhsQd7AY4soOOL2_KD0oiHF7IohrBH2j9qFuIljnoCBTUZ8_2OKG_aekc5fn_2k2mqBrCwm-AXsqnN8J-EFPXY3xa-taXbHyPpYGvT842z2jzG7AHCKGzFFuDxXf69wWpT_VToK7gvJ64KExVXadD9VWGq9qyVnUx0-yMf7sHRpTVJsKHiJ1cYXvORWsZDZtYipUf75pjxu4un0AnKX8dCofV9kUTnqAF4XIw6sjZv9uthhGsZxkhQtsynKXkUrKDooARHAUuBUA5vYJ9Qxz1C2_YYYmlfjAtCFMWEMPsbzmudDuiGbpFO6USTL7UvJljDkasiF187-sGFBItwKKGJp5oXyshKjKU5n4KSzNqnaFIR1_41xWs3oy9Iza_GXQ8P4If7Pzrpp-j7weOqJLhd4POsP_AaiVyQFDQJ4EiPgbs5Q0GYX5IZyooI0zs0koK1_6t3a6hmE45FtY4ayOe9OsXQDXb6v9N1GbfH1hESa2iT7FhN-D8ZO40mpDR60dIpmVEQJN8uOsPKQpCmXEW1ZBKfoWZOVKVznMq7zvyf6M1_JtnLiI88mj5upqE2Aw2BzztkuWUVTjVbErzWo0aQ5aaqCOa8aRciylnocgt6hZyrumprY1Kgx2T1LKSw76P2P8JgwHlcpF03AjhVSUkxOHhICfabKhQ7BYP3OwYAoaxcbMMv09a1jDsRDjXmQBcTPCAChsZUWaWe69kIwadw3g-pX_JD8cw6R9SEFHFsODKqtxKSxDYTBBbhqJA_PK6C0zzu00E7T-5gfxVSBkSArHnkXTZeEWgwxkMy6m0oTGjq2TP1TeVoCZinCUnwPAcdO0jMbVqqBx203Wng6d4pouUuLh0cwue1nAKPorAe_ywealNiJOMKQ8tFBmLUzUbg8MnEwRsBYZsASp_kzJTrqANbtKvEPZtMYQRQ4JHzHowmf1gyyPNsyrnaqoH8wINKaNxJ_sswzOtTp_gx_Z5T3CNgwkdV9Oyxvv5tyT8-uOtmLxZbiF3lPYB992NxHl1gQeGQOhV_Tl6JqLeROPxZnS1LXtIWbq-WBYKCKExwPbltg_-JKjNQMLlU7x1_EZjS8vsphY-xsFRLaMDmUnS8bAxyCT-orYXYAaVfPO3xX3Oc5zy4t9VPnylqqvIbHsyuKTEpORTXis5zGgUURKsFCCs-3URYqUg33qCh7Im2xKF1UeK4xMgX_2EcSYh8l0OC-2T4FvMVGu16cXCpr0paUYMag8XApuerkc29NKwZAPJDCDdr0gw3eDp3_84pbDAy5tWxg-y3CFc3v41QDnNTMH7e44DWmXDzEuSmNNFIeEwWnMbStZ9vVE7xR8-3z2UXfXYldM9BozQsK5QesRwr5mRcWYIy_vvZ8idFAr1S75levJLf4Nb4qo9Pq1o3WZ4qy7wV5ccD0zZ01mxv-UG9Am43draCjzNwNcqKB9f42OhmM374-DIznELcHtwiIkeGBk4YKa324x3VS4Uro_Xwo4YW6TPEyZxctCoWantZHrJ_0zhL7uaVqmpt5TIQ96o2vAi&cid=CAQSPADICaaNvHfy2lop5kNVCKwXrk-KhAtzw4lU1xUGfxMVijPLfNurWzvt5TFCyOVjVWWWCftgaDfZpSJ8-BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuserupload.in%2F&ds=l&xdt=1&iif=1&cor=11287378438974284000&adk=3062569608&idt=115&cac=0&dtd=21 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f157.1e100.net Software cafe / Resource Hash e11a52c29b6da7a53f28b4181fcedfc88eed22f57a0a9a50a0a4724feb557351 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13752 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 4635 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1	43 B 730 B	106ms 106ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIY3OKEvQEwAQ&v=APEucNWsm9QrnlhYymBLRyH8bLcOEcJc5pjcuMiagtlnwTIaQTP74hMmmoM0lptlPz8vz9M5WWceDss80cPnzo65JBKGP8EvXQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCrO9LgCtsvesVe3JFXcVtwxQmZ%2BWkABXgq3FzabTRGIokKGrUREAjSkCyqt0Mg%2BFciAODMsCAed0m6hItw6Ii8dnEZivJnsjXAxVpoxw1xcfS17pEwq7GG0IHcasrAp203ESUfEbV8WCw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 827a09d37d524110-SIN alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 4635 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVew.m11dzAwig9N7X2qGQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2	43 B 738 B	108ms 107ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIY3OKEvQEwAQ&v=APEucNWsm9QrnlhYymBLRyH8bLcOEcJc5pjcuMiagtlnwTIaQTP74hMmmoM0lptlPz8vz9M5WWceDss80cPnzo65JBKGP8EvXQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw8IlbG4p9ofgJdG%2Fvn3ZAjxYJoqiFZ1nest8p2ib%2FXn3yfZMQ3ZujD20Xw%2FnWzOXbR8q%2FC86uRVJ9sJmMWwjaZLXbKI0Oj2%2FFTDNoqJwUR2nk0upKxJeS7ESy4eUyHmo5nNn6HlTdn%2BMA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 827a09d42e134110-SIN alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNSuKI9KJ8yR-yWulyoQwk&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 4635 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1	43 B 844 B	91ms 90ms	Image image/gif	103.43.89.4 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIY3OKEvQEwAQ&v=APEucNWsm9QrnlhYymBLRyH8bLcOEcJc5pjcuMiagtlnwTIaQTP74hMmmoM0lptlPz8vz9M5WWceDss80cPnzo65JBKGP8EvXQ Protocol H2 Server 103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US), Reverse DNS 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT an-x-request-uuid b423f4bc-eebd-4451-8026-034b96556aec server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 138.75.45.144; 138.75.45.144; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESENjD-qqE55vugH-vNzg5Vds&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 4635 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D	170 B 188 B	98ms 98ms	Image image/png	142.250.4.