bscads.com Open in urlscan Pro
139.99.103.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bscads.com/faucet
Effective URL:
https://bscads.com/login
Submission: On March 23 via manual (March 23rd 2023, 10:23:25 pm UTC) from GT — Scanned from SG

Summary HTTP 155 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 24 domains to perform 155 HTTP transactions. The main IP is 139.99.103.9, located in Singapore and belongs to OVH, FR. The main domain is bscads.com.
TLS certificate: Issued by R3 on March 19th 2023. Valid for: 3 months.

This is the only time bscads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	139.99.103.9 139.99.103.9	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c02::61	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223b:6600:2:e529:700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
1	18.155.68.36 18.155.68.36	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:303... 2606:4700:3034::6815:4c3d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.33.33.31 13.33.33.31	16509 (AMAZON-02) (AMAZON-02)
6	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2404:6800:400... 2404:6800:4003:c03::9b	15169 (GOOGLE) (GOOGLE)
2	54.254.190.124 54.254.190.124	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:229... 2600:9000:229f:3c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4003:c11::5f	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::71	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c03::5f	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
1	13.33.33.102 13.33.33.102	16509 (AMAZON-02) (AMAZON-02)
1	192.0.78.218 192.0.78.218	2635 (AUTOMATTIC) (AUTOMATTIC)
19	2404:6800:400... 2404:6800:4003:c05::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c02::9b	15169 (GOOGLE) (GOOGLE)
18	2404:6800:400... 2404:6800:4003:c11::84	15169 (GOOGLE) (GOOGLE)
2	2a0d:da00:a:4... 2a0d:da00:a:4018::	205072 (LAYERSHIFT) (LAYERSHIFT)
1	2404:6800:400... 2404:6800:4003:c04::95	15169 (GOOGLE) (GOOGLE)
4	52.84.251.10 52.84.251.10	16509 (AMAZON-02) (AMAZON-02)
1 2	2404:6800:400... 2404:6800:4003:c03::63	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::9c	15169 (GOOGLE) (GOOGLE)
1 13	2404:6800:400... 2404:6800:4003:c04::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4002:406::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
2 2	2404:6800:400... 2404:6800:4003:c06::65	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400f:e::6	15169 (GOOGLE) (GOOGLE)
5	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
2	142.250.4.156 142.250.4.156	15169 (GOOGLE) (GOOGLE)
2 4	74.125.24.149 74.125.24.149	15169 (GOOGLE) (GOOGLE)
4	44.226.153.224 44.226.153.224	16509 (AMAZON-02) (AMAZON-02)
2 3	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	74.125.24.154 74.125.24.154	15169 (GOOGLE) (GOOGLE)
155	37

17 139.99.103.9 (Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: vps-d06683bb.vps.ovh.ca

bscads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223b:6600:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.orquideassp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-36.sin52.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:4c3d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.adaround.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
au.adaround.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.33.33.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-31.sin2.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)

www.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.254.190.124 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-190-124.ap-southeast-1.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:229f:3c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c11::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::71 (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-102.sin2.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.218 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

supertruco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2404:6800:4003:c05::9c (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c02::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4003:c11::84 (Singapore)

ASN15169 (GOOGLE, US)

ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0d:da00:a:4018:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.251.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-10.sin5.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::63 (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::9c (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c04::9d (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4002:406::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c06::65 (Singapore) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400f:e::6 (Australia)

ASN15169 (GOOGLE, US)

r1---sn-npoeene6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.149 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.226.153.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-153-224.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.5.84.243 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.24.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 135 ade.googlesyndication.com — Cisco Umbrella Rank: 275	188 KB
30	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 pubads.g.doubleclick.net — Cisco Umbrella Rank: 455 bid.g.doubleclick.net — Cisco Umbrella Rank: 714 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 319 ad.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	241 KB
17	bscads.com 1 redirects bscads.com	794 KB
14	gstatic.com fonts.gstatic.com csi.gstatic.com	73 KB
10	brid.tv services.brid.tv — Cisco Umbrella Rank: 17134 p.brid.tv — Cisco Umbrella Rank: 25650 stats-dev.brid.tv — Cisco Umbrella Rank: 20125	118 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 465	481 KB
6	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 283 gcdn.2mdn.net — Cisco Umbrella Rank: 1139 r1---sn-npoeene6.c.2mdn.net — Cisco Umbrella Rank: 352642	18 KB
6	hcaptcha.com www.hcaptcha.com — Cisco Umbrella Rank: 78406 newassets.hcaptcha.com — Cisco Umbrella Rank: 11373 hcaptcha.com — Cisco Umbrella Rank: 7857	242 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	110 KB
5	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 358812 apps-pnd.ctengine.io — Cisco Umbrella Rank: 297595	8 KB
4	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 596	1 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535	2 KB
3	anura.io script.anura.io — Cisco Umbrella Rank: 56488 ads.anura.io — Cisco Umbrella Rank: 75803	21 KB
3	adaround.net 1 redirects app.adaround.net — Cisco Umbrella Rank: 590291 au.adaround.net — Cisco Umbrella Rank: 746651	18 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 27166	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	304 B
2	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2751	49 KB
2	orquideassp.com tags.orquideassp.com — Cisco Umbrella Rank: 156542	5 KB
1	supertruco.com supertruco.com — Cisco Umbrella Rank: 323094	2 KB
1	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4714	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	77 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 673	30 KB
155	24

	Domain	Requested by
17	pagead2.googlesyndication.com	cdn.jsdelivr.net securepubads.g.doubleclick.net tpc.googlesyndication.com ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
17	bscads.com	1 redirects bscads.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net bscads.com tpc.googlesyndication.com ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com imasdk.googleapis.com
10	csi.gstatic.com	imasdk.googleapis.com
10	googleads.g.doubleclick.net	1 redirects bscads.com
7	securepubads.g.doubleclick.net	tags.orquideassp.com securepubads.g.doubleclick.net bscads.com ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
5	ade.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	beacon.krxd.net	imasdk.googleapis.com
4	ad.doubleclick.net	2 redirects
4	pubads.g.doubleclick.net	imasdk.googleapis.com
4	stats-dev.brid.tv
4	p.brid.tv	services.brid.tv
4	newassets.hcaptcha.com	www.hcaptcha.com newassets.hcaptcha.com
4	fonts.gstatic.com	fonts.googleapis.com
4	imasdk.googleapis.com	services.brid.tv imasdk.googleapis.com ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
3	dsum-sec.casalemedia.com	2 redirects
3	r1---sn-npoeene6.c.2mdn.net
3	fonts.googleapis.com	bscads.com securepubads.g.doubleclick.net ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
3	appsha-pnd.ctengine.io	bscads.com appsha-pnd.ctengine.io
2	googleads4.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
2	ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
2	adservice.google.com.sg	securepubads.g.doubleclick.net imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com
2	cmp.quantcast.com	bscads.com cmp.quantcast.com
2	script.anura.io	bscads.com script.anura.io
2	services.brid.tv	bscads.com services.brid.tv
2	app.adaround.net	1 redirects bscads.com
2	tags.orquideassp.com	bscads.com
1	cm.g.doubleclick.net	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	au.adaround.net	app.adaround.net
1	hcaptcha.com	newassets.hcaptcha.com
1	supertruco.com	bscads.com
1	ads.anura.io	script.anura.io
1	www.hcaptcha.com	bscads.com
1	widget.trustpilot.com	bscads.com
1	www.googletagmanager.com	bscads.com
1	cdn.jsdelivr.net	bscads.com
1	code.jquery.com	bscads.com
155	45

This site contains links to these domains. Also see Links.

Domain
agencyorquidea.com

Subject Issuer	Validity	Valid
www.bscads.mobbitap.com R3	`2023-03-19` - `2023-06-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tags.orquideassp.com Amazon RSA 2048 M02	`2023-02-28` - `2023-06-28`	4 months	crt.sh
*.ctengine.io Gandi Standard SSL CA 2	`2023-01-13` - `2024-01-13`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
brid.tv Amazon RSA 2048 M01	`2023-02-23` - `2024-01-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
script.anura.io Amazon RSA 2048 M01	`2023-02-03` - `2024-01-31`	a year	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
ads.anura.io Amazon RSA 2048 M02	`2023-02-24` - `2023-07-28`	5 months	crt.sh
tls.automattic.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-03-14` - `2023-05-23`	2 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://bscads.com/login
Frame ID: E9540487B07B3DC70A8A1DACA3058B8D
Requests: 67 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: C283CDE3B681D778090AD10AAFD2E41C
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: EA30C1D692F38C59634AE9603C6D002A
Requests: 4 HTTP requests in this frame

Frame: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2211D1367DF99B83CCC8CB90BD848E07
Requests: 1 HTTP requests in this frame

Frame: https://au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/1441753f0729293bc2a6025fc2ab30c3.html
Frame ID: DAD5E283A815432D5D213504B26C6F49
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Frame ID: 742A5FB4EEC5A5C3CC6DAF81739FF4A2
Requests: 25 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs
Frame ID: 0BBFFB96C6F8DF5404F99546F3F87270
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F85A656508DD892BAD2CBD7F76DF7D85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F84F1BE8FB47C1E7E2DE7319E44730B
Requests: 2 HTTP requests in this frame

Frame: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F9E77ACC995542A2012AACADA99CD80
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A2E07B713ACEA403F03CCD47014BFDEC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 391353178F23319A769D0C569297956A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BscAds.com

Page URL History Show full URLs

https://bscads.com/faucet HTTP 302
https://bscads.com/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

155
Requests

95 %
HTTPS

61 %
IPv6

24
Domains

45
Subdomains

37
IPs

8
Countries

2483 kB
Transfer

12594 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://agencyorquidea.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bscads.com/faucet HTTP 302
https://bscads.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://app.adaround.net/supply/register?iid=FEF1PwcpKTvCpgJfwqsww5N3eA HTTP 302
https://au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/1441753f0729293bc2a6025fc2ab30c3.html

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://gcdn.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/59E849813DA134FE8A54E0E62BDA21454BDDE55D.61C9F2D1580BBFC5BD012DB0A6468DF59FA5681E/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEA550E6F8558736B8BDF1CA6A48D17F2F88A62.32F205DD9518EF564687722D5B37CAB2AE9C53F3/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 119

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CJrrrsqL8_0CFUaXZgId5_kPIg;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

Request Chain 121

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDwh9evAxid8M7aASABMAE&v=APEucNVFWCH8LAznmzbTOir3thi6NsYzluOnJ-82uW7InORADCrfhsrwNvdOQaombbVUH2dZEnGLJFkdVpMGSUN3Q0W9z6AHO_TkqACZhNAN7G7T4ctXHcQ HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzRV3kJfCgEUKZYaAKCvAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3r-AsWnJjCcnU6kUhwv18&google_cver=1

Request Chain 128

https://gcdn.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/6970E1BE980424B06885924F80D2814D0F6B0300.7968A39862ABA16ED84E803EAAC81477F4E72A70/key/ck2/file/file.mp4?cpn=es9ul4W-Av6ZVn-B HTTP 302
https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A09D3562033E5487B0B7F577752FCCEB4E69078.0620474B51D06F4708E19BF9D9D14E7EE2724B55/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48?cpn=es9ul4W-Av6ZVn-B&file=file.mp4

Request Chain 133

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CKqtssqL8_0CFfqaZgIdFkYC2w;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=

155 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
bscads.com/
Redirect Chain

https://bscads.com/faucet
https://bscads.com/login

17 KB
18 KB

95ms
95ms

Document
text/html

139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 5c19b07da37c37687178e29f0670a6327f66ca60562545a00a79711fcc542d79

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Mar 2023 22:23:17 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: max-age=0, private, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Mar 2023 22:23:16 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
location: /login

GET
H2 200 jquery-3.6.1.min.js Show response
code.jquery.com/ 88 KB
30 KB 536ms
181ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.1.min.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

Referer: https://bscads.com/
Origin: https://bscads.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
server: nginx
etag: W/"63090485-15e40"
vary: Accept-Encoding
x-hw: 1679610197.dop109.la3.t,1679610197.cds250.la3.hn,1679610197.cds203.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30957

GET
H2 200 adblock-hunter.js Show response
cdn.jsdelivr.net/gh/Blaumaus/adblock-hunter/dist/ 2 KB
2 KB 125ms
48ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Blaumaus/adblock-hunter/dist/adblock-hunter.js

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b79076fb7e98e997b9855c2a9f4ff080ea4f2dff021a78a6bb1afd865f1f9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21369
x-jsd-version: 1.0.1
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230073-FRA, cache-yyz4579-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"7ae-3ihCfQrQQ+pkQ/RmdJAR1MaUZK8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V3fhdfkcT9CiBlWN8RLRbZkC3tJLvjxtyk4IMh1pvGBK451hEsVsSEkcNtftZmg9XP70l4f%2FOCzkh7wFdwZTuFmueiRhKPqTr8qB7rRy9CNoTEtF2nUKyK6VpZwU5Slu8C8FeR2dMiuAJ4Abs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7aca13f48a95e6b2-HKG

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 24ms
15ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NHE85MP0CS

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bead66ac0cded59a7beff3c05d1e4323a8ba55527ae6c7b8c47738f113236fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Mar 2023 22:23:17 GMT

GET
H2 200 28966 Show response
tags.orquideassp.com/tag/ 3 KB
3 KB 38ms
5ms Script
text/javascript 2600:9000:223b:6600:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/28966

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223b:6600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

1eb6788548f27d73b951b4bc04f26c1a0a00acfe5e5bb82193c097cfd099375d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Thu, 23 Mar 2023 22:11:54 GMT
x-content-type-options: nosniff
via: 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 1604
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2834
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"b12-me0pJ0MsKDm0bWDynebrCRhwmQQ"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: mxUtDQO2MFXHzREHNlkQ2TmzM_wsibngBclZjUmMQ1Pl-IA_R1dM3A==

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ 6 KB
3 KB 510ms
165ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=Pk6r4Nnjri
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1e21cab60d153302391fc28c7cc2e16c8150ab3abd923793aa7357db24c81241

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 23 Mar 2023 22:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 34ms
4ms Script
application/x-javascript 18.155.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-36.sin52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 01:03:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 bbdc70020916d3473e0338359d834350.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 76814
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: XPdlTLy5LpMtIwZYeszZBdA32UO6I_E9t-4N7wOP7_9bZiUc0nBA_g==