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQi4Dw4AIY3OKEvQEwAQ&v=APEucNWsm9QrnlhYymBLRyH8bLcOEcJc5pjcuMiagtlnwTIaQTP74hMmmoM0lptlPz8vz9M5WWceDss80cPnzo65JBKGP8EvXQ Protocol H3 Server 142.250.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f156.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 17 Nov 2023 18:29:17 GMT an-x-request-uuid 98d7adfa-0ad7-43a5-802f-7263842b307a server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIxNjg5MDU2NjIxMTE5MzI2Ng%3D%3D x-proxy-origin 138.75.45.144; 138.75.45.144; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	sodar pagead2.googlesyndication.com/pagead/ Frame C797	0 0	137ms 136ms	Image text/html	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4382104723001976&rc=null Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H2	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame CE3D	39 KB 15 KB	132ms 131ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 20:18:30 GMT content-encoding br x-content-type-options nosniff age 79848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Nov 2024 20:18:30 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 55A3	41 KB 14 KB	97ms 97ms	Script text/javascript	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BreWWps2fPmdYDDffVzSEQ2nJmEYcOBdWUSy2Kpa8OT9V2MS5_szMYJiZxtLiWfHdOmemY67-ucKg_BCvS1vFqwOwkch-uVPwvN-fnjdzwaJn78ynTx5sBBBlpilC9ri4ZwUXK0AAvfcMww2x9x5yzgRT2BHKlmYqY_32ryNS0AB--SIJdi3P4iC4Qm670z3j4v-MTvE-73oYMntqSUa_NTZTSiw&cry=1&dbm_d=AKAmf-ABIAvlE4uTEvlHV7MhCVIdmtHzdDLbg_l6WCMqSjcUuHujGbF99RcYvmOw4bTS2M0RyOPalciTwUuUPYtXUi5k9kDajYRXdS62T69x9RX3SZtJiT7yJ8F7Shry0dhp05QnjZkS3kItQ8mMm6C3MmOIHlnUxKAsRtdDRaMs-HzqcpMuLbJr8jEvkZ8VThTIz4fmbY_8aFlC0C_USKS46Udl6EIPyTDWGRSau699FEWnBMqPu7NsohdGEyWg26NEWCQSjVOmwivfVXanrNbU8joVBxhqy2aenAwfOu-LKVI45n6VRyxOctBG_-Gsvy5N3cRqP3YrMRAd4uvjiJttR3VdER4jBNZt8iMKgJJHVIqdXPsMm7oNoi4ATp1LbPQYNcGhzl8dCuHFbt-7EpIWrlSBjHka7UpLQSmK-22_70vDyNj0mbPK7LtSoSTzZTgfMVUn4wc7fRvXsCUJDcI42gAyptJC6_D7oMG2ildp-WA42_gOxKCB_V4bMRWKvM87xNv3Uvf_ZskwNFfNiO_WL_LBndSDQoHIhIxRCnFkZbdQm2XFLLgyAbNuOxmAoTM9YrIcEbSrJjsrEZlvfmuWcDNQAlpERBWEug58pFk_gfmoqnLe9bVqmTM1iPAbAskIUCN_c0u3yimbYO6pmlgCdbf_INgmPZcrXxgXBT27Kpa7ndy7ZAl-Dm7ZZHE_eKnHHbnoSXpKGQ8KzeKcWEuBD0P0wqUdlylju-AOTZBnot9628K5xACisxswtSJXxbxPnCgf3Ng4aU8-4EZ003G4tFyYzO-HVyMbb6l-pZkN7-rxC8in7BIZa30_1Igo2yiEUVe_ByyWCSUtej5AReWRwqdDqwp4wEHipLhUAc7tkO_xoNDq7dEfC2FosJHuocupqgwcrwxC6s0ACw-Lw-MG7Ze7ZbGt8tLONAa_NNrYqLonectLQDWDpk-ZlMGI_MwrErpcT9UCkX8-nGRLdHWiZHzZF0-BODB3ifKNhr_BPj0uNSLjrpNxw9cscY46lV5cOVO8htVctaZOVxZnoncpyDrlvB2DzqtQ2VhYUVKzrVIDqCDQJidK3yIm7mF1j9AmORU-EI06otRXkuYezEw3aUTUyFIFcAtc3E2V_9AApLeh1sz9i5Cj91wtecU05cvDzvI9JEs5bcA-OXmWaMGTuZenPZ3vt3vgc0OD0yknubhxHJlVlfS1urGriRSQ5LLdU2n2VRQBcrSM6_h0WIzlyRnd5WdKD5nVL93XjQM1FDo6sNXfeXHlkMkoCgqAc9jWYvix4cKjwvSFTRTWJB1UlBPgmBKMepVjz7zorAsiGlepxtmz1zRNEuPsO8Ko15qjnY7zfoSdpu_YH5rKFuowGIc3KGi22gT6yBO1PZbLMV89jdBENU3ZfuBB0qy_Igd4tSlkW1lr07dU6OBpnGjUlvF6JbCfFqYfsreLm7KBTZfZKOLbzBJLQu_2n3AQx8xkJmnEnolP7fbTHcAJ8vIBiNqrOPSRbVk74jc1rsO5ve5h3vJYYTAzx5S87RTsOCCPe2orBRGkHpNK1Hhnt4yIFSQdEvga8d4jWk5JmTR_5U1cvvc2O6MMCVDOMy5ZMu5FdcWp7BN7zPf94Oc6xmRohUeg7qMRf2VXCxJNRSnUsdkSXAFN3HBDx7C8Mfx3qpmRCj_R4cIhy-6Ql8HFhoOT-x5JTu5ImeivVg66H_63smRusYRbIhmP-hJMVVuXk7i7v4sLJNN35yRmAcPKOkNO6ivzRvP0QacTcHA3bDKYcv0LqGYtylvnlOOwoFbEZACm3gekwYlxH9DFNQADCJbamMdTQi9QCdphp3RJ5kvHOR8GEYUOSfbxDBu-GUgi2fOF6vSXBRJKEsdfq8ar_iUKVfATdL_g4s_QtXEDLo9YxvxCQPGHg8gAsBVPspSw3YdQ5d4oCU-WUmxFXTVrXF8nYSR4cl4y9S0NxO3i-92Z0KNed7feAaLNnu45C22cgISTpwV3c34c3-EJ77GfHUxG_fLEESHlJOkA52Jq-E0Otbmv2zpQeQVPU2qikkPgEXPlQhoD-tg4yNPZ0JceqaM5yGfTGdZtNPdvZWHuFaOVBpE0Eh86mZ4t0kqnrRyvqh1ipTbKZ36WURi4Xb8U-kEjhPHQut6XWvIp8CndQdHYcI09RxC-C2f4p-VYb9Pc7SafAm7uPGdE95K8nSmRl-1HXN7EqBhAatyttDdMExZ4PmfcUU2HdlAnrV7aO0Oovn3imimScNSlrDjM1rxoZqPwM5thrwbU58IwrZugHP3kZVA2SsGo55drC-muU3_KoRMrjlaKh-Wr-h9GZHa8tU0fqqYQRYPt45RxJQO-RMWsOKXbKHGbVJGASzsZ1Im33goOtHSHqWqdRkMRWt-I1UbSYQWnmLEW97IIcHixT8Td3TRu1GnVOlFaeNccB-9_uABYppKQhsQd7AY4soOOL2_KD0oiHF7IohrBH2j9qFuIljnoCBTUZ8_2OKG_aekc5fn_2k2mqBrCwm-AXsqnN8J-EFPXY3xa-taXbHyPpYGvT842z2jzG7AHCKGzFFuDxXf69wWpT_VToK7gvJ64KExVXadD9VWGq9qyVnUx0-yMf7sHRpTVJsKHiJ1cYXvORWsZDZtYipUf75pjxu4un0AnKX8dCofV9kUTnqAF4XIw6sjZv9uthhGsZxkhQtsynKXkUrKDooARHAUuBUA5vYJ9Qxz1C2_YYYmlfjAtCFMWEMPsbzmudDuiGbpFO6USTL7UvJljDkasiF187-sGFBItwKKGJp5oXyshKjKU5n4KSzNqnaFIR1_41xWs3oy9Iza_GXQ8P4If7Pzrpp-j7weOqJLhd4POsP_AaiVyQFDQJ4EiPgbs5Q0GYX5IZyooI0zs0koK1_6t3a6hmE45FtY4ayOe9OsXQDXb6v9N1GbfH1hESa2iT7FhN-D8ZO40mpDR60dIpmVEQJN8uOsPKQpCmXEW1ZBKfoWZOVKVznMq7zvyf6M1_JtnLiI88mj5upqE2Aw2BzztkuWUVTjVbErzWo0aQ5aaqCOa8aRciylnocgt6hZyrumprY1Kgx2T1LKSw76P2P8JgwHlcpF03AjhVSUkxOHhICfabKhQ7BYP3OwYAoaxcbMMv09a1jDsRDjXmQBcTPCAChsZUWaWe69kIwadw3g-pX_JD8cw6R9SEFHFsODKqtxKSxDYTBBbhqJA_PK6C0zzu00E7T-5gfxVSBkSArHnkXTZeEWgwxkMy6m0oTGjq2TP1TeVoCZinCUnwPAcdO0jMbVqqBx203Wng6d4pouUuLh0cwue1nAKPorAe_ywealNiJOMKQ8tFBmLUzUbg8MnEwRsBYZsASp_kzJTrqANbtKvEPZtMYQRQ4JHzHowmf1gyyPNsyrnaqoH8wINKaNxJ_sswzOtTp_gx_Z5T3CNgwkdV9Oyxvv5tyT8-uOtmLxZbiF3lPYB992NxHl1gQeGQOhV_Tl6JqLeROPxZnS1LXtIWbq-WBYKCKExwPbltg_-JKjNQMLlU7x1_EZjS8vsphY-xsFRLaMDmUnS8bAxyCT-orYXYAaVfPO3xX3Oc5zy4t9VPnylqqvIbHsyuKTEpORTXis5zGgUURKsFCCs-3URYqUg33qCh7Im2xKF1UeK4xMgX_2EcSYh8l0OC-2T4FvMVGu16cXCpr0paUYMag8XApuerkc29NKwZAPJDCDdr0gw3eDp3_84pbDAy5tWxg-y3CFc3v41QDnNTMH7e44DWmXDzEuSmNNFIeEwWnMbStZ9vVE7xR8-3z2UXfXYldM9BozQsK5QesRwr5mRcWYIy_vvZ8idFAr1S75levJLf4Nb4qo9Pq1o3WZ4qy7wV5ccD0zZ01mxv-UG9Am43draCjzNwNcqKB9f42OhmM374-DIznELcHtwiIkeGBk4YKa324x3VS4Uro_Xwo4YW6TPEyZxctCoWantZHrJ_0zhL7uaVqmpt5TIQ96o2vAi&cid=CAQSPADICaaNvHfy2lop5kNVCKwXrk-KhAtzw4lU1xUGfxMVijPLfNurWzvt5TFCyOVjVWWWCftgaDfZpSJ8-BgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fuserupload.in%2F&ds=l&xdt=1&iif=1&cor=11287378438974284000&adk=3062569608&idt=115&cac=0&dtd=21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 06:43:21 GMT content-encoding br x-content-type-options nosniff age 215157 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2024 06:43:21 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI0NTc1NzkwMDk4MQogIHNlcnZlcl9pcDogMTc0NjQ1ODM0CiAgcHJvY2Vzc19pZDogMzIwNTQ5MTk1MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy... ad.doubleclick.net/ddm/activity/ Frame 55A3	0 850 B	361ms 94ms	Image image/png	172.217.194.148 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDI0NTc1NzkwMDk4MQogIHNlcnZlcl9pcDogMTc0NjQ1ODM0CiAgcHJvY2Vzc19pZDogMzIwNTQ5MTk1MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTUxOTUxMTY2Njg2NTgxNDA2OApkZWJ1Z19rZXk6IDczNjM1ODQ2NzYzMjU4NzczMzMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTE3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMyMjQ2MjM5OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzQwMDMyNTIzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE0NTg5NjM4MTQ3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzk2NDM5OTAwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmFtZS5pbyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.148 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f148.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0xc5f7ac7e51c3e0380000000000000000","13":"0xdc7f788e6e513a530000000000000000","14":"0xa76a53388e1ddf780000000000000000","15":"0x2fa52c7dafc3243c0000000000000000"},"debug_key":"7363584676325877333","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["9212252"]},"priority":"0","source_event_id":"9519511666865814068"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 2D4D	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/webp