GET
H2 200 main.js Show response
app.adaround.net/ 46 KB
17 KB 137ms
43ms Script
text/javascript 2606:4700:3034::6815:4c3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.adaround.net/main.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4c3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 895270b136a0737a264068bb17b3ca5dfa6fa0243e7763b6b18fc4218554d0ae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Mar 2023 10:50:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41582
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ufWVuGB9504lojaU2CmOp%2FcDc5SLk2aD7ltHu%2BnM2DPmAhdCHaQNjgVdjCNja1UM4Clz4507cCxuoPzwxWZtx7h%2BIBXwzN1sZ%2FKIkwGa8yGi4l97QhXTSKSmvuV%2B3JA4jHXBva7D5bPYBfMESuY"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400, s-maxage=86400
x-robots-tag: noindex
cf-ray: 7aca13f93fc50460-HKG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK blue.css
bscads.com/assets/components/bootstrap5/css/ 213 KB
214 KB 5ms
4ms Stylesheet
text/css 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/bootstrap5/css/blue.css?v=1679610197
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: ed7c8d79c191d80ee8637d87829e915ac0acc819526b573137368ffdacf74ec0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 218597

GET
H/1.1 200
OK global.css
bscads.com/assets/evolution/css/ 9 KB
9 KB 11ms
4ms Stylesheet
text/css 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/evolution/css/global.css?v=1679610197
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: d30b2899d4c90c803d5877707cfaa1c2c20ed78422be3118982e5d243f35e392

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Tue, 11 Oct 2022 09:21:59 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9273

GET
H/1.1 200
OK logo.png
bscads.com/assets/evolution/images/ 61 KB
61 KB 8ms
7ms Image
image/png 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bscads.com/assets/evolution/images/logo.png
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 444f8c03846f9e15331c26b6e97df23db8ac7a874814853b8c3d8a0e0e18cea9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sun, 09 Oct 2022 07:21:51 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 62298

GET
H2 200 brid.outstream.min.js Show response
services.brid.tv/player/build/ 175 KB
49 KB 28ms
5ms Script
application/javascript 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.outstream.min.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4a03055e7ff59aacb1ed57cb2d53c64d10b1b9d2cacb2f42be7d6380db63dc4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:17:16 GMT
content-encoding: br
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 10:11:02 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 362
x-amz-server-side-encryption: AES256
etag: W/"16dab3d0f02c79331fcb4b7c3c139ecf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZrHVOLZ739_pEVPRYRYy361NIIHWR9ceLfkhJDzPv_GeIGykpFxiZA==

GET
H2 200 28962 Show response
tags.orquideassp.com/tag/ 829 B
1 KB 5ms
5ms Script
text/javascript 2600:9000:223b:6600:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/28962

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223b:6600:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

33a135533179b403a70d8a8a0efffcb1ecbd57cbe4cb6b86328e8bf9d01386b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Thu, 23 Mar 2023 21:49:28 GMT
x-content-type-options: nosniff
via: 1.1 e25f1b4aa5076f3a6a2551c87259c664.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P2
age: 3112
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 829
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"33d-V6Fi/dtoTFjxj2YhdpaZ/A6fAnU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: iOsmRWxXtUlQv5koRDALT1gMe6xkY3qmiRjOX6BkW0_be2KUhcRBVQ==

GET
H2 200 api.js Show response
www.hcaptcha.com/1/ 284 KB
80 KB 135ms
44ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hcaptcha.com/1/api.js

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ce6fa08f06f8c4953cdcab99ecad506a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 0
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2023 07:14:15 GMT
server: cloudflare
etag: W/"5de21c14bce7448f20c94eda336232ba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=120
cf-ray: 7aca13f93e7d04db-HKG
x-amz-cf-id: UsQEcsc6K1MhejD-ihJEJbCRAXmRv-cXJn0LEl2BbRrQkKaLocJTfA==

GET
H/1.1 200
OK stop.png
bscads.com/assets/evolution/images/ 31 KB
31 KB 11ms
10ms Image
image/png 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bscads.com/assets/evolution/images/stop.png
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: cef283b537b5b439f78780bdfe94561204b0131029ee560a85692813daefcc65

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Wed, 26 Oct 2022 06:02:11 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 31682

GET
H/1.1 200
OK jquery.min.js Show response
bscads.com/assets/components/jquery/ 85 KB
85 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/jquery/jquery.min.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 86927

GET
H/1.1 200
OK evolutionscript.js Show response
bscads.com/assets/evolution/js/ 5 KB
5 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/evolution/js/evolutionscript.js?t=1679610197
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 6fac4ee889db41cd60e93f4b12b758f08b27f389b4e60ed9095fef4ac1249b49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5233

GET
H/1.1 200
OK l2blockit.js Show response
bscads.com/assets/evolution/js/ 4 KB
4 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/evolution/js/l2blockit.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: bcc0d426238e27f219faa067fb0a964eca5e7747cdad68e0ae4ea6c4ddc7efa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3902

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
bscads.com/assets/components/bootstrap5/js/ 77 KB
77 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/bootstrap5/js/bootstrap.bundle.min.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 78871

GET
H/1.1 200
OK jquery.blockUI.js Show response
bscads.com/assets/components/blockui/ 19 KB
20 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/blockui/jquery.blockUI.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 19966

GET
H/1.1 200
OK ajaxSubmit.js Show response
bscads.com/assets/components/ajax_form/ 2 KB
2 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/ajax_form/ajaxSubmit.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: b3474f9e42f470faef4db25d456e1370e9cdacef7deab620d90362e86f2d933e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1914

GET
H/1.1 200
OK alerts.js Show response
bscads.com/assets/components/ajax_form/ 1 KB
1 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/ajax_form/alerts.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 52f888c7e318356e9fa4173b6a4bf615994749bb49d156dff286a4332582a16f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1153

GET
H/1.1 200
OK forms.js Show response
bscads.com/assets/components/ajax_form/ 4 KB
4 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/ajax_form/forms.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: dcca172fb8956a6cb32cc2e0938b4658afc275ddabe650e890cfdd13924c9d44

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 4285

GET
H/1.1 200
OK forum.js Show response
bscads.com/assets/evolution/js/ 735 B
989 B 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/evolution/js/forum.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: 6649f7fd4521c5911cf4807fa4170b370eece1a5373d24a45800735e91670c66

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 735

GET
H/1.1 200
OK feather.min.js Show response
bscads.com/assets/components/feather/ 74 KB
74 KB 4ms
4ms Script
application/javascript 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://bscads.com/assets/components/feather/feather.min.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: e80b03fd2a2af6103562feadfeadcd1a1bedcad3fcd4da4f12af14bfbc7bbdf7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Sat, 30 Jul 2022 16:04:16 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 75827

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 30ms
5ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/28966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b732fa78a773915e664b708d41264990b45a9245fe8e1064fafd247ad98c13f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27482
x-xss-protection: 0
server: sffe
etag: "1520 / 30 of 1000 / last-modified: 1679609152"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Mar 2023 22:23:17 GMT

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 58ms
34ms Script
application/javascript 54.254.190.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3755658373&415890174846

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.254.190.124 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-254-190-124.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c9a9fd833929d4dc615994a20db855ce81af8661eace68718f685104b6bd72a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 28ms
3ms Script
application/javascript 2600:9000:229f:3c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:3c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:22:40 GMT
content-encoding: br
via: 1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 39
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: vnYditoKVyxJq3gzuZNgsBF2nwo7YLTbrx6E5fklhQWA9uJd7Oxpww==

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 16ms
7ms Stylesheet
text/css 2404:6800:4003:c11::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;400&display=swap

Requested by

Host: bscads.com
URL: https://bscads.com/assets/components/bootstrap5/css/blue.css?v=1679610197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44e22856c09114ecbb82ddd44fa68238d3414d085baa692a5fe47bb700ae315e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:23:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 22:23:17 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
250 B 15ms
5ms Ping
text/plain 2404:6800:4003:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NHE85MP0CS&gtm=45je33m0&_p=516643977&cid=411188628.1679610198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679610197&sct=1&seg=0&dl=https%3A%2F%2Fbscads.com%2Flogin&dt=BscAds.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHE85MP0CS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bscads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 33ms
6ms Script
text/javascript 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81213f215c5c386c13ce408768284d753696c19697e34e4c31a9fe95a56b0557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123080
x-xss-protection: 0
expires: Thu, 23 Mar 2023 22:23:17 GMT

GET
H3 200 27082.json Show response
services.brid.tv/services/unit/ 4 KB
2 KB 599ms
592ms XHR
application/json 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/unit/27082.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: Apache /
Resource Hash: 31260397b49a0c1315f0addbce02183c63c625f819183763076df7adf4ed29f8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
via: 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SIN2-P1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=86400
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: HcNPida38CUUTowCJAQnGFRbxK4LOOqVGt00pPwoyAGKKuoVLK6rsA==
x-served-by: i-032ea12b026bbe99c

GET
H/1.1 200
OK bg.jpg
bscads.com/assets/evolution/images/ 186 KB
186 KB 5ms
4ms Image
image/jpeg 139.99.103.9
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bscads.com/assets/evolution/images/bg.jpg
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 139.99.103.9 , Singapore, ASN16276 (OVH, FR),
Reverse DNS: vps-d06683bb.vps.ovh.ca
Software: Apache /
Resource Hash: e1c8d0e914fe6e903937889b09ca92511f6fc95d8b46655f231df0db25e9075a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:17 GMT
Last-Modified: Thu, 20 Oct 2022 15:25:10 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 190053

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 27ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@200;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bscads.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:36:16 GMT
x-content-type-options: nosniff
age: 42421
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:36:16 GMT

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ 11 KB
3 KB 504ms
164ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1673341020655
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=Pk6r4Nnjri
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: f912101806c688ff68c1860085b24f38250d5e0d442247b4d569796cab0223b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 slide.js Show response
appsha-pnd.ctengine.io/static/ 9 KB
2 KB 505ms
164ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/slide.js?v=1673341020655
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=Pk6r4Nnjri
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: e85e88e3c5147dc3710c5f8213be4449a8be2b937c573539332db3d72cc80b8a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
47 KB 15ms
4ms Script
text/javascript 2600:9000:229f:3c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:229f:3c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 12:52:52 GMT
content-encoding: gzip
via: 1.1 74e86ed0fa6d314b06f69aa24cdc2c36.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 34225
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
server: AmazonS3
etag: W/"a18627a302da47ec97015f587007f1a6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: RBmXjo5_31PnFlMNM50OMMhiwSya2S4BYd3ZZbR6PKd4cZjJBu0FLw==

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 21ms
5ms XHR
application/javascript 13.33.33.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?510133809430
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3755658373&415890174846
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-102.sin2.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 00:30:46 GMT
content-encoding: gzip
via: 1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN2-P1
age: 78752
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: T8KXfLApiLVCgFVJAYAH7WkYRRTDvwO2J1A-FnnjB0pL_CMQoSZTvg==

GET
BLOB 206
Partial Content afec924c-8de3-4cd1-a088-aa204e46d161
https://bscads.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bscads.com/afec924c-8de3-4cd1-a088-aa204e46d161
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 icon.svg
supertruco.com/ 4 KB
2 KB 14ms
3ms Image
image/svg+xml 192.0.78.218
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supertruco.com/icon.svg

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.218 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
server: nginx
x-ac: 2.sin _atomic_bur HIT
etag: W/"630e2208-102b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sun, 29 Jan 2023 10:20:21 GMT

GET
H2 200 pubads_impl_2023032001.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 11:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136699
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 19 Mar 2024 11:43:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 132 B
112 B 18ms
6ms XHR
application/json 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bscads.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b15bc577a7d75d4c2214c54a6930f48f80d289425d0fda7a381e88ba3679d2c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 27ms
16ms Fetch
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Blaumaus/adblock-hunter/dist/adblock-hunter.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb38566c2d8632c572762df38bfbcf6f9841dc4e6db084a36ade1d8a23ab691b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48789
x-xss-protection: 0
server: cafe
etag: 15163414879141272296
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame C283 2 KB
815 B 60ms
45ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
age: 701851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 7aca13fb1fe104db-HKG
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:23:18 GMT
last-modified: Fri, 10 Mar 2023 07:14:14 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 574188a928e9091a61842b1bf8314b56.cloudfront.net (CloudFront)
x-amz-cf-id: jDto5UvCXMVQoNuKAhfjeMfYzRAQlDk-TfZk_9yvC8RfO4OdxGClbg==
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame EA30 2 KB
994 B 57ms
43ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html

Requested by

Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
age: 701851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 7aca13fb1fe204db-HKG
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:23:18 GMT
last-modified: Fri, 10 Mar 2023 07:14:14 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 574188a928e9091a61842b1bf8314b56.cloudfront.net (CloudFront)
x-amz-cf-id: jDto5UvCXMVQoNuKAhfjeMfYzRAQlDk-TfZk_9yvC8RfO4OdxGClbg==
x-amz-cf-pop: SIN52-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 18ms
8ms Script
application/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=bscads.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 19ms
6ms Script
application/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bscads.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 264ms
263ms Fetch
text/plain 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2764391182754604&correlator=3485930374432009&eid=31073319%2C31073384%2C31073204&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=211182487%3A22679971829%2Cwww.bscads.com_Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=1371907180&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679610198324&lmt=1679610198&dlt=1679610197098&idt=1181&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbscads.com%2Flogin&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=411188628.1679610198&ga_sid=1679610198&ga_hid=516643977&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30a3308b931ebea10b6cfadc547a108ef531620b3345a773e07f8dd4ac13387e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12516
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bscads.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
23 KB 566ms
565ms Fetch
text/plain 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2764391182754604&correlator=3485930374432009&eid=31073319%2C31073384%2C31073204&output=ldjh&gdfp_req=1&vrg=2023032001&ptt=17&impl=fif&gdpr=0&us_privacy=1---&iu_parts=211182487%3A22679971829%2Cwww.bscads.com_Display480x320&enc_prev_ius=%2F0%2F1&prev_iu_szs=480x320&ifi=2&adks=4050396779&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679610198332&lmt=1679610198&dlt=1679610197098&idt=1181&adxs=169&adys=359&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbscads.com%2Flogin&frm=20&vis=1&psz=480x-1&msz=480x-1&fws=0&ohw=0&ga_vid=411188628.1679610198&ga_sid=1679610198&ga_hid=516643977&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

839cadf10d90e8ff26ea723c6259b7ee025c2d5890e6b89d854161c6da0ced7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24015
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bscads.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2211 6 KB
3 KB 22ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:23:18 GMT
expires: Fri, 22 Mar 2024 22:23:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame EA30 284 KB
80 KB 45ms
43ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ce6fa08f06f8c4953cdcab99ecad506a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 703512
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2023 07:14:15 GMT
server: cloudflare
etag: W/"5de21c14bce7448f20c94eda336232ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 7aca13fbf87804db-HKG
x-amz-cf-id: UsQEcsc6K1MhejD-ihJEJbCRAXmRv-cXJn0LEl2BbRrQkKaLocJTfA==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame C283 284 KB
80 KB 47ms
46ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 ce6fa08f06f8c4953cdcab99ecad506a.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
age: 703512
x-amz-cf-pop: NRT12-C3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2023 07:14:15 GMT
server: cloudflare
etag: W/"5de21c14bce7448f20c94eda336232ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 7aca13fbf87a04db-HKG
x-amz-cf-id: UsQEcsc6K1MhejD-ihJEJbCRAXmRv-cXJn0LEl2BbRrQkKaLocJTfA==