GET BLOB	200 OK	eb497aef-a797-46a8-994d-13add3395eba Show response https://s0.2mdn.net/ Frame 05E2	668 B 0		Script text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://s0.2mdn.net/eb497aef-a797-46a8-994d-13add3395eba Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 668 Content-Type
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 2D4D	23 KB 24 KB	701ms 137ms	Font font/woff	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F80e96a5f-eddf-4121-a75c-0206e164272c.woff&t=%20%25.08CDFTabcdefgiklmnorstuxy Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10489061135955787776/SG_CFD_Price-2-Singapore-300x250-638333240865800417-0b3f8932-6f3b-4d00-bbb0-04e3f3386fab.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68efb5df95513af6b1350f2036659f56bc5888b9afffca288b56a3432e106089 Request headers Referer https://s0.2mdn.net/ Origin https://s0.2mdn.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status HIT last-modified Sat, 11 Nov 2023 02:27:50 GMT server cloudflare age 576088 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=80e96a5f-eddf-4121-a75c-0206e164272c-subset.woff cf-ray 827a09d79b044d92-SIN expires Sun, 10 Nov 2024 02:27:50 GMT
GET H2	204	generate_204 tpc.googlesyndication.com/ Frame CE3D	0 39 B	90ms 89ms	Image text/plain	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?ue1UlQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:18 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame AA02	38 KB 13 KB	102ms 98ms	Document text/html	74.125.68.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f132.1e100.net Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes age 218115 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 15 Nov 2023 05:54:03 GMT expires Thu, 14 Nov 2024 05:54:03 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame AA02	39 KB 15 KB	97ms 97ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 20:18:30 GMT content-encoding br x-content-type-options nosniff age 79848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Nov 2024 20:18:30 GMT
GET H/1.1	200 OK	dvbs_src_internal123.js Show response cdn.doubleverify.com/ Frame 55A3	60 KB 20 KB	112ms 109ms	Script application/javascript	23.59.80.128 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal123.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115843&plc=4215347&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJ4Ok5u1JjadGOJp1joy_6&DVP_DBM_1=3060631&DVP_DBM_2=23018840&DVP_DBM_3=14589638147&DVP_DBM_4=396439900&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=473896398903&turl=https://userupload.in/ysq2doxs9566&DVP_PP_BUNDLE_ID= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.59.80.128 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-59-80-128.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash ab4c91d229d32a46cacdfa0e0f01096060a891f4973f7699120d7ed39b90bcbb Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 18:29:18 GMT Content-Encoding gzip Last-Modified Wed, 08 Nov 2023 09:32:26 GMT Server UploadServer ETag "c78e1b8588fb1329342920c4bf68cac1" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers * Cache-Control no-transform, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 19651 Expires Sat, 16 Nov 2024 18:29:18 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AA02	0 56 B	109ms 109ms	Image image/gif	