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 77ms
68ms XHR
application/json 54.254.190.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3755658373&415890174846

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.254.190.124 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-254-190-124.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0c1261638aabb0652def5b7f0df35b89468e8e3002ea09594732fc58ebfdaa11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bscads.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ 89 B
539 B 542ms
209ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=Pk6r4Nnjri
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 40a7e755a281ee8fe6bde03565df4c3ae9c352801b56a602b92d64c188fc16ad

Request headers

Referer: https://bscads.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bscads.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 580ms
164ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bscads.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://bscads.com
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 23 Mar 2023 22:23:18 GMT
server: nginx

GET
DATA 200
OK truncated
/ Frame EA30 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checksiteconfig Show response
hcaptcha.com/ Frame EA30 554 B
775 B 69ms
58ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?v=7d69057&host=bscads.com&sitekey=3c87a4a5-8a3f-49c0-b336-7520609038e5&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04c54e0cba9a2d77c842c722580967e43d4b087d6cd2b7dad6a084d0a9a863ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 7aca13fd092804db-HKG
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

1441753f0729293bc2a6025fc2ab30c3.html Show response
au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/ Frame DAD5
Redirect Chain

https://app.adaround.net/supply/register?iid=FEF1PwcpKTvCpgJfwqsww5N3eA
https://au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/1441753f0729293bc2a6025fc2ab30c3.html

253 B
614 B

936ms
924ms

Document
text/html

2606:4700:3034::6815:4c3d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/1441753f0729293bc2a6025fc2ab30c3.html
Requested by: Host: app.adaround.net
URL: https://app.adaround.net/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4c3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aeb3e5a52a68f2e124b7a59fff0905ceeae3b023a8bccadbe06651948424687

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 7aca13ff6d3b0460-HKG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 22:23:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hco6HNbrMC1zUBhrNYi6%2F4%2F1y7nVP6SJ3njZYRNRbJqHQiA6SGd4F0Ersw5Dxyjhn0edqU4ebY5dF9sGp9N9mpttB5vasS3YdDI7vYAPO2hCdEWRxNmrhWsSwUB2aVnO%2BmtZwfpLdVrDRNksfe8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-robots-tag: noindex

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-transform, private
cf-cache-status: DYNAMIC
cf-ray: 7aca13fd0a920460-HKG
content-type: text/html; charset=UTF-8
date: Thu, 23 Mar 2023 22:23:18 GMT
etag: "a1Xvhhp8OTIq44UG13aL1ommCNei9w"
last-modified: Thu, 23 Mar 2023 22:23:18 GMT
location: https://au.adaround.net/register/_fa7cdd4c68507744/96LXCKaJ1ot21waF4yoyOXwahu9Vaw/1441753f0729293bc2a6025fc2ab30c3.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPpUD5g3LxH37nNlVMlVKwKaqL0GAQbJjWnKIt580dEyylWU0UmPQkcgijGi0EXy5YgSselsl2T2BR3sWNqRc75j3oyinX3B%2FRvYB0hnay7yUZ7rrTNMOBEQF5bi2qm%2FyB8eQ0mKwDOFfBF1buU%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-robots-tag: noindex

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 11ms
10ms XHR
application/json 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023032001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9fcd2ac2a0284f6d5c17f8810269345a186d1db3e571af48c17c206f02ee4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11190
x-xss-protection: 0

GET
H2 200 brid.slideinview.min.js Show response
p.brid.tv/player/build/plugins/slideinview/1.3.40/ 25 KB
7 KB 28ms
5ms Script
application/javascript 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/slideinview/1.3.40/brid.slideinview.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b25d67c3a102ece6d250c464075217ba4c387c5a8e71b54f622a15f09f548a4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 04:20:33 GMT
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Sun, 19 Mar 2023 16:53:29 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 65337
x-amz-server-side-encryption: AES256
etag: W/"5015e1155fd6bdd0f04737fa92a2b700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: d_EIj9tIf7i1V2k2ue1OME2KV5_UysAam0he6RiuEzj_FIsWurNRkQ==

GET
H2 200 brid.oscontrols.min.js Show response
p.brid.tv/player/build/plugins/oscontrols/1.0.7/ 27 KB
8 KB 26ms
4ms Script
application/javascript 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/oscontrols/1.0.7/brid.oscontrols.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27276db8faef922a4178d9d2eadd730e032a973f5379ddc241f3523e1a8192bd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 08:36:26 GMT
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 08:34:04 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 49613
etag: W/"4b078b8c537b57326c2ef538ea0051c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PrhIbaIKWa7aJlegUeRD77_KuLAui3-tCQAn_K2FVDgn-7T7OspGQQ==

GET
H2 200 brid.gima.min.js Show response
p.brid.tv/player/build/plugins/gima/1.1.84/ 103 KB
27 KB 28ms
6ms Script
application/javascript 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/gima/1.1.84/brid.gima.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49c733544f200fe2483551d84e016d9826d0e6fa5e5fc3a8458becb3956477cb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 08:36:26 GMT
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 08:34:03 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 49613
etag: W/"b4509bbe105725836cab1159d45d4cd9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VGm-DiROmAQEjNPf7OOj92Ljh5VftlifldqhPxUM-2Kb0gwV_CXEWw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
60ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.64/ 83 KB
24 KB 4ms
4ms Script
application/javascript 13.33.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.64/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-31.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 12:58:06 GMT
content-encoding: gzip
via: 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 11:22:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 47426
x-amz-server-side-encryption: AES256
etag: W/"24c1e97967fbbadcf4830114d05be120"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wm8rWQa6XDNcU0fcevcdog3TZQXWZmzCd6MOW-B6LNLdeozBmeWnIw==

GET
H2 200 bridge3.565.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 742A 710 KB
226 KB 4ms
3ms Document
text/html 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa54fa500658b5ad7c37680e109aa1331df710351eb615bd605bc12fa443ff4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 217921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 230993
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 09:51:17 GMT
expires: Wed, 20 Mar 2024 09:51:17 GMT
last-modified: Tue, 21 Mar 2023 09:45:32 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 20ms
7ms Script
text/javascript 2404:6800:4003:c04::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
362 B 75ms
4ms Image
image/gif 52.84.251.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=26042&pr=o&dp=d&b=c&pid=27082&s=640|360&apa=1&df=0&os=w&m=0&ow=31036&e=l&v=o.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-10.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:03:24 GMT
via: 1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 11995
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: 1ia0wbOYEOTxOJJq7f0H2EE9-e_kkRtdSk2tKxLwRgR9QNGy16M53g==

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
362 B 62ms
5ms Image
image/gif 52.84.251.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=26042&pr=o&dp=d&b=c&pid=27082&s=640|360&os=w&m=0&apa=1&df=0&ow=31036&pub=p&e=r&aid=27660&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-10.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:03:24 GMT
via: 1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 11995
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: w9vNacFRQsMBBrD5m78kx-vOyPYnym2LiwiuHYHCH5EjFF8fI3j1Zw==

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 7ms
6ms Script
application/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=bscads.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 7ms
7ms Script
application/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bscads.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302271541000/ Frame 0BBF 221 KB
61 KB 24ms
4ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Mar 2023 00:34:21 GMT
age: 164937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61845
x-xss-protection: 0
server: sffe
etag: "4fba9ccee66ca96a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Mar 2024 00:34:21 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 0BBF 15 KB
5 KB 31ms
10ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Mar 2023 22:58:40 GMT
age: 343478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5236
x-xss-protection: 0
server: sffe
etag: "cedf9691907d886d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 18 Mar 2024 22:58:40 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 0BBF 94 KB
28 KB 32ms
12ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 16:55:07 GMT
age: 451691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28954
x-xss-protection: 0
server: sffe
etag: "eb54a928dd76f593"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 16:55:07 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 0BBF 5 KB
2 KB 34ms
13ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Mar 2023 22:56:43 GMT
age: 429995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1898
x-xss-protection: 0
server: sffe
etag: "aaf5c93962f41d5e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 17 Mar 2024 22:56:43 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302271541000/v0/ Frame 0BBF 40 KB
13 KB 31ms
11ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302271541000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 Mar 2023 22:58:40 GMT
age: 343478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "2e1a930b1f14d060"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 18 Mar 2024 22:58:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0BBF 8 KB
991 B 9ms
8ms Stylesheet
text/css 2404:6800:4003:c11::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 22:08:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0BBF 3 KB
3 KB 5ms
4ms Image
image/png 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 17:55:11 GMT
x-content-type-options: nosniff
server: cafe
age: 16087
etag: 3004170791804808702
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
expires: Fri, 24 Mar 2023 17:55:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0BBF 344 B
449 B 5ms
4ms Image
image/png 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: bscads.com
URL: https://bscads.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:19:53 GMT
x-content-type-options: nosniff
server: cafe
age: 25405
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 24 Mar 2023 15:19:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0BBF 0
0 16ms
15ms Image
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKXSzVtEcZImvFpjPz7sPnIeoiAKmg4jebtr3pNGbENvZHhABIKeOtUhgvwWgAZiPzpQByAEGqQLBCynVuKuDPuACAKgDAaoEhAJP0KMWttioH0Yne32L7xAUB5vcvCP5BykgYK8elOEqFjCUcQRLGMuBlJQrUuahTkr22HuRV8JI-DZMuJE3KL4CK1NiyNfDfelk6b1vT49vTGjuCVchJciCSfvUSlW6Mp96jWh73u9H-_MXA_uC8GBx8eXiH2okeFeErAr-ml97V2FrmWpqhpzeDtDmpN5RKJJJDibGhQwW0FCOJfzdesYU1_8YL_70xTaPcRDEaAPDU79K6FVxUU4paT_0SQ_PQrDLy4qy-tn2GL_MeNLJnmS1d0b7nQ1n3wV-tqs6ulnkgp4MA2yxjMjcJSblQgHYRxYZ3D_btv17xVSCPOFkqythXMFUtsAEuajal4ME4AQBkgUECAQYAZIFBAgFGASAB9DwsesCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ8C7SCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwKIFBPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDI3MzIyOTk1MzU1MDM5Nxj3uRw&sigh=FPUZWipGxjg&uach_m=[UACH]&cid=CAQSSwDUE5ymWj60Hy45_e8rrA-Dz50bwKBKdLNG5fe5IWAjp2l0XDj3qOxDU3MQs-AKSkKCLyQuIZaCoU3YiwDmdNa751zIfCTGofAo3xgB&template_id=492
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0BBF 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0BBF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9031eb816cf73159f6ff95cad55dd994ac45381c056f13e9cef41141e7ba347f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F85A 13 KB
5 KB 7ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 241523
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 03:17:55 GMT
expires: Wed, 20 Mar 2024 03:17:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F84 783 B
968 B 11ms
6ms Document
text/html 2404:6800:4003:c03::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::63 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e64e1000d4aacc8dd40f84f9c6aa298766622754c80dd5e0f329a72221d290b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BarumAYbNTzya_ZNDn_60g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-BarumAYbNTzya_ZNDn_60g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:23:18 GMT
expires: Thu, 23 Mar 2023 22:23:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0BBF 28 KB
28 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bscads.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:36:07 GMT
x-content-type-options: nosniff
age: 42431
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:36:07 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0BBF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

15ms
6ms

Image
text/html

2404:6800:4003:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: bscads.com
URL: https://bscads.com/login
Protocol: H2
Server: 2404:6800:4003:c04::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Redirect headers

date: Thu, 23 Mar 2023 22:23:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 742A 3 KB
1 KB 54ms
36ms XHR
text/xml 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22853135565%2Fca-video-pub-4090704406626496-tag%2Fbscads.com_unit&description_url=https%3A%2F%2Fbscads.com%2Flogin&tfcd=0&npa=0&ad_type=audio_video&ad_type=audio_video&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&correlator=494696654825428&vid_t=undefined&vid_d=%2C&vid_kw&cust_params=playerid%3D27082&ad_rule=1&env=instream&vpa=auto&vpmute=1&vconp=1&sdkv=h.3.565.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=brid-player&mpv=2.7.18&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=3336197051&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.565.0&sid=9C9CA16A-926E-4CCE-9789-204BE5469ED0&nel=0&eid=44748969%2C44765701%2C44770822%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fbscads.com%2Flogin&dlt=1679610197098&idt=1704&dt=1679610198905&cookie=ID%3D713e761024aa3d89%3AT%3D1679610198%3AS%3DALNI_MYWuMKE2HKmAGvft80fqKN_ULIizQ&gpic=UID%3D00000bdf727cdb46%3AT%3D1679610198%3ART%3D1679610198%3AS%3DALNI_MZSXWOANNK4Kz0w-m3PT6koJzJC_A&scor=1826279820198723&ged=ve4_td2_tt0_pd2_la2000_er335.169.487.469_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc4e743b194d2f57a5ed03d1521d6b0b70e4dfef4ad867a2b59cf2f2b6c317c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1022
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F9E 6 KB
3 KB 5ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bscads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 22:23:18 GMT
expires: Fri, 22 Mar 2024 22:23:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/ Frame 9F9E 22 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/abg_lite_fy2021.js

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9109
x-xss-protection: 0
server: cafe
etag: 16040247357158217350
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:21:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9F9E 8 KB
716 B 10ms
9ms Stylesheet
text/css 2404:6800:4003:c11::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Mar 2023 22:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Mar 2023 21:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Mar 2023 22:23:18 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/ Frame 9F9E 14 KB
3 KB 6ms
5ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.css

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:52:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 12:52:26 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/ Frame 9F9E 377 KB
129 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee407c8156259410d42a2bd3fe6594c28a91e6dd9bd6647fd3b9f63e3d9fdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 12:52:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131667
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:37:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Mar 2024 12:52:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9F9E 20 KB
8 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 15:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25280
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 15:21:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F84 0
0 16ms
5ms Image
text/html 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023032001&jk=2764391182754604&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame F85A 36 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 00:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 00:07:25 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 742A 30 KB
7 KB 203ms
203ms XHR
text/xml 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fbscads.com_unit&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params=playerid%3D27082&url=https%3A%2F%2Fbscads.com%2Flogin&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fbscads.com%2Flogin&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=9C9CA16A-926E-4CCE-9789-204BE5469ED0&ad_type=audio_video&adk=3336197051&correlator=494696654825428&ctv=0&dlt=1679610197098&dt=1679610199036&gdpr=0&ged=ve4_td2_tt0_pd2_la2000_er335.169.674.771_vi0.0.1200.1600_vp100_ts0_eb24171&idt=1704&is_amp=0&npa=false&omid_p=Google1%2Fh.3.565.0&osd=2&ptt=20&scor=1826279820198723&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=1---&vis=1&u_so=l&eid=44748969%2C44765701%2C44770822%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&mpt=brid-player&mpv=2.7.18&sdki=445&sdkv=h.3.565.0&sdr=1&vconp=1&vpa=auto&vpmute=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&cnc=22853135565&kfa=0&tfcd=0&top=https%3A%2F%2Fbscads.com%2Flogin&loc=https%3A%2F%2Fbscads.com%2Flogin&cookie=ID%3D713e761024aa3d89%3AT%3D1679610198%3AS%3DALNI_MYWuMKE2HKmAGvft80fqKN_ULIizQ&gpic=UID%3D00000bdf727cdb46%3AT%3D1679610198%3ART%3D1679610198%3AS%3DALNI_MZSXWOANNK4Kz0w-m3PT6koJzJC_A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

495308771f2f55a772b8c8ce9925ba84e4e348bb1822b338f901f83c9ddebed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7396
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9F9E 0
54 B 966ms
323ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lflojnyr&c=2222498311175&slotId=1111249155587.5&qqid=CKi4_MmL8_0CFdwKtwAd-q4N4A&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9F9E 15 KB
16 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:36:04 GMT
x-content-type-options: nosniff
age: 42435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:36:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9F9E 15 KB
15 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:36:04 GMT
x-content-type-options: nosniff
age: 42435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 10:36:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F9E 0
20 B 6ms
6ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxA_aVtEcZKi1ItyV3LUP-t22gA7ZmYHkbpqrrKP1EMflwY7dMRABIKeOtUhgvwWgAde9iMooyAEFqAMByAObBKoEjAJP0Kj8Kq99BFi_6aPZs7DZX5vEchiwlDwoBgHI7ibcAXNbJUtn48qq0J0bbrOckrrilIBwqFgrtXBNfeqC9EoGCwE3EdcuQmeMdecwqftoQVAgrmJOrf7KxGnFBHDrh8IDphIifbeuPXvcjDWYuzVIdrMflIB0LhElYsUXagytpmI89Z7mN70D5TPay95-7UyLbO0dsOru_8XOfsbARhhtkQnne9fjsaWeFE846fT-WQePmQLX3IhNz5cXpYMsMhPVpg_MT3N-xWZE8B8HLHDeO6M2-ib0j9l6P8fds9LFNuYC-ypn9-LmunIOg8J-RhOCmH3Ztnyq7fa9UUYWCsPJlWq8pSpfOgGRiWjhwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1679610199067&ai=CxA_aVtEcZKi1ItyV3LUP-t22gA7ZmYHkbpqrrKP1EMflwY7dMRABIKeOtUhgvwWgAde9iMooyAEFqAMByAObBKoEjAJP0Kj8Kq99BFi_6aPZs7DZX5vEchiwlDwoBgHI7ibcAXNbJUtn48qq0J0bbrOckrrilIBwqFgrtXBNfeqC9EoGCwE3EdcuQmeMdecwqftoQVAgrmJOrf7KxGnFBHDrh8IDphIifbeuPXvcjDWYuzVIdrMflIB0LhElYsUXagytpmI89Z7mN70D5TPay95-7UyLbO0dsOru_8XOfsbARhhtkQnne9fjsaWeFE846fT-WQePmQLX3IhNz5cXpYMsMhPVpg_MT3N-xWZE8B8HLHDeO6M2-ib0j9l6P8fds9LFNuYC-ypn9-LmunIOg8J-RhOCmH3Ztnyq7fa9UUYWCsPJlWq8pSpfOgGRiWjhwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ

Requested by

Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9F9E 0
234 B 955ms
323ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lflojnz1&c=2222498311175&slotId=1111249155587.5&qqid=CKi4_MmL8_0CFdwKtwAd-q4N4A&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9F9E 29 KB
17 KB 43ms
30ms XHR
text/xml 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AaO89-nVhe9eYs_aTdZI6D11KTbKqX8Ytc1VW5--wIUtF3loxRKW-k1bBpEZd9B8_qsNqX5FlWKAf8BHk370l_Rp-gOg&cry=1&dbm_d=AKAmf-Cc538vX3WmEpF3uj1AFxF5dpH8u95J5JRQHqLJ5FWA9dTNUDOu9jMpihCe5jH97OKi2DGqQcY9MN19E5KWq7zcuXW0fKogi-1pR8WwwHo_rB2A8LckE8aS3gEOESFbIsLAsYQ1beTDoxd7hNrZH4KmS_zdJ2BDmSTN1hxBhB_rla9tAj6XJqUQXsBkLvfGHLmGt2Rd6yerD7Th2GOqFDxAW9PpkOcljSHte2qJ_RNh1RTi8ouzdjjxgxF9N7RqRjmj2PhXDUIYTLVPEgouMq2sQgWuZUtgdoOVO4TwyB3F3bOc1uPD7nPN1wTFDJmes1dpR7WjbbXL7RstPiTqJj95wU__HBhft5MpE4EYjtARwiYo8F6UH4a9YB1micbbw5VHGcR0NkHdcndwFVD0FbzyU6rAXgAmCxWPzOd_EzwID-FA87PeMG5jxqfwtG4NmS2SUfjoVYYvjyR3s5lqBnSUmWZcqp8Sg_Gf11X_r5r3-oipKBRWRA2pSMZUj5uRsHq1Va9MX6HuhytsR11w6Xq70NIrE49JtAyIhasNxbgeHoiepYZm6NXHp72jXKP3SZxEPQUuUbLXHboLz12pDiIBQex1kRe133MmMF-X0D4cM5nW_fZUcw2r7mnT5ELed5xZ0I2MCAi8oTM_WBykYFoj1RZ4lt8gyCqIuw5gxYrEyFmZT_zAST_aiZP-vgA4r_ZPW55FsruFh33CcRNFA9t3xofM_regIit8F3DI2lFeHufXT7hX92SXSTTF_Th_tQu692VZ268QSn-LS2Rv8J-XhlvcXT5ErBWovMcoOGEGrMwbJjM84Dn9GnOCqefAYyloHYR3YJO_Rz9YpcbI-8edEIN7iuZPXoT-bih4649NgAt2j_bLwuzhnIHbCGgCnLW5Fg4h0_HRiE4azgq0vW9Xozn4ZNm2XGLHF4QK_1SqzdRjT7MehuccbDaKeMxGB3p_615eASHiVcHR7lokqHLXfFdqTSgnsYJ7jYJ56cmSUfATONNzeEvA-NVw17Ue6h7mD_WzcwAg1I2EhPCdLjeJ9ZkBoeMA4t7H1KGXCARFxcMgDUVfT-sbPVQxq0-AqWPhhLYcEYT5WSUDdszHRrYloFtvyPNDYrQjCY_kN5dDAq_PawdoWwTjfwLARzxzH3KxND7Z0fUIw98Nc2VybHNhodcBR3O22N-UHlRGbv_SDrNoJAXeyRQpwpxGshsDbJ75TZQ_grV6tuaP32H0fKPrRkaHs2Dea5FzgNZo-FvpQnDdvigVSreWBdHBa9icclOOZ1nybnJKhy98gM_0z3vry2l5ZPeynQHoKf5DQn-WkR3bky7vOdeI7JDKjQhuTu-qA30PhQFzuXUqBTvDPPHFP_MwcVjAdOIV0Sxvg_fwnrrG1SsR9JulDxAmRCMfyWFelWQ5qYVuU5TvdmF5EkLr0ZKM_rVYkwBTrCC6jtU34_wWZcO-8vXj9KsYHsqW_dUWBTqBryTBQARTSoZGrpdLsOgiVSjNLBs6N-0m7pwa450YaDP_Qs_b-W2bzP5nsxwmiNZgrcOEC3L-QXKIGXZx_EIdPLWDafOFj3O3zfbGYe1B7lpa1_f8o-DAG09Ipsge5I36vPcXJT2Ls4M3xcOapXojyFnUEb9Vdh1rK-6BRDZ2jf4qYbFc-TYdbTNjYoWCKbc0Bpm-FuVy3Yfs8mMUpLXBYQT7Rqw4Nq3jRpJm9X0EEg5lRxGRHzytzNCN9TLtzXKhjWSX8LMDN3LwuH0GAnKXFrCQd8dJ1md3j89KHWjPoo2YpYyoDNafnNYfUQg-r35VvX-svZUN__pxBqcl8EHbbUa_YUH3f0epUHNKvIhfQUP9ZOHvqqeWI6hJjWqFOPVIWOBE_LLsu54WJEeyuto1KT-_lChTJ0LWh8pAOXtkmnhC8RUE_mr9Bpmk0DNlD4iCINHCLOlqLyJ1SlKXygbFh_hcR1EPmLJrOzMAWUKjRunKDdLtZfeHiWacAI2nOrmPcItrHs1t2fH0VL1zsJhfCMEV-IQCnf0c_M4at8e3u00s9-NKG5wQsfkv1EIz4_VMNkKFwOS5f0FBkBm6DkCoCgBDZtwOHp7OlIbF8_A7NBIWqi-Ycs0Jj5V_yHWhBKtSEVGdl48ZKJDJw6OvmAEShDrK3tPn9KCO1vFM6oljeGTGqRV01CFIiWJyo_nu_D7KKxoBpBUVEw58x0cnFbGikjZv4SJ0ifOJ90NJ8Nl14ZlUxx6CtmPZDGgVoShLL8pjwYRJDusU46zT2yrXOjgBPsqLxsF8kPlvyRXOQoxiIPuvysn14GJLKP5iv7r0ptRREu9gtNk3PdL7XgtJSkT61aiz0JSFvQS7iLcN6m_L4dPdRaiv68HlwxSs7E3WBa37AQNJh6qy_IUUBhXBXd1VmSlWV2b41uzRVMuFWSnZSzBEuoup_-c_c1aUNiWsoqH3Tc9FGjIOjxu2ywOIPF5GaFFIWMytGB6f88Dpi0O4baJHNPKoQjtF13-fI9dE_OBXWLEXBi-C7X3h38j7GiEpXf3nOv1CP_xaG3kITCUhqdFbKBDqEz6Wnwf-tZKoCNPyjBteCFV2paHq79cGLmW9sO5qgtPF7Kn0dXbnfpnMxq4LtkiU6jhoQQ9F1kTjtEeQdPX6xpSLAnplgvmZLLZvjk1hMZXLfeT1aiYKwPZ8TiSa4EfcQLcH8JvC3ebORjeDEPVKmqsTSI7Laj84jXpStOJ119WUDVM7DkJK8VJonkpcdHmcD-3Cyp_ow5qBuQzYPoymgi7CVMAIj1EoDR1ZHncH2LeJ3e0ptpZfRFRouID3a5KcgnzFwX22hoGhzQYRZc38y1WopgfEfLvO5aeY-8yGxywwiLkmQCktujOOkCPkHMbzear7OX6KooiEiAZgUNfvNffQru9eSleXQC9B0JFv3_CzlquRXY8W0YpjMY5Fyq4iUH-b5tKA8KuZJidDGpB7SyZTAkj9BTTgHSskl063wJ199U_qnP_BqkhIxCdXDGgnZItJuATN6Fsbo_eLoWW7GUycT4xYyzYI1p6Lz7ugGT1TDztjcpa6grffauTC6OyNJZoMV-TtUOtdhPzflCNS1z9INXYbtDGuKpMQkBDVS6OX-kdc1OS5vXqFWwRWYLFQMUqZEY2-XPHn-W-8Vmc8YMeUtmfdvSGKZE_aITpEY_cFRYLquOydUYjljbhTjhcKHL1oaGeoN04aGA-ft9nFBRyUy2CTp7ZGr27Qpe1Z8HvX8mlCt2BMMxY1mPBY4B4RJQgtv8xnKttxBOeCnz9l65t1_X0xQp5oh_ZPOMMRc9LQEUKnWa8SdUS1OgLi8GwrUPZmuC6OjolhVVzVnjTdksedyCfdKE4P9yvEHoY5I8OGVfwgqPRRqS06RGBwbxiqzYh-h1n03ADNs_MR-D1E9xq2EoVJnR0_ZcdA-JOLqXzolJ80Djgj68JSqTh2qkiDGHEoMBVODluh7DKxaPD4Qu82TTC6sbGdUQeQyJd2dVlkbhB07FlFZXKnJ18njC7V7kcAaeyMfdVjccLkQuB36505NWYFv468Fm8poTP3B36QIPORDsSp2ayoyvMXbZ6NLpjxV0Bk76tTiZQYiiGTh9p8NUwSu5IONw5RxSqTqQlkjLyA-YzZpJcl6C_gdzmlQiUvBsC3JH7-LhMIJhodTswfvhkAhMDAzMbjGwmsg_J5oDYVh8_dMwIn6fLxscS-P3wHjCz5B5UzCZQGCw-p6I-hkta04YceC1ncnI-WrmJ75vT9zPh4EI4zCQIYSluhNLnnq_MibhrVaWH3P93UzkHzK5i13kQPRZLj6Ljz24E9EGazV3dI9GM52sqVlYQtYqIMBsY-17PjcrkA6-iIKiG8c92UqsVtpHEvSA&cid=CAQSSwDUE5ymERbEziADxl-r-knkIbQba2byUNfkVCAaCCZDA8UjXzahnQLMFk1sQBoLQG6qQbwWhqo52xGlQ8UuRCZuy3fkSDGiKjoXtxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

c847711ff48dee7e6da9e66a9d779e98fd972f58829a8d8001ec223b3301e86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16519
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9F9E 0
0 9ms
8ms Fetch
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8yaNVtEcZKi1ItyV3LUP-t22gA7ZmYHkbpqrrKP1EMflwY7dMRABIKeOtUhgvwWgAde9iMooyAEFqAMBqgSJAk_QqPwqr30EWL_po9mzsNlfm8RyGLCUPCgGAcjuJtwBc1slS2fjyqrQnRtus5ySuuKUgHCoWCu1cE196oL0SgYLATcR1y5CZ4x15zCp-2hBUCCuYk6t_srEacUEcOuHwgOmEiJ9t649e9yMNZi7NUh2sx-UgHQuESVixRdqDK2mYjz1nuY3vQPlM9rL3n7tTIts7R2w6u7_xc5-xsBGGG2RCed71-OxpZ4UTzjp9P5ZB4-ZAtfciE3PlxelgywyE9WmD8xPc37FZhzxzQ4nOl0LMcZ62NMjJwOeJ_MuMqTXWVkavdb_yu-Tau1DZSWnjjqyU8Eax1LDa3_TbDoSMX1zTRCu4BfSG4XABPT2j-b7A-AEA4gF1J7W8j-SBQsIIhACGAFInu-7AZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAH1_XYqQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChC2yAwYnfDO2gHSCA8IgGEQARgdMgKKAjoCgECACgPICwGwE8jvsxLIE-remOAD0BMA2BMNiBQC2BQB0BUBgBcBshceChwIABIUcHViLTQyNzMyMjk5NTM1NTAzOTcY97kc&sigh=XEe5sIL27z8&uach_m=[UACH]&cid=CAQSSwDUE5ymERbEziADxl-r-knkIbQba2byUNfkVCAaCCZDA8UjXzahnQLMFk1sQBoLQG6qQbwWhqo52xGlQ8UuRCZuy3fkSDGiKjoXtxgB&vt=10
Requested by: Host: ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
URL: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 9F9E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1d2903d5ed6caccb908ea88b0b16f0b136765e74cfdeaa19483962fff633c47