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7flE_bBXZfX-NsrEowPv2b_4CwAAAAA4AeAEAg&bg=!FBelF1jNAAZxrfrxUa07ADQBe5WfOA7eqsr8Pu8iljUt3-2X3wrtvyf-ZkE5eNPb8v2Kn0rDumHyIa8qIN1J5TQJgY0nAgAAAFtSAAAABWgBB5kDBrq8VkQePpFfSGZfiRInWnA6Z3JsP2NBmkEn4hJLXVVw8GrIx0m-a4MGVuDjrH-1lEq4Fv26HNEbEpzVesiiQK0BF8-k_1tPg-L5kmzENKr1cOBLwgrrG3IbaZRumFyw7nlura0SQI_iSddKL29CuXS27_RR2IOEAVTqnN6mJqyFTmR4HNbXZGB_wMLC7E_8WmQ1-Hz0KfPQFgVBl5GMdUqfJlUeSxYO8GLFuGpvPZdLBXBuYRunb9CBxWOx2rVHG16wSEwLpAqJ8A53bse69hlFDLt2q39BbL8S60tec8BsSZ1AO0hMdWoz_ByMRrNBn9hM4QNl2a2j4cZLeVbvTfF59HNtjR52Tvm2nOS74WPu86NmkMV8NaCRPgwI5xVVQ5ipsLTnAK_Iz3CYk1cemYI0-IK4J_cU1B6_TFxXEkVGypjoBX0Hk2v-L-196-LjoEgpPn5UxitxFkTcV3-R6apoCQszXfUH0YqxbRIFSyZv5YRlTfJXUbkPcCiOVAXN0x7sDI1EJJSEQWljcskqAWXV2swjj4UAjjj8z6mFSmW6shHax5gRPUgQrggp_qTzFr2mJyoaX94t3wi2piNhZ_AHm5Fu9gp8A_kqF1j7DhCHLp4qadhb7RYlfKT4Cg41LtVyB2-Ne4C4dCskzhQmj85OMgtKj_XVKyuc1IeMHrsjQg3dXNop633hGeNOMSdXUrN0P8IhTnrl687Q25tAzbpjTA_SvDGJGnYac1jOlYUN8LcOiLzU6Ae51_jZlFV7GU8Q_q-HV87vlieLD1RHjo97Ew4VzYwA6fxVZIO9Pi1SP-mWbfCPZuM981RWXxJTKzxhK0Be5GB8AWBd62T5Pp5HyZ5qSx1oOng_vlga5QRKr3qx8o9_TLAvV5Eo0iIQ5Qf77PI3atvPofSXm1JvrQpoCcezfhNImu5UbNXUjMYCfxPdavLVK0aO2HlMqW-JJjAhH6adDSFjVVriSqX_Gu59UUGYrLx7sagrrD4iYHfH1FulQIlxRxtqp6tc5VyxhdWrcgDxwA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Fri, 17 Nov 2023 18:29:18 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame 55A3	9 KB 5 KB	1017ms 107ms	Script text/javascript	34.149.43.113
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_280618467261&jsTagObjCallback=__tagObject_callback_280618467261&num=6&ctx=1828362&cmp=115843&plc=4215347&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=280618467261&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=119&bridua=3&dup=null&turl=https://userupload.in/ysq2doxs9566&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hJ4Ok5u1JjadGOJp1joy_6&DVP_DBM_1=3060631&DVP_DBM_2=23018840&DVP_DBM_3=14589638147&DVP_DBM_4=396439900&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=473896398903&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=170&eparams=DC4FC%3Dl9EEADTbpTauTauFD6CFA%3D%4025%5D%3A%3FTauU2%3F4r92%3A%3Fl9EEADTbpTauTauFD6CFA%3D%4025%5D%3A%3FTar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTauFD6CFA%3D%4025%5D%3A%3FTauJDBa5%40IDhdee&dvp_exetime=7.40&callbackName=__verify_callback_280618467261 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal123.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.149.43.113 -, , ASN (), Reverse DNS Software / Resource Hash 103289997a497db17ee5fd422ab19ff0c77de3f50e2f3e8c3445fff0e3f78882 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma no-cache Date Fri, 17 Nov 2023 18:29:19 GMT Content-Encoding br X-DV-Response 1 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=0 Connection keep-alive Timing-Allow-Origin * Expires 11/16/2023 18:29:19
GET H2	204	sodar pagead2.googlesyndication.com/pagead/	0 0	95ms 94ms	Image text/html	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4382104723001976&bg=!q6ilqOfNAAZxrfrxUa07ADQBe5WfOMj0gPDRQ4eyPoTyDbT3JbWZnSJCqlkUM6ITkr7roXq1LI6b0FaYQ_ajCZW-aKHnAgAAAGhSAAAABGgBB5kCrTCI5kfasMk-aul-Ge_H-jInygRM1eOdxLYtknKSbOfXi9f5fUc3jlQQI0bbB-ZDvebKH9rpu6qHkEbRvLj2jEsl2jWT-1bQabeZb3gAuiKiUljzqBiNNBRZ7CSU6NZHcm6ALU7b4mqwWwVo7MLAzmy4o5ihll05AHSe6g1rWeQYLbb53MR4OddGT5pRfTGb60Kpl_BpmOZ4iCLcnI7BVL5fFYpTMbTBeQKRsL7QWqoHtN5AlFxKvOtHIqqp-S9c6VjESG__ZGtPdkZgboW6aWcR4eoHdhlmIHqfYn06viLxZLe6rrVeGtM517XKRXOZR8qPo_ucjrAvM0QJ88RTjtiVjTjXUn04qbzHfV2L324LsAvQdPa-sWqMhw_WWieztijm6CU7mkoaZ42j5nwIIdaY81GtZ-Jw-WmjyruNDBKkSYfWHyPq1yzSFQxEnHV87aprqbdVMpFF5WQdB96vrMRRb0JS8157ICqFnbXThMid2_GRvDKAwtcYeFqoS72FuJjql5nYnvNUTKTBT9mopclbab34-ee6Lo0sN2nE0xupdXX8i2epC-dUrI38wUOXFNTuM1zyNaYKB5u7bw3eqQwMrZQKn3Fmg__hwbOD06bcr-P8n2KcaVOV_6ch-WenPfM5yyx_2H_8M3j6Jf_GUaZ1R3bLNzCO8ZholJ4Umn59xcYNFUVDnu4OdAgA7isE_UecfCrEz5sehccxw6z4dTeaksQztafCcSwZjfVkdBMWcoYZ0CvxEIThNILuLJjDmMxDg_9txJvx55mfyLk-l8vkAcG7pMcBkLC1I6starG9UOOJU3FO4dc5zse8ue0QwxKlYtCBtFxuDOqcKSXOLEwveWNmUH_BL7WZrz4f02ZTmEKFzyylUeJUJxa5bGM6CRIt9kXK6GRY0lVCXSs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 2D4D	4 KB 4 KB	94ms 94ms	Font font/woff	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5a0d39df4b0d911948f0e725%2F0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c.woff&t=%20Sceioprsu Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/10489061135955787776/SG_CFD_Price-2-Singapore-300x250-638333240865800417-0b3f8932-6f3b-4d00-bbb0-04e3f3386fab.html?ev=01_250 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdb6b98db39e11a0b5b6e8ccb8171c5758e9859473b7d8da3caca282077f6d7c Request headers Referer https://s0.2mdn.net/ Origin https://s0.2mdn.net accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status HIT last-modified Sat, 11 Nov 2023 00:04:41 GMT server cloudflare age 584677 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=0f63eea9-bff4-46f1-b0c4-c0bc6ce3911c-subset.woff cf-ray 827a09d89be64d92-SIN expires Sun, 10 Nov 2024 00:04:40 GMT
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame 2C99	1 KB 2 KB	97ms 96ms	Image image/webp	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2F9f0ed779-182e-4c28-adce-8e9c63d05cba.png&w=135&h=195&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adea4fbe0d06734a8bf999e9755dc5a75fe59f81f7bc96c16ff863888cf2bf6b Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status HIT last-modified Fri, 17 Nov 2023 03:46:04 GMT api-supported-versions 2.0 server cloudflare age 52994 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 827a09d95c164014-SIN content-length 1498 request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame 2C99	1 KB 2 KB	100ms 99ms	Image image/webp	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsaxo-bank%2F5a0d3b1088665f7354f5da6c%2Fimages%2Fd3bc406b-e9da-4faa-b2a9-03d21dd7d364.png&w=80&h=33&q=99&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12d3fa23649efb93279fb6f716dee0c9f96e65042e8a7e579c25500471734e15 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status HIT last-modified Thu, 16 Nov 2023 23:11:53 GMT api-supported-versions 2.0 server cloudflare age 69445 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 827a09d95c174014-SIN content-length 1500 request-context appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
GET H2	200	301871cb-4ee2-47fb-a505-d8a1e2677930.svg c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2C99	152 B 423 B	98ms 98ms	Image image/svg+xml	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/301871cb-4ee2-47fb-a505-d8a1e2677930.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 307279644d7cf64dc9ee86371da7a27bb581695aeef145df65476f1f0364b990 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:18 GMT content-encoding br cf-cache-status HIT content-md5 lx/tqoPhxe1djqV9/qEdwQ== age 4491 x-ms-lease-status unlocked last-modified Tue, 27 Sep 2022 13:23:17 GMT server cloudflare etag W/"0x8DAA08B70B1F9D9" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 62bfe25f-401e-0001-335d-138a0f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding x-ms-version 2011-08-18 cf-ray 827a09d95c194014-SIN
GET H2	200	c7781a9a-8fca-42c4-b6c4-638f8d6b150e.svg c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/ Frame 2C99	4 KB 2 KB	103ms 102ms	Image image/svg+xml	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/accounts/saxo-bank/5a0d3b1088665f7354f5da6c/images/c7781a9a-8fca-42c4-b6c4-638f8d6b150e.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8c9d6fad56b5dd992e450f958e6466d452bde7b6fe58cd21aa83c65c49e52ee Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:18 GMT content-encoding br cf-cache-status HIT content-md5 w6HfJNCQVE+3MWOUWEpPJw== age 6778 x-ms-lease-status unlocked last-modified Mon, 14 Dec 2020 20:05:35 GMT server cloudflare etag W/"0x8D8A06B9EBD4DA5" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 3d6990c4-b01e-0058-3637-0d3579000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding x-ms-version 2011-08-18 cf-ray 827a09d95c1b4014-SIN