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 9F9E 0
45 B 894ms
325ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lflojnzb&c=2222498311175&slotId=1111249155587.5&qqid=CKi4_MmL8_0CFdwKtwAd-q4N4A&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F9E 41 KB
15 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:36:25 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9F9E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

30ms
3ms

Fetch
video/mp4

2404:6800:400f:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEA550E6F8558736B8BDF1CA6A48D17F2F88A62.32F205DD9518EF564687722D5B37CAB2AE9C53F3/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2404:6800:400f:e::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 22:23:19 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3474942
Last-Modified: Wed, 04 May 2022 21:25:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 23 Mar 2023 22:23:19 GMT

Redirect headers

date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
location: https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1FEA550E6F8558736B8BDF1CA6A48D17F2F88A62.32F205DD9518EF564687722D5B37CAB2AE9C53F3/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9F9E 0
45 B 887ms
326ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lflojo12&c=2222498311175&slotId=1111249155587.5&qqid=CKi4_MmL8_0CFdwKtwAd-q4N4A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=622&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.mq
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A2E0 23 KB
9 KB 6ms
4ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 157518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 02:38:01 GMT
expires: Thu, 21 Mar 2024 02:38:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F85A 0
10 B 6ms
3ms Image
text/plain 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kTRuoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame A2E0 36 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 00:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 00:07:25 GMT

GET
H3 206 file.mp4
r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9F9E 3 MB
0 9ms
3ms Media
video/mp4 2404:6800:400f:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400f:e::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 23 Mar 2023 22:23:19 GMT
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3474941/3474942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3474942
last-modified: Wed, 04 May 2022 21:25:51 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame 742A 0
54 B 790ms
326ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lflojnqe&c=1309339722461&slotId=654669861230.5&eee=missing-element&bi=missing-id&vast_v=4.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 742A 29 KB
16 KB 36ms
33ms XHR
text/xml 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BBnARmqDf7lAbjO6rp___m2gDjRAxZOqimhu7DpBA1q1nVhKOPr_DrXOnFYWRoeNeqWxm934JElWumaWUf_zn4j1ZGNA&cry=1&dbm_d=AKAmf-BaAK6FlEU9hqib7hKqlhWyaqg7IMtLy6NdH3D7JZeXV2SDmUtEGb5wqDBEzWcZsiIfkp7UfdgLZCnvV4Y8_3SCMapXPY8Y0cuO_vS20KTt5Ma6P4AfjyGBmWJ3tMHwexRIu7zvTmsNRcVbX3WdydfxLmZbwSdwSorg8eCJoxBEXCbgQL60oUHk790jtje-lV8qodNxQxV6OuJ72ECwn8DdoPZvhyjttxE_yj3xFIAF-818-FF7GgTnoE918nXPvoJFVNVknSSFsNGbT35kdDmjHpLKl1SWAUI7W8KodWbztAe8zrnJAleMXzrwuPAG0AF-0AYR5BA6H4Qa2gb45z73hQo1E-q8MwfAc9HrtVmj8GW8oaEYAestnI1CgxhG9ikdchx9srqOCDAcYcUwIgNi4gj1pXi6OCAJddBYTdlVw2p0qybJVi_szp9lBlMgakBga9h7h1IQW6Cmoyxm9gSitZVExHXZY-BCMEMSnr1qrorW51lX1wfQ_YPkjVzF2UwOG1KbaezL7Cy6PT_Kx8v3fiaosy4y6gY9duIlEBlywhkwRQSNQlE22Wq5Ujn8yeycdP-HiMZO8A_mVEvJmIXISgLaeleth6ovjBYUGln8ABnbvdCvDofvfi6D6A2Jr8sRBQt2qUgnOfqPfTmt6HBuOUaJ_cwLIi_yPeOATvO00UuSxet_dB1kT_NdcpV9Enr90UE28Ilh78-0pm-QlOL0Cyr89nSHpWI4ZoGbw92Ls-NMmDjqtL3RwVncj1UlGtGcshF-78svP_3puvHa_VPeOe2gXcKrpe1awuabJ9IjJQpy_6XnSRqt7B9k-MX6e0TmJ9zDn2rJCQqg9i0c4Hl7eC6rvs6w5-ZTqbPC00pkzlwopyVwBLp3Q_xhj4f_2iPbea1EHdeBVzX-TGX_QKuBBhkLCh7KWATl5NeFAODJ9l1BjQTNBE1GUK9LGOFj_Lki6vjFWWUuK3NwroMN0d1BYigAZaYgqkjqQP71pQUZqh4QC-1H_WZWICWHvfj9lgOv1oQwjrC49G6EQeg52C7rjRy8rU5OvDp-KQY5NkyZ1bNIUat6vTTLp-i6tp2HTZ6Uq4b-IVikkU-A3GTtgGBzsSZA14XxSgB5FiJqKjiX--xrtcIPEXobtyFmUdFXxHpc-Ov4jpcogBULZrhOzHZ72hSdItu1XxRj1pqkm6KDFAre1r_QuH9T3xun4In3Jffk98WOuUoL_bk-_w_WcAtD62i3PnO-WcCU5QCdVADf-KW1RZa0mDdegM-J5kSZKvnvgIzyfG8Bgqum_cPWDj0Pek9p6pNxKMftt-ga6xCRrjWtoHWuz08CTYwSSjHaKWmvCHjIOozYJf0Garyt_mQg3UB1ScyFsqFeJBPAKIFwpLY34fyi-ZAqnzgc0iCF7kuEry2eqWg0tesGlo-ZVk3nSEBOCyVo9o2xhffa8etwKxQG0kZOU3d2YZlahZqJn0PIFArNQt3Tt0efJ1zJxjD5PJFuNDE1Al2iFoqWxsZmohzfg7L-F-0j-smkPrQuKVCX7lqQQr_xeGYUT-v8Dke-o5zyF6ef9r9Ipf7m-KkcL21H7l-lfvPjbB9xBgCe-wwsE2tAOxy-qZAOh-CvTvSagZcbi3d9fFxoaIvoprzPtDff-G4ipZ5_Z8hwTUGd_s1QpB3URSv5xkLN_Y7WOdN7Pdfpju7izTypum1BGQUZQV4upamXhM1ubHTKIo0Lp3X1VjERDGd-OKFA_gIKBfWKEFTrhjGrAHH4KgAmCcX76quXr3QYB00KSZjh6YKV9HHGvrwFPrUkeZHdFHsmFmmuQUAoQl8SpE6VCWeXyk-XPUYk_-ttkZMDyTbZDeek6oijOnF-47zw6Sxv8m4x8tp_oCa9n7i9dXGza8lFx7h6DDfbDsQooq8-pztYho4rravDWf1Cet2KNR8n5Jq7VQlqPG17SD0v_nw1WxFH5Ir_Dnkshi2a8-SgI_N5EtWz2L0zD5XLy20yJzi3iTbmPHeQ5UX6L8wy64DJDG8Me-WYPtQEylxRonw2msU9VRgVv7q8uAdpMzdLavuc3sZwQpynfnWA-H9T05UILa8gyyAEXmLTyfP9HHf1A3L1MQV1aRdVa2tbuJJTFch6EyCIUs_DcWYnfzsMTmEP5iqxqWLYidL7g8jvBQhrKBlj0oTxrd8gY2MEfKyy12gPcpTAXxUllyv4qLgI91F3bv2QbWXtibpsyTJC1I5p0qcGucK571QJrT6PMsyOexhLGcVV1SY_IXpjkVAE6_wXF2WQ20xSMuOaTA3q1jb82RdkP1QqwNbBV8OtYPNT4zR07gpT7M71peeJbk-pQq9atlpCpGzDokfFVSkGynq2uBwwtTsUhCMZovQJO6S36Xzlep1l9VVe0--Hon4IYmScW3PJx7Al9Cf7v9XMKWszkLh7nJAz0fa1RZFgVkbLWPhOeekYkrt7DTmRNhO27Jy37h4RrFgDb66Cx_THErJj0quCKtygQxpYpXvDpvqs27-r2WSs99hI1xOqg5iFGfXWlnTvN5J6zyu6XfAfxeHS1BhAVKopk5Pw3Zl9E38phYXk3xjLP0VQD7i1qcFeOlYAsxGtlysV9ywt-VaFnoSjeDBm-hhW5lcqgKb41sldIPv4gYnQQfUxKPLlzJrjSBiP_Zgc5aIQsl7u_tiQpKKUOT_tVdMa7AM9IsrC6jW_CBOvFVfClZT4ENW8PEDSlWvVzM4FBRBOFeF9Udyejvp7FoMwKu-_Skgij-_nuVDu6-gSuB3RDR4F4hDcs4SqKM1_BzY2xpceTwUHZiAxpM0RB34XWcYMQTVGLkTa3oZr5MtUH_bXnu-jIXwTwD6KCM20qiJyN5eFMQx9daov3V98rYimfzZBtBv3LL0sGB-PYHPM7NiX_eBjtQPssU3kBtsZoiT1jqzJbdNovB5yQb-xy1GUmMG3qs6pqRm5M3IGqr6DwgnLRF4talO2u2JnmivLykkBLw8ayvWeAvGcoGeOCP2oK2hEwKxJ9Gvn3RUv3EOHDAJ5LUUi7pCU4Lgk0bHX1-PdUubT_Y-On06rOcN3FjUnNrWtLmUfdrps7JTG0NgzWv0fs3F-A5nEqBfc_YOSmZS3nm_RCUiVvIz4lWyde35hSoUQtMisf8tbQ5ZtsOkCYSrwGfim_ufjMsRGKqQawohT75EWEVkLFEmONtfV5fpEaFBY5oT-lARXPCb6OMUMMVnzEFEc-PUdT_CwJ6RQUB8pub0NXn0FFgbKw3RgAT9fqWJBzuM83EQYCZIML9nZ3nwFhVtdMuVfL1SpR2vrH7M2gT6esCf4h4jM8Wmdvd14oktbg6m7gaQpxsRW3Kf_SzLqExW4V6xNaEK1hUzfcW3loHHngRdpF1qb1NNttvuL_3ySO0xiAUHpg4xVy8fzHR8iYRhxPi3j7NIDgEtwx5GxZCNLIrN6otg4_fbs4jvvByAb0NtirSp1iSVgdB51Wn9habxqFG0RfXh1taF1nW9orbBD41-F38uxbGlsSVDUA-5JpEHrrSznKEYd_yKqZm9uYAEdrQg2wUDlnJc1oAivH9dyJHfn2jPvztivi4zU0-GpXv8RBguQI8lh1HER8Knu6JLUSm2R8qXYYNuW0-JIHdMiwzlRvsHLbzfZfeSTvZ3zoCETX_GscsDXuqJlT9M1SmNNTnQO9NDCwspaeOrCzIzyftAOXT_cpKXWib6FyhMNWz3yoaWMVzGOKkxP8QGHJHe83qDguZv-RSafgqtxipcNiPspc1NwuEh8rPi6BzjgIM2qewJO&cid=CAQSOwDUE5ymriJOBU6Ka3knQqX629dWMPb5U7-xKcfP6k1Sih7-iaIrqFrLXjKjCqEkQMBwqHhOwRwYFdvDGAE&vpa=auto&vpmute=1&vconp=1&sdkv=h.3.565.0&osd=2&frm=0&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=brid-player&mpv=2.7.18&us_privacy=1---&gdpr=0&sdki=445&ptt=20&adk=3336197051&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.565.0&sid=9C9CA16A-926E-4CCE-9789-204BE5469ED0&nel=0&eid=44748969%2C44765701%2C44770822%2C44777649%2C44781409%2C44781753%2C44782991&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Fbscads.com%2Flogin&dlt=1679610197098&idt=1704&dt=1679610199254&ged=ve4_td2_tt0_pd2_la2000_er335.169.674.771_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

4b8620363494b5339467f48d19185e03ef71b1f6509dfa438934494cd7d00e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16555
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 742A 0
45 B 742ms
326ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lflojo3z&c=1309339722461&slotId=654669861230.5&ghmsh_eids=44748969%2C44765701%2C44770822%2C44777649%2C44781409%2C44781753%2C44782991&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 742A 42 B
64 B 10ms
9ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 742A 0
0 15ms
13ms Image
text/html 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CZ-_pV9EcZO6bBMeL9QPQ05XYBdmZgeRumquso_UQx-XBjt0xEAEgyYubcmC_BaAB172IyijIAQWoAwGYBACqBKMCT9DrxrXSkTOLiK9_3bL47cpW7gGQWwGkRcdm0J98jCo_Ak2o5vOFWHAadJNviMS432VTv8DIifma_w5G6WexAYI6YK03lsqIlDgyPEoP6ldn3xSTLfVECsuCmUKX2A4WTgkxTBNOu06GLcyt4lpen8LLZceF8xD-LBJ0kNGI3MRw6xzg3wbq9pHJAx2dLst2dNMkwXkDFeoXIe045DWXowBlFZFy1nIqkXdebhQS8Kg9ZwfUO1mjcrjCUysaomdvs0ARYqp49vKXpPPi3Fa0oMasKkYPSM9YkAr64QUXZkpmcWv5e7_no7OMh6CmRdQ9p6YjvwbIt6BFhzbxDZQKwM22XrpTgNEhSieu42bwmTUjLEQKDx4475J79LW7wjdOqiBlwAT09o_m-wPgBAOIBdSe1vI_kgULCCIQAhgBSJ7vuwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ0ecTGJ3wztoB0ggPCIBhEAEYHTICigI6AoBAgAoDyAsBsBPI77MSyBPq3pjgA9ATANgTDYgUAtgUAdAVAYAXAbIXHgocCAASFHB1Yi05MDUyOTQ3MjYzMzgxNTA3GIz0bg&sigh=3NaZrzGuNck&cmd=Ch1jYS12aWRlby1wdWItNDA5MDcwNDQwNjYyNjQ5NhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDUE5ymriJOBU6Ka3knQqX629dWMPb5U7-xKcfP6k1Sih7-iaIrqFrLXjKjCqEkQMBwqHhOwRwYFdvDGAE&vt=10&sdkv=h.3.565.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzY5NDQ2MzQxODlAzwEKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDQyNjI3MTkyCTE4Mjk3NzA4M0AoUjMIpQUQDyUAAAhCKAE6CzQ1ODQ3MTQ1My0xQgRHREJNUABaEGVzOXVsNFctQXY2WlZuLUIYAQ..
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 710ms
324ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~lflojnaf&c=1309339722461&slotId=654669861230.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 9F9E 42 B
401 B 54ms
12ms Image
image/gif 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679610199331;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F9E 42 B
64 B 33ms
27ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxA_aVtEcZKi1ItyV3LUP-t22gA7ZmYHkbpqrrKP1EMflwY7dMRABIKeOtUhgvwWgAde9iMooyAEFqAMByAObBKoEjAJP0Kj8Kq99BFi_6aPZs7DZX5vEchiwlDwoBgHI7ibcAXNbJUtn48qq0J0bbrOckrrilIBwqFgrtXBNfeqC9EoGCwE3EdcuQmeMdecwqftoQVAgrmJOrf7KxGnFBHDrh8IDphIifbeuPXvcjDWYuzVIdrMflIB0LhElYsUXagytpmI89Z7mN70D5TPay95-7UyLbO0dsOru_8XOfsbARhhtkQnne9fjsaWeFE846fT-WQePmQLX3IhNz5cXpYMsMhPVpg_MT3N-xWZE8B8HLHDeO6M2-ib0j9l6P8fds9LFNuYC-ypn9-LmunIOg8J-RhOCmH3Ztnyq7fa9UUYWCsPJlWq8pSpfOgGRiWjhwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=K2MVOxxLERQ&label=part2viewed&ad_mt=17&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679610199331

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9F9E 0
529 B 59ms
17ms Image
image/gif 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssxcmDbV7B2078oYQFWx3hbSJEh5EH_7DjXoJaLbHO8g1FPe_lZ_H74ppxzNv9yPgoh3O2Nc6FjhVTEbAJxUJ-BW7rr8D9dW06tdgAaNdJnfJjqHVgKtzWSih_5CnMsKYo_exYMPvevgqRZT2b6PSL16p9Zs9hVhqyxdyM8VkvwTciGQv2ZefZuDcFCjmfe3XX-jR4KS6n_0TFXTTBVB28VLqEsNAi5G2r0oAbzLZF2jbYhYRcSQPevmNd5esiMzCl9ksdVPpb6hsIMz13axZi6afH1uJ0sHN5xtFuMTe9qlyxl02MjC7LceR0fwNqQjlrL0mQsPkEG802wkxHJqGPSmdbBfHRzsgPR_htlCd44zLTRN5zGBu5KeNIUZ42IfImJ3-OV8e4uwoL_hsIbRco1nIbm6dVwvzHHc2LCBFIytxgcDJmmCjcLCJ6pIjwOp_UeM68Y3aYolOMa6JWHqtYTvpaKsQwedXVnljyuUP17wqzfDFQwu7e1wu2LX6UmmJfLCNxc2GAfHwEVxY7Cy_2ArPwCvC6Eu0riQp8FeXEUKGbX2oYYi3Aa8ihELPLmihJbDpMh4N_4ki8vSCH9qM6zWWqJMFlmfdlimeeQgqycHAG_9ygpoC8PvKw6Q_V4GmE5x2WdZWd2VeMSM0Zmb4di3flpXINocTXgAH3jnHUylD23hSXeTYBJWHRh0wSBwTyewJrdFiVvUlIwNRJSHoK6k6fShkhuGsFvw09RTWa_kuOrt43MOn7vcZxfuQWJORKPD7q8zC0g2UbHEhSYgWVj7cR3b1PZNZxYMG0zGANJb0lhCxrJ_iAOiFiOZkNnEhdIczc6phVRlXIZmP5LM6_da7UJbgVUekP3FluuhTaUdwrQTWFTAKTKuJrR8tTmf6afxpAlGN-HQO8Idy4gPVgQ0ZPLhzQjwpYiXIgP3g_F6Rh9KDmemhrXd6TkzjGjDPwM_5lRiU1eZOhoqgM0JkUpYRRwBYMmJRd7Y0Tyk2ev5A-U9DKWWISGQEwv4oqo2k9PgFj-6ZjuSXkd8XiQWdGS8uIQBKNtMUlQ4ePHkQfbLqiqTwx3k6Rf4-pFm2n_wlTqRGNrSITdk5rDdvdojqa71Sl_zcb_fx5MNhdbyPuiU6d9KTzzA3wpucT_F17et2lZPxx1nSt_1MlWxhcjK9l97Cb74duR66VyjfQ-0YlLwIh5k8h1N96JJmqYOA&sai=AMfl-YSKxE-San6DIZ4nLJdjSsUAkZgLvRsXY17Uaddcwl3wBUShWrWspfoNrWApRAxrwB4PyEowOfqHWgzQto4BNxhrba_UjQxmPaSGi3XakhAW6jUN6ellWD4m80ma3SrbAVcK6bsqr5CXar1dUUr3wzw3uNsbiSEHX6YdLe92iQBWNFzAUEjksbqkuI_agbTFPxjsZXfXH-8B-VCWrFdrOyHHowdc1fvrbcJq4xvFowPtcWeKF_gdTQb3J0ot6YFWZ0g8oPH-5GndU9mxJ9OJBSKT1JODMHcj&sig=Cg0ArKJSzCjpvEVTHNNSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

B27771926.335828533;dc_pre=CJrrrsqL8_0CFUaXZgId5_kPIg;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/ Frame 9F9E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CJrrrsqL8_0CFUaXZgId5_kPIg;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rd...

42 B
118 B

23ms
19ms

Image
image/gif

74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CJrrrsqL8_0CFUaXZgId5_kPIg;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?

Protocol

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CJrrrsqL8_0CFUaXZgId5_kPIg;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 9F9E 0
336 B 551ms
174ms Image
text/plain 44.226.153.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=17151922004&creativeid=458471453&siteid=https://bscads.com/login&adid=458471453&advertiserid=905348064
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.153.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-153-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n005-pdx-prod.krxd.net
date: Thu, 23 Mar 2023 22:23:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=89 t=1679610199
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9F9E
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDwh9evAxid8M7aASABMAE&v=APEucNVFWCH8LAznmzbTOir3thi6NsYzluOnJ-82uW7InORADCrfhsrwNvdOQaombbVUH2dZEnGLJFkdVpMGSUN3Q0W9z6AHO_TkqACZhNAN7G7T4ctXHcQ
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZBzRV3kJfCgEUKZYaAKCvAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3r-AsWnJjCcnU6kUhwv18&google_cver=1

43 B
766 B

38ms
35ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3r-AsWnJjCcnU6kUhwv18&google_cver=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 23 Mar 2023 22:23:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF3r-AsWnJjCcnU6kUhwv18&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F9E 0
20 B 28ms
22ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 9F9E 0
336 B 549ms
174ms Image
text/plain 44.226.153.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=${CAMPAIGN_ID}&creativeid=${CREATIVE_ID}&siteid=${SOURCE_URL}&adid=${CREATIVE_ID}&advertiserid=905348064
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.153.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-153-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n017-pdx-prod.krxd.net
date: Thu, 23 Mar 2023 22:23:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1679610199
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos...
ade.googlesyndication.com/ddm/activity/ Frame 9F9E 42 B
107 B 52ms
13ms Image
image/gif 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679610199331;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F9E 42 B
64 B 33ms
28ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukMWC07pzbVV6Ts6DyswceoRWCxmN8kVo0PBlDk4mzRilIVrReWS_GH3IwNNsE524ygSC2fBJWIs_vEOw2O0D9Cj_3uS7e7UeNhjlaAH1rC8nt10anPSgp21sJpy82tm0B1Vg&sai=AMfl-YSoZw_e7ilVu94lhkZ8zEA6WAdAesVrFQilCkCdDjQBBiLorDnXFtd9O2fR-61phU4PrVbOS6Uw5XcBYpzqQcu55dm9Qk9jHirMJbmN3s-Q_eHEWlwlhx-e-X7bgwzhjjczBjak-qOg14Pu&sig=Cg0ArKJSzPiQXi8sGrztEAE&cid=CAQSSwDUE5ymERbEziADxl-r-knkIbQba2byUNfkVCAaCCZDA8UjXzahnQLMFk1sQBoLQG6qQbwWhqo52xGlQ8UuRCZuy3fkSDGiKjoXtxgB&id=lidarv&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D17%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1679610199331&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9F9E 42 B
64 B 30ms
24ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CxA_aVtEcZKi1ItyV3LUP-t22gA7ZmYHkbpqrrKP1EMflwY7dMRABIKeOtUhgvwWgAde9iMooyAEFqAMByAObBKoEjAJP0Kj8Kq99BFi_6aPZs7DZX5vEchiwlDwoBgHI7ibcAXNbJUtn48qq0J0bbrOckrrilIBwqFgrtXBNfeqC9EoGCwE3EdcuQmeMdecwqftoQVAgrmJOrf7KxGnFBHDrh8IDphIifbeuPXvcjDWYuzVIdrMflIB0LhElYsUXagytpmI89Z7mN70D5TPay95-7UyLbO0dsOru_8XOfsbARhhtkQnne9fjsaWeFE846fT-WQePmQLX3IhNz5cXpYMsMhPVpg_MT3N-xWZE8B8HLHDeO6M2-ib0j9l6P8fds9LFNuYC-ypn9-LmunIOg8J-RhOCmH3Ztnyq7fa9UUYWCsPJlWq8pSpfOgGRiWjhwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=K2MVOxxLERQ&label=vast_creativeview&ad_mt=17&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D17%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1679610199331

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9F9E 0
54 B 961ms
649ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lflojo1b&c=2222498311175&slotId=1111249155587.5&qqid=CKi4_MmL8_0CFdwKtwAd-q4N4A&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=622&mt=video%2Fmp4&vs=1024x576&dm=34000&ple=0&umsem=0&event_name=first_play&asset_bytes=196242&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.s1~videopreviewstarted.s3
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230320_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

206

48
r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,ita...

3 MB
0

12ms
3ms

Media
video/mp4

2404:6800:400f:e::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A09D3562033E5487B0B7F577752FCCEB4E69078.0620474B51D06F4708E19BF9D9D14E7EE2724B55/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48?cpn=es9ul4W-Av6ZVn-B&file=file.mp4

Protocol

Server

2404:6800:400f:e::6 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 May 2022 21:25:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-3711702/3711703
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3711703
expires: Thu, 23 Mar 2023 22:23:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-npoeene6.c.2mdn.net/videoplayback/id/6edccd1852eccfc1/itag/692/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1711146199/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A09D3562033E5487B0B7F577752FCCEB4E69078.0620474B51D06F4708E19BF9D9D14E7EE2724B55/key/cms1/cms_redirect/yes/mh/gL/mip/2001:df1:800:a004:1::2/mm/42/mn/sn-npoeene6/ms/onc/mt/1679609811/mv/m/mvi/1/pl/48?cpn=es9ul4W-Av6ZVn-B&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 742A 156 B
142 B 183ms
180ms XHR
text/xml 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fbscads.com_unit&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params=playerid%3D27082&url=https%3A%2F%2Fbscads.com%2Flogin&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fbscads.com%2Flogin&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=9C9CA16A-926E-4CCE-9789-204BE5469ED0&ad_type=audio_video&adk=3336197051&correlator=494696654825428&ctv=0&dlt=1679610197098&dt=1679610199349&gdpr=0&ged=ve4_td2_tt0_pd2_la2000_er335.169.674.771_vi0.0.1200.1600_vp100_ts0_eb24171&idt=1704&is_amp=0&npa=false&omid_p=Google1%2Fh.3.565.0&osd=2&ptt=20&scor=1826279820198723&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&us_privacy=1---&vis=1&u_so=l&eid=44748969%2C44765701%2C44770822%2C44777649%2C44781409%2C44781753%2C44782991&hl=en&frm=0&mpt=brid-player&mpv=2.7.18&sdki=445&sdkv=h.3.565.0&sdr=1&vconp=1&vpa=auto&vpmute=1&nel=0&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&cnc=22853135565&kfa=0&tfcd=0&top=https%3A%2F%2Fbscads.com%2Flogin&loc=https%3A%2F%2Fbscads.com%2Flogin&cookie=ID%3D713e761024aa3d89%3AT%3D1679610198%3AS%3DALNI_MYWuMKE2HKmAGvft80fqKN_ULIizQ&gpic=UID%3D00000bdf727cdb46%3AT%3D1679610198%3ART%3D1679610198%3AS%3DALNI_MZSXWOANNK4Kz0w-m3PT6koJzJC_A&fbidx=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 22:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 742A 42 B
64 B 8ms
7ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2E0 0
20 B 13ms
12ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B_gIpV9EcZIO6Bo6W1Aaen6SIAgAAAAA4AeAEAg&bg=!fn2lfSnNAAbO2UOH7tk7ADkAdvg8Wg2oqSg0_4q87nJgafU__DClEkNHQ1fJTsRt2Jmkb_GZbaDsT0c-DFzC7Mow298rSC46zdYCAAAAn1IAAAACaAEHmQLu0uZ6_fFroD6kfBzmG7gUIs42uAf0dwO4SDCFW1fpo0ixUBp_pKN2JDlckKIiubHKYRSzb-nsx5tOVNFPegIGZqOdctoWqlMukJS8UEJvnU4wD-sD8itrqJzm4SWxwif-HQ5mjavFNjv3yUvvWAMiv8OW6k-4RsPCCINuz49fZj5g-NUopkEbcMiOjYZERTzCCy1rxlFjONMsaEsyRrCzPtECrBZQWy8R9uhEkdsFhEV1MUM-XhYWvTYoYdE8_6fIr2HPm1sSoBXBG2ce7rahMMDu_MaLG18vMLxwU0lJJEwsWi7XSzz-Jwd9-O5XpowlQRk0Bf4aX_C6WPuqwHM3Uf1sMaBZgwCqvvtykqIZAJMglnvxvzI1OenT-m84_iJY6PhY5Tr_oIlFVoYhxu4sY82164mNgpjKON2_cRe9YNQInJ7l50nfDk7P87c48-K9F2Zf9aOnwoSVsJGcCmaeT0kMUAout7HT6hnuLbS35hPVGkBDf3pMmcN61TWk5xXa6SQ3zWDkNBtwG3nbEeM-BXgGlVcck86kBib_2Fafdx_pZYrnWNx5JQikiDPRJfXCRN2WdQJu8vSlbGnbaKW2DrYE1SnwxMtj8SG-ynl7LCbGJIIBBwk4FJ1g7YTcU4xra9XIj-Rk-29TkKVYiE7TiAJ_vDxceiigWABow-jaJFWVo8y2SVPZ-enorjgE8tM9U-sONFM_k3792MEJ8eRmsC285w51rtJEHk1IBPPWCdv5XEKGFe-Zo9JtxT_OzrBcPVjIKsP_qW4bKB8lfKQ-qir2kw6yVnKRUEPGebkfaqzvhM_Ld1iLpl7vl4rjc9-NOpOMlP-HlrkcbdwTORRN6ATPFiDokdD3fIJOIEaC4Q-qI3uhNfurJI5-WYUbSwMnpS7MAvQt8zWAOBqBWFrSc258u22Kte7mQTLBDv-MGYKXI0J-oZaVqfdSbyvyZILMw8y6x4pFSlJZOPo0l5H_YJwJ0itzwEEC9kXEPdS_

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 742A 0
336 B 451ms
173ms Image
text/plain 44.226.153.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=${CAMPAIGN_ID}&creativeid=${CREATIVE_ID}&siteid=${SOURCE_URL}&adid=${CREATIVE_ID}&advertiserid=905348064
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.153.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-153-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n008-pdx-prod.krxd.net
date: Thu, 23 Mar 2023 22:23:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1679610199
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

B27771926.335828533;dc_pre=CKqtssqL8_0CFfqaZgIdFkYC2w;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/ Frame 742A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CKqtssqL8_0CFfqaZgIdFkYC2w;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rd...