GET H2	206	207%20AOT%20update%20-%20CFD%20Price-04237088071b4efda5784c7a68122d5b.webm c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/ Frame 26C7	115 KB 115 KB	106ms 106ms	Media video/webm	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/bf-videos/5a0d39df4b0d911948f0e725/207%20AOT%20update%20-%20CFD%20Price-04237088071b4efda5784c7a68122d5b.webm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db26a34280683491bf78b62197a60ecfe5fa4e89861cc70554fb15d3e7340025 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Range bytes=0- Response headers x-ms-blob-type BlockBlob date Fri, 17 Nov 2023 18:29:18 GMT cf-cache-status HIT content-md5 vTFgG526nCwRlgGBymOiCA== age 3627 x-ms-server-encrypted true Content-Range bytes 0-117372/117373 Content-Length 117373 x-ms-lease-state available x-ms-lease-status unlocked x-ms-creation-time Thu, 22 Jun 2023 08:10:10 GMT last-modified Thu, 22 Jun 2023 08:10:10 GMT server cloudflare etag "0x8DB72F8194DF07C" vary Accept-Encoding content-type video/webm access-control-allow-origin * x-ms-request-id 4f38e79f-d01e-006c-6f12-12aac0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-creation-time,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,x-ms-server-encrypted,Accept-Ranges,Content-Length,Date,Transfer-Encoding x-ms-version 2020-06-12 cf-ray 827a09d9ac5a4014-SIN
POST H2	200	/ c.bannerflow.net/tr/v2/pixel/ Frame 2D4D	0 113 B	110ms 110ms	Ping text/plain	104.17.201.110 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/tr/v2/pixel/ Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/65314322843eb9eeda76b60d?did=5ced17d285b1c200019c3fe1&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4phTuO_n1ErW2nRBs7QKS9xbIp_4K9ylGs8DdnWpMMrPq1UnvfcRByxnMa5tAFQM2CDpaH3oCwvqJodMHfrExFMriFXBM0HOyEZWpnZnpKBfA17N7aD7AfCzVmnCZbIbva56QacJpKfc2lFDtylKqkc3tLO6Uc5CeH-8oZLXQ7BAEqDuK5M0iGSjlZTD2JeHpRl-2cnULsmbEZ7etHns-86_7RmKL97PMAIPgo8-mmfrs_dPDxCuY6gBOPwU7jPJJBkPjz6cV00QgbiePIgcoiuxAkTBlqLkecsUFKe9wQkyzWmHWgXOlrKkrnOgSxMHdItBPKeOJIpUXGQEpqDHaoCKT9olDaOnafvo4sAPGLAIbhLCuaGTKO0u6R_-mh9hWxa-Z8xgKHB8TFqXhrRiLXNhaxK13651Gs7rsKPnA_-WkviA3wWPuGtp1q_31kYfDW5Nx0yJooTcVED9Cv848CZQvE9wYi9-kBvMpNDKA200tLZZmbc6OJYMGoDfusCNyR1LsFL6nCHRmqb-K0TEqF2a0kc8CH8FhymwYVggwXn_7x_5LDlrw9Nf_XaRWOQhooXIMcIb6HvKSe2Q1et8zj_yG3pTOdzr-1LTJd49NA15oY5DqCQi_fxe92XjfTsuHfzfn3ZNuHSA1Caysg2hqYxCfMewn2UhiohiVJmOw_Wu4_OeZhkuQiVAjRsOCk022KExKHU2uqYcvPiBmmIt8SVu9jSUKYhuOffYf9Ye7xRyHS1om28ZkKigRFadyJVI5WpErkc-hAh2N--H6_nDW-kXg7R4O_E1bUtDsdPbW6_eLIkQQmm58FSQZSP3P0dUWansu0AzFdnlfYdIb2ouXFe9eLHbL_UjZSU_06rMeifc0h6qzWUn9Axknh8KZgv_mNiPZzTLG4UdlRV-v6JtK2MU3wLbw1MyYRkOw6dftWTLFuC_dX6KQVqbH4uDW348bYR-qDkEamuLJQz81xj3rGBEgkhmOBke71DYLglbRbj3FLjkmrUkfEZRuy3RCSC_4uSUZCn7UiWfIYxrGHxLAJdaUalyol6kqOw4NrHx8Se8B-M19uI7XpOKkkxLV8_GlZJvEsdlmTOSzK7q_MbVXMnvKgx3P-cwuOoBvh1g4oe9Gq7GwI_HUJD1tG4gS9XYrpHnZyoiHY0AbQbTYCxpZ6ziTjTsjCN-Fuv7ZINtCuNokoAqcp-mKJ52DcslwX2WZ5oufYCmqLdDCsawAO0kxwKO73DzQXfPXix4mC4KOQN0Q4_3wdTbcXwokelkH9qZlQhA9Y1V60dI_dRSSQg8nvFf6kXjvLJ-ObikrGP6fG2ryV1MqEcItvIFmkgQWowNBAMfzfH04mq1TXsrdUoRyqY2JqGn3GBSHt0lPfaeQoiqV7x-haaTURXKZrGrj5Zz4b8DWEFMYM9xUPzjnfg4_a9ddJB2BzJefVjq1Xu99tjmgPDa0MJWMXL-iSyB_rBVXli-sYg%26sai%3DAMfl-YTzsGb4IE1Jca35lG9rfEw0RbmNTKLcQXEZj3UWfUQr9s1HIrOmmZbOSFGoWYzkw4E5dEYeoN3NnInhGiY6BTfs9xYTXzAUTbgw59uGFVfXXTGM5L8Qdv2K03pPDF56gA5RY3XqxTOk54mZM3VeQac6Bmce9XaBfpHEkCHcWEtegpPs7SLV-Png4fvnI0hlxd-zGIlvjF0i9ICiJkAcaMcMsD2iGHFpq6qm_AjDzlG8dFEstPfnbF-wyJNDxSLWi9h8sd_M95HQft8yx3nPLe1bIhTZtC1tdwdD69bA41OsLpeZPLp2PgfIJRu-bWoJ9SE5tctGlOROKHqAfg%26sig%3DCg0ArKJSzBtnB6dU19TOEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D5362262%26adurl%3Dhttps%253A%252F%252Fwww.home.saxo%252Fen-sg%252Fproducts%252Fcfds%253Fdclid%253D%2525edclid!%2526cmpid%253Ddisp_cm_1014431490_20642982854_524285826 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.201.110 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://s0.2mdn.net/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 17 Nov 2023 18:29:19 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 827a09daad644014-SIN content-length 0 request-context appId=cid-v1:2080cc18-71b2-4e5d-992c-a3d1331a0b3e