42 B
63 B

31ms
17ms

Image
image/gif

74.125.24.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CKqtssqL8_0CFfqaZgIdFkYC2w;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?

Protocol

Server

74.125.24.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f149.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N797029.279382DBMGODADDY10316359/B27771926.335828533;dc_pre=CKqtssqL8_0CFfqaZgIdFkYC2w;dc_trk_aid=527578815;dc_trk_cid=97123117;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 742A 0
338 B 449ms
173ms Image
text/plain 44.226.153.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=w33mjewbl&campaignid=17151922004&creativeid=458471453&siteid=https://bscads.com/login&adid=458471453&advertiserid=905348064
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.226.153.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-153-224.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: beacon-n012-pdx-prod.krxd.net
date: Thu, 23 Mar 2023 22:23:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1679610199
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 742A 41 KB
15 KB 8ms
8ms Script
text/javascript 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:36:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 742A 0
20 B 20ms
12ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 742A 0
64 B 30ms
11ms Image
image/gif 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxtSMnl1KnboOjfYvHKFU1Yq_PXuURqunISXazCyRKxyXBecjT_dhPB76R9ZlS-uhVn2X05pw-_Di10f6dDg3lUyBqk9PoCu7ATL-mcXY4TnmwC_1iuTXY7v9hUTOCA6Ix5UWN4G1eZTBUNO414PMM9g8SZUgmd1dl9i0M3C4KaUVNs4lklJgDaMFabulMIqwyD-AS9OpKCsvauX_771SZt1ZfCbuB6riL7tdXICv1LWQ18Y2O27mWMrb0p847Zt2M1nMj_9WR8DKWLIFlIccccc7TKNjAWbvRzY-qysw1B1UhNltDqpMIgPxUIVXAzRRIoHLxkfCXP4tmhEvCSwbdGjgnzSgsEXMutPD3cBt4ygz1kvda8NO4HHKIVQ1-btVrI9V-WmK-6vgWpB2xQTjWsOE2xh_gVJ7wRQdFYfraAkg3ugSKReo0iIUDiwJCPAiD4BDuwxcEYdgyTGrOJE47s4pxH-pElONhITkqvNg5rkFWgwppYMviw70A0H1wtZ8uAD8ECZLswh_xBLH6O_8PbNMdr05iC98eeR7hQ6hkDfcRi0lCP9I1eufLUJM3Y-jBkxGkNnF61Mv1BN7s-8EE9X4-VHAmCrLbxy_5_cBF4DC8y3Y4YDDDkEk-LFOJQcMhGXW7mdAB-sHbubETCsh3DZ47ar5xJ6G2dESqq3wFjCvsPnIltHir_oFIiKaem5jivceGRKzEgAwW460k1InLkNTsmbgWN3z1hrY0EpQIfViUdqfScdjOEEU1RbqkvPS7-cwEhBDDd8yF0KXdMeas2vPUHoqKtzDsl7rOQfVm23Kc-KmqXk8NIWdStprxbR8fo5RxAMTlfcAkJJ-sE5NjpqApsBFpiBR_MsHAO-cugh4btxW0ACsTfoczwIzBFbRSn08fm3SyVM0Ig_JB8xSvAw_SGnO5rGudy2dPoMuw-cxoBIwX4DlGZ1j0FgNYNw6lF7qfJPaAa6CLGEWeHVFbml9lNiD8Azsmk1r1SLPE0c5bALNkwV-cWPMf7x2oojYHwYVwsHJid3pilCSCFOBYOAEwIc2oaCBTBeRI4AQLrRwMqaw8RlNkAKYCeG3vlu8CAufEaJSYniJ_qOn1NtVv3wTefFNwNc0YvtIOaFh2TSoH9InHXzyZXbZRgUBGAPqsQJgWxHs0q72QKBQYgIyHWeh1Ic__I2R0L-dRkrLeiHYz9o-hv15_4LZFSYvDcTzwg6lz17I4z43fr_7i093-n6Fma03ykmPHzBgAhFOh2Q&sai=AMfl-YQPMcmu2GaLBIRah_hgeHNdfy0kJ3VMIgzj9XomY0eU_IFGhs4LOcYSTXP8jumbAE93pjxlqwZb0xPWhjG8FB-cYFexw6HCe4wlVWmvUdYuWmIK8tmTAXgVqkbIjfd6lqwrMWpeFIqUiFKTyLRPBhZJmjRwfyF_SLfEWDzrOMqyK-ZhWATQ5RMn0jx7r-AJiFX67_oDXsHEFMeLsio5xHqv4I8aXXytxQdZtfXXzRGow11jBvhQ8HAlrT8h5gAMCSvQ&sig=Cg0ArKJSzJfrVltm0gIvEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.565.0&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 742A 0
0 21ms
13ms Image
text/html 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI2VFxDwh9evAxid8M7aASABMAE&v=APEucNViBDeh3ccZ7aacgoakESB0M-5aHNSlP9XIySOpOyv_9NoMi_7HFXcg0ajwDS2e3pFmAi4wQPEm7O3g_4xM09PG-vYQ8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 742A 42 B
64 B 20ms
12ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CokNMV9EcZO6bBMeL9QPQ05XYBdmZgeRumquso_UQx-XBjt0xEAEgyYubcmC_BaAB172IyijIAQWoAwHIAxOYBACqBKYCT9DrxrXSkTOLiK9_3bL47cpW7gGQWwGkRcdm0J98jCo_Ak2o5vOFWHAadJNviMS432VTv8DIifma_w5G6WexAYI6YK03lsqIlDgyPEoP6ldn3xSTLfVECsuCmUKX2A4WTgkxTBNOu06GLcyt4lpen8LLZceF8xD-LBJ0kNGI3MRw6xzg3wbq9pHJAx2dLst2dNMkwXkDFeoXIe045DWXowBlFZFy1nIqkXdebhQS8Kg9ZwfUO1mjcrjCUysaomdvs0ARYqp49vKXpPPi3Fa0oMasKkYPSM9YkAr64QUXZkpmcWuhem3uqPkPtzJWxSoaC1haHubmKkAkZomq7AO7yOW_d6KwQHZ6q7oWyUjoNY7bAtnIjTQU92DPEpIXyf0GQjpxsAARwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=kvNiHsNLDaw&label=vast_creativeview&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26is%3D33554707%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1259%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1679610199310&sdkv=h.3.565.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzY5NDQ2MzQxODlAzwEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDQyNjI3MTkyCTE4Mjk3NzA4M0AoUjYIpQUQDyUAAAhCKAE6CzQ1ODQ3MTQ1My0xQgRHREJNSIEBUABaEGVzOXVsNFctQXY2WlZuLUIYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 742A 42 B
64 B 21ms
13ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstydJ7deczWpJ7yBZchq1vaUXWq5lTF_tx4m4Jnqe7yXq5LwwQ1s912aEiY5GqBrgSQDpgkEU4kLb6ZPpd1fbt7SgNTSjNxtReIgsZ2QwE7ALzzt5Mhv9O_urVrexz8EW2AVn8&sai=AMfl-YRI1-lPPCraVloeFdr2HqhUEeuJsq5gTnqNVR0PdTMI0tldSQw2xjn9fc44_O11f828NQ4eK9zakxdIaZ_Un7LnykzVR3R9gJv8iodDp6l6U-4-lXcmbi2MHQw&sig=Cg0ArKJSzAeehDadk52JEAE&cid=CAQSOwDUE5ymriJOBU6Ka3knQqX629dWMPb5U7-xKcfP6k1Sih7-iaIrqFrLXjKjCqEkQMBwqHhOwRwYFdvDGAE&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26ic%3D33554706%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1261%26pngs%3D9,14,200104c,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1679610199310&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI5sCnyovz_QIVJVNoCh00EwZIEAAYACC7hKBXQhMIrqObyovz_QIVx0V9Ch3QaQVb;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26am...
ade.googlesyndication.com/ddm/activity/ Frame 742A 42 B
107 B 22ms
4ms Image
image/gif 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5sCnyovz_QIVJVNoCh00EwZIEAAYACC7hKBXQhMIrqObyovz_QIVx0V9Ch3QaQVb;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1262%26pngs%3D9,14,200104c,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1679610199310;dc_rfl=0,https%253A%252F%252Fbscads.com%252Flogin%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 742A 42 B
64 B 20ms
11ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CokNMV9EcZO6bBMeL9QPQ05XYBdmZgeRumquso_UQx-XBjt0xEAEgyYubcmC_BaAB172IyijIAQWoAwHIAxOYBACqBKYCT9DrxrXSkTOLiK9_3bL47cpW7gGQWwGkRcdm0J98jCo_Ak2o5vOFWHAadJNviMS432VTv8DIifma_w5G6WexAYI6YK03lsqIlDgyPEoP6ldn3xSTLfVECsuCmUKX2A4WTgkxTBNOu06GLcyt4lpen8LLZceF8xD-LBJ0kNGI3MRw6xzg3wbq9pHJAx2dLst2dNMkwXkDFeoXIe045DWXowBlFZFy1nIqkXdebhQS8Kg9ZwfUO1mjcrjCUysaomdvs0ARYqp49vKXpPPi3Fa0oMasKkYPSM9YkAr64QUXZkpmcWuhem3uqPkPtzJWxSoaC1haHubmKkAkZomq7AO7yOW_d6KwQHZ6q7oWyUjoNY7bAtnIjTQU92DPEpIXyf0GQjpxsAARwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=kvNiHsNLDaw&label=part2viewed&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554707%26i0%3D33554707%26ic%3D0%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1262%26pngs%3D9,14,200104c,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1679610199310&sdkv=h.3.565.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzY5NDQ2MzQxODlAzwEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDQyNjI3MTkyCTE4Mjk3NzA4M0AoUjYIpQUQDyUAAAhCKAE6CzQ1ODQ3MTQ1My0xQgRHREJNSIEBUABaEGVzOXVsNFctQXY2WlZuLUIYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI5sCnyovz_QIVJVNoCh00EwZIEAAYACC7hKBXQhMIrqObyovz_QIVx0V9Ch3QaQVb;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,...
ade.googlesyndication.com/ddm/activity/ Frame 742A 42 B
107 B 21ms
4ms Image
image/gif 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5sCnyovz_QIVJVNoCh00EwZIEAAYACC7hKBXQhMIrqObyovz_QIVx0V9Ch3QaQVb;met=1;acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1265%26pngs%3D9,14,200104c,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1679610199310;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 742A 42 B
64 B 23ms
15ms Image
image/gif 2404:6800:4003:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CokNMV9EcZO6bBMeL9QPQ05XYBdmZgeRumquso_UQx-XBjt0xEAEgyYubcmC_BaAB172IyijIAQWoAwHIAxOYBACqBKYCT9DrxrXSkTOLiK9_3bL47cpW7gGQWwGkRcdm0J98jCo_Ak2o5vOFWHAadJNviMS432VTv8DIifma_w5G6WexAYI6YK03lsqIlDgyPEoP6ldn3xSTLfVECsuCmUKX2A4WTgkxTBNOu06GLcyt4lpen8LLZceF8xD-LBJ0kNGI3MRw6xzg3wbq9pHJAx2dLst2dNMkwXkDFeoXIe045DWXowBlFZFy1nIqkXdebhQS8Kg9ZwfUO1mjcrjCUysaomdvs0ARYqp49vKXpPPi3Fa0oMasKkYPSM9YkAr64QUXZkpmcWuhem3uqPkPtzJWxSoaC1haHubmKkAkZomq7AO7yOW_d6KwQHZ6q7oWyUjoNY7bAtnIjTQU92DPEpIXyf0GQjpxsAARwAT09o_m-wPgBAOQBgGgBnaAB9f12KkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB0yAooCOgKAQIAKA8gLAeALAYAMAbATyO-zEtATANgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=kvNiHsNLDaw&label=admute&ad_mt=0&acvw=sv%3D949%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D11,0,0,0,0%26mtos%3D11,11,11,11,11%26amtos%3D0,0,0,0,0%26mcvt%3D11%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D11%26pst%3D-1%26dur%3D34005%26vmtime%3D-1%26dvs%3D11%26dfvs%3D11%26dvpt%3D11%26is%3D33554707%26i0%3D33554707%26ic%3D4096%26cs%3D33558802%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1265%26pngs%3D9,14,200104c,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,11,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1679610199310&sdkv=h.3.565.0&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw2MzY5NDQ2MzQxODlAzwEKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk1NDQyNjI3MTkyCTE4Mjk3NzA4M0AoUjYIpQUQDyUAAAhCKAE6CzQ1ODQ3MTQ1My0xQgRHREJNSIEBUABaEGVzOXVsNFctQXY2WlZuLUIYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
362 B 19ms
0ms Image
image/gif 52.84.251.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=26042&pr=o&dp=d&b=c&pid=27082&s=640|360&os=w&m=0&apa=1&df=0&ow=31036&pub=p&e=i&aid=27660&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-10.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:03:24 GMT
via: 1.1 70baa6f69f875c9e172c9118322fd6b4.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 11996
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: h4UYUkfs_jsTDwDtt_C2NA_uOX6WRwmjSXS4VwdadOIMhqHSIQw6lA==

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3913 23 KB
9 KB 15ms
5ms Document
text/html 2404:6800:4003:c11::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 157518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 02:38:01 GMT
expires: Thu, 21 Mar 2024 02:38:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3913 36 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 00:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 00:07:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 742A 0
45 B 498ms
327ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lflojo5c&c=1309339722461&slotId=654669861230.5&qqid=CK6jm8qL8_0CFcdFfQod0GkFWw&gqid=V9EcZIHGAoib9QOFp6yABg&fb=ima_html5-lima&sdkv=h.3.565.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=677&mt=video%2Fmp4&vs=960x540&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=692&vsrc=web_video_ads&met.4=ff.lflojo9j
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.565.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3913 0
20 B 14ms
13ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.565.0&bgai=B-0CQV9EcZKa5EKWmoQO0ppjABAAAAAA4AeAEAg&bg=!oKOlo_fNAAbO2UOH7tk7ADkAdvg8WnoZw0UNlx1q01IlfTrF4cQUtKHT1dvYPgSM5mW11QqfoUXD85F0jVSdLlZ7okjsUTYpzJMCAAAAXVIAAAACaAEHCgBVI7kjhfVwCvMfhVCfIYfh8F6V0XZDGeWe4xJ30uM4U8FYYJ3By2eaJg1W268RipJnDLjswYi5QdLRvLdmfB1MbCCS97SS0oUzEdIOm1EFAPrcybCAX5kCzEEbnTkNnslDj8Qf9a_n9ZUqU6uZepFtEugbBm5hvLU-NaXvGDMagcr1LP5XbS0l7sUk4qnVVXzEZST28B7lVO8nOSDyI7wmB5qIFK52AMqOZqSx4Afw1fQ-rLLugGcjOcCi79c2gUbY-Gt49cZehfcN5ZQm-ynmiQsk-Bi_6-AaohjtXakgUpvjBGG0B4A6jLt2Fkztg62RPHSW1r92OEPmUM_U1r_lbBM4LsTR9Jr-6JfJYh7kVm6u9haq2yiXna6xbEqQOWNgTztYx8kDgvpnnt_1QccLwocS0UyJ1VQEz1LVvaCevLSGHgK0tLGe-X1CZasvYyBUAPRPdnqvv6Hr1YE-NXK-Lj4lQCZwyTScoLPpFnXl31DxoJdAh0VrTzI39eJS14MGV5XAdi_LkXukoyr53tTc3YKQHNIAvNd2OQYwgSORrvzgmsGBdd4G8PXcWXJHyI4Rh8UujgBsEYuWxZk30fpZOVg5Pbl9-8fwWRpnF7_AWBCSHaYtbzQ_EZatnhMTK0PRcdFdRXhZMa50U1JNqC933Xwr1Bul2zvsqNec9KBpXZw8OgHn_MEaVT7BxEx188770Mdu8AzbyQCZTlcgcHK0kSzcAvNJwXHSzNMjphq46BGrvNQVwS46LH392r5fjrXX_iIl4JG8ywfUo5gO7Q5EHswUFlhxOcCpyPLlWcP0QSVT7K22Daftdu9KO2oExYLsrfcPaIvh20j5W8pWdmqEkRoVwg8OT2az_IszvIecnpGvv3aZSFJkV0HFY6XBSX6W600IdpztsW6kmjYStIDIPFad0vrzyEuauFS79GG0oHUp-9mTRg0KZtnZgSFrtTIyPXmDZh2WsAPS5EYIW5ROeozqVC0pfh1603sH9tA_PiF0daozVDi_rAETodyT2DIXjkvo405wLDQNzqNHQ4bSghAnNN_gIB2BPq6GjpWByOjFMlwf

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 716ms
648ms Ping
image/gif 2a00:1450:4002:406::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~lflojo65&c=1309339722461&slotId=654669861230.5&met.4=hvd_lc.lflojo65~hvd_src.lflojo65&ps=602x339
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:406::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 9ms
7ms Image
text/html 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023032001&jk=2764391182754604&bg=!UlGlUQXNAAbO2UOH7tk7ADkAdvg8WmLpXrLQ2HDANgzwo2Yzet-kgYr9NM6r1vboogT9sUCTLLAH6BKFVXN33umCviwi5pDeQWECAAAAxVIAAAADaAEHCgDWWRaMFHWx3oPVfZsAU3Od0GwEy3WRliFqdHxvR4KEKWOMmkO2pvjBUXISJ0SkbCu8qK-bVQ-sjVjeDz668d2dNjle6RCXui2M7IB_6KlWbjHxpDpm2_bAqvS--UhyprRGPYaodIUBdrR5OmCoH1tDyAXo-fut_IpSTeofJLyecTzobrfFNH7wTVPOyfDeiMsPN7ZmhGEDTbwPnbjWeuIgck-f8XpECCf-ZnEj3oj682FP2sjp0F0jpyTWub8hgSsPR2Ghtvz1BebbccfFZFj3QUA1t-WzEpkCqoslyFr6vxW7LnMDCIftg-XXRVVxitggJmKOPjL23ZY6f48l9kF9cWAbOkPuwla_6_7vjgQ4n1QSzDoivcyS5-DcX04G8MwrP0sWKHsedSyi4lL2qUXmTMT0eiEZ8gIJmkIxgpmvHNaRug_losEpzjjCPT_7jGPPCVb_4aZPTY7K5hJ8nkeoXVpfDjrOSqnNwVWgjDAtLFFy1KzaXTEXH2Cfc6K3exXoo49G3gXw0z5phQ35wbpN3dbrN7OUAhP1PfUGo-nyAEzu_dQvlpTH2JeqqM_FU5bcy8k-dPTNTkSwASmeXfkP7aj_W2ZDDBK5DL9sfzMQNnrW9qj775zMqZFyxoq56eSmi9OKJ5syEW-1N8Wm0wmguLyz3i_TE6r_aR3s2iSRSGbAViGuqIS0QVBHns16PXMZdcr-qslciTMJgglaWDlEnuy89Bwa2hIAMcRJm8Z-BSC74jpHKmJ4blB_59Zm7Df67W-l-IO43lVOFMeJC9gR784u8PzP_iPVCACTymeVU7_sds7ENiAxKUT1I7tYARre_AvOPMHj0bBqI00fwrBFaRHmJinWaFmUi68ec2a_sITISXK9EJ6hvE833Nu4KtgRhUjEdz3Cx4Xbn_s_bPVHyNoZcmH8YXWBLPbzbFHH8BRNPw4FBbNIalgTAuQmyrLTjqMPctv36IG0RKQGoF0lhuou68lmB2oZcDb1ZjRtr0RXof6DtsrqPpxZF5zWkBme7MdlPW8vaf9_SXSHRwLsfQHePrENkLRBCejWOKXzLS-qKNfOWdvnHfW0oaN2bhFxI8oLuLjuz1fVOKSiwtuRYy43e88pwHkH1VwBv419h1FDAyvQyrZnzIxubp8StVIfgd0Uxa3-R1ZGVOBz6wbvjK6DMoQCJgqxLcXSxkljOheC3vg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0BBF 42 B
64 B 9ms
8ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstferfcPVFUlW_ln3W446jI05dV0JQar6lSLp70uJezoX_FMOrQv1bfOcHdApwwlbeWWceyiditOh41nLDzS_6pA4eKxfELfoqe_9BZ6C1rWO3jEHrWqLZc54GH2BQKwnA0S2g&sai=AMfl-YQohENCYLZDklqXYoZt6CgN8QLKwDH4MZIn0j85BmrJAblw5zRFkbn2yl_b0XMczhciDOyaoM4901Jpu23LyutWOHgbetjAcEdVw-HfhU7uKramwJeeQJA6-jN6WJKtGuq_Xok1OqUcGLUE&sig=Cg0ArKJSzL_DBGYwPvYHEAE&cid=CAQSSwDUE5ymWj60Hy45_e8rrA-Dz50bwKBKdLNG5fe5IWAjp2l0XDj3qOxDU3MQs-AKSkKCLyQuIZaCoU3YiwDmdNa751zIfCTGofAo3xgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=255&tls=1255&g=100&h=100&tt=1255&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 742A 42 B
64 B 14ms
14ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstydJ7deczWpJ7yBZchq1vaUXWq5lTF_tx4m4Jnqe7yXq5LwwQ1s912aEiY5GqBrgSQDpgkEU4kLb6ZPpd1fbt7SgNTSjNxtReIgsZ2QwE7ALzzt5Mhv9O_urVrexz8EW2AVn8&sai=AMfl-YRI1-lPPCraVloeFdr2HqhUEeuJsq5gTnqNVR0PdTMI0tldSQw2xjn9fc44_O11f828NQ4eK9zakxdIaZ_Un7LnykzVR3R9gJv8iodDp6l6U-4-lXcmbi2MHQw&sig=Cg0ArKJSzAeehDadk52JEAE&cid=CAQSOwDUE5ymriJOBU6Ka3knQqX629dWMPb5U7-xKcfP6k1Sih7-iaIrqFrLXjKjCqEkQMBwqHhOwRwYFdvDGAE&id=lidarv&acvw=sv%3D949%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D335,169,674,771%26tos%3D2039,0,0,0,0%26mtos%3D2039,2039,2039,2039,2039%26amtos%3D0,0,0,0,0%26mcvt%3D2039%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2039%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D621%26pst%3D432%26dur%3D34005%26vmtime%3D1811%26dtos%3D2039%26dtoss%3D1%26dvs%3D2028%26dfvs%3D2028%26dvpt%3D2028%26is%3D33554707%26i0%3D33554707%26ic%3D16777217%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%3D200104%26femt%3D590%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D535907261%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pns%3D1%26ptlt%3D3293%26pngs%3D9,14,200104c,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2039,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1679610199310

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D26,1,295,479%26tos%3D2007,0,0,0,0...
ade.googlesyndication.com/ddm/activity/ Frame 9F9E 42 B
63 B 9ms
8ms Image
image/gif 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw8Gdyovz_QIVDgvVCh2eDwkhEAAYACC7hKBXQhMIqLj8yYvz_QIV3Aq3AB36rg3g;met=1;acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D26,1,295,479%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2192%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D25%26pst%3D207%26dur%3D34005%26vmtime%3D2213%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2192%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1679610199331;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9F9E 42 B
64 B 9ms
8ms Image
image/gif 2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukMWC07pzbVV6Ts6DyswceoRWCxmN8kVo0PBlDk4mzRilIVrReWS_GH3IwNNsE524ygSC2fBJWIs_vEOw2O0D9Cj_3uS7e7UeNhjlaAH1rC8nt10anPSgp21sJpy82tm0B1Vg&sai=AMfl-YSoZw_e7ilVu94lhkZ8zEA6WAdAesVrFQilCkCdDjQBBiLorDnXFtd9O2fR-61phU4PrVbOS6Uw5XcBYpzqQcu55dm9Qk9jHirMJbmN3s-Q_eHEWlwlhx-e-X7bgwzhjjczBjak-qOg14Pu&sig=Cg0ArKJSzPiQXi8sGrztEAE&cid=CAQSSwDUE5ymERbEziADxl-r-knkIbQba2byUNfkVCAaCCZDA8UjXzahnQLMFk1sQBoLQG6qQbwWhqo52xGlQ8UuRCZuy3fkSDGiKjoXtxgB&id=lidarv&acvw=sv%3D949%26v%3D20230320%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D26,1,295,479%26tos%3D2007,0,0,0,0%26mtos%3D2007,2007,2007,2007,2007%26amtos%3D0,0,0,0,0%26mcvt%3D2007%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2192%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D25%26pst%3D207%26dur%3D34005%26vmtime%3D2213%26dtos%3D2007%26dtoss%3D1%26dvs%3D2007%26dfvs%3D2007%26dvpt%3D2192%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D736418887%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2007&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1679610199331

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ping.gif
stats-dev.brid.tv/ 0
290 B 5ms
4ms Image
image/gif 52.84.251.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=26042&pr=o&dp=d&b=c&pid=27082&s=640|360&os=w&m=0&apa=1&df=0&ow=31036&pub=p&e=vi&aid=27660&par=i&pp=0&wp=0&at=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.84.251.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-10.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:03:24 GMT
via: 1.1 80a9a66193c3e6350d12faf1c397c974.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 11998
x-amz-cf-pop: SIN5-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: X_3Tv1HIHWfeDkGwudB3qnC1OiGH2DH4gsf3ok2QHzyhFW5G-uVrdg==

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 5ms
4ms Ping
text/plain 2404:6800:4003:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NHE85MP0CS&gtm=45je33m0&_p=516643977&cid=411188628.1679610198&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1679610197&sct=1&seg=0&dl=https%3A%2F%2Fbscads.com%2Flogin&dt=BscAds.com&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHE85MP0CS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://bscads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 22:23:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bscads.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bscads.com/	1969-12-31 23:59:59	Name: EVOSESSID Value: 6ff89d69cbadfac7bb6c97eaee2e57a8
.bscads.com/	1970-01-20 20:09:30	Name: _ga Value: GA1.1.411188628.1679610198
.bscads.com/	1970-01-20 20:09:30	Name: _ga_NHE85MP0CS Value: GS1.1.1679610197.1.0.1679610197.0.0.0
.doubleclick.net/	1970-01-20 20:09:30	Name: IDE Value: AHWqTUnBNm-EZHQyo53z8bnuJwguYvs_4FnozOs4lwanJoHE9O6hXUF9dZqh4dsc-rs
.app.adaround.net/	1970-01-20 11:18:08	Name: tid Value: 96LXCKaJ1ot21waF4yoyOXwahu9Vaw
.bscads.com/	1970-01-20 19:55:06	Name: __gads Value: ID=7b3c277cb6586e0c:T=1679610198:S=ALNI_MaqAV3DwuUyoFDYYBKgYr3DKJC4-w
.bscads.com/	1970-01-20 19:55:06	Name: __gpi Value: UID=00000bdf726d3aef:T=1679610198:RT=1679610198:S=ALNI_MbwubfVsxwANMg_3P-yfw7GzsexIQ
.doubleclick.net/	1970-01-20 10:33:33	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 19:19:06	Name: CMID Value: ZBzRV3kJfCgEUKZYaAKCvAAA
.casalemedia.com/	1970-01-20 12:43:06	Name: CMPS Value: 4897
.casalemedia.com/	1970-01-20 12:43:06	Name: CMPRO Value: 4897
au.adaround.net/	1970-01-20 19:19:06	Name: __au Value: XO2nnAbKIzjDiziWdMaNug%3D%3D
.krxd.net/	1970-01-20 14:52:42	Name: _kuid_ Value: Pc9odFfs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
ads.anura.io
adservice.google.com
adservice.google.com.sg
app.adaround.net
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
au.adaround.net
beacon.krxd.net
bid.g.doubleclick.net
bscads.com
cdn.ampproject.org
cdn.jsdelivr.net
ce53bbfddda1d30e0816d31dc5d3a136.safeframe.googlesyndication.com
cm.g.doubleclick.net
cmp.quantcast.com
code.jquery.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hcaptcha.com
imasdk.googleapis.com
newassets.hcaptcha.com
p.brid.tv
pagead2.googlesyndication.com
pubads.g.doubleclick.net
r1---sn-npoeene6.c.2mdn.net
s0.2mdn.net
script.anura.io
securepubads.g.doubleclick.net
services.brid.tv
stats-dev.brid.tv
supertruco.com
tags.orquideassp.com
tpc.googlesyndication.com
widget.trustpilot.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.hcaptcha.com
104.16.169.131
13.33.33.102
13.33.33.31
139.5.84.243
139.99.103.9
142.250.4.156
18.155.68.36
192.0.78.218
2001:4de0:ac18::1:a:2a
2404:6800:4003:c00::5e
2404:6800:4003:c01::71
2404:6800:4003:c02::61
2404:6800:4003:c02::9b
2404:6800:4003:c03::5f
2404:6800:4003:c03::63
2404:6800:4003:c03::9b
2404:6800:4003:c04::95
2404:6800:4003:c04::9c
2404:6800