GET		advertisement-34323.jpg ad.mail.ru/	0 0
GET		PRLGkEFG6pPbHCNJ.jpg as.inbox.com/	0 0
GET H2	200	doubleclick.ico www.gstatic.com/adx/	1 KB 1 KB	97ms 96ms	Image image/x-icon	172.253.118.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/adx/doubleclick.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f94.1e100.net Software sffe / Resource Hash 97c62b70705d29652b64d391f0788891e0d55651282bb1e9e0dcc9edee0ccfb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://userupload.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 15 Nov 2023 07:07:26 GMT content-encoding gzip x-content-type-options nosniff age 213713 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 791 x-xss-protection 0 last-modified Thu, 03 Oct 2019 10:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/x-icon cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Thu, 14 Nov 2024 07:07:26 GMT
GET		DiInJ6CKyJ3JG1G.jpg agoda.net/banners/	0 0
POST		bsevent.gif rtbc-ae1.doubleverify.com/ Frame 55A3	0 0
GET H2	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame 55A3	18 KB 8 KB	106ms 106ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal123.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash 62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 18:13:44 GMT content-encoding gzip x-content-type-options nosniff age 935 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7823 x-xss-protection 0 last-modified Thu, 02 Nov 2023 23:04:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 17 Nov 2023 19:13:44 GMT
GET H2	200	impl_v99.js Show response www.googletagservices.com/dcm/ Frame 55A3	59 KB 23 KB	97ms 97ms	Script text/javascript	142.251.175.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v99.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.175.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sh-in-f155.1e100.net Software sffe / Resource Hash 3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 18:01:02 GMT content-encoding gzip x-content-type-options nosniff age 88097 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23872 x-xss-protection 0 last-modified Thu, 02 Nov 2023 14:22:33 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-dcm-tag" vary Accept-Encoding report-to {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 15 Nov 2024 18:01:02 GMT
GET		B9689862.280630144;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=160236217;ord=4ivyy1;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fuserupload.in%2F$0;xdt... ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 55A3	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ads.zynga.com

URL

https://ads.zynga.com/h1uDGAjNfzxB.jpg

Domain

www.pair.com

URL

https://www.pair.com/

Domain

ad.mail.ru

URL

https://ad.mail.ru/advertisement-34323.jpg

Domain

as.inbox.com

URL

https://as.inbox.com/PRLGkEFG6pPbHCNJ.jpg

Domain

agoda.net

URL

https://agoda.net/banners/DiInJ6CKyJ3JG1G.jpg

Domain

rtbc-ae1.doubleverify.com

URL

https://rtbc-ae1.doubleverify.com/bsevent.gif?flvr=0&impid=5b3717b936a64688a731212b8ddefb36&dvp_ac_version=0811&dvp_acibv=&bsigr=19860147274242&cbust=1700245759546390

Domain

ad.doubleclick.net

URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=160236217;ord=4ivyy1;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fuserupload.in%2F$0;xdt=1;crlt=vd*9B0SIl1;stc=1;chaa=1;sttr=111;prcl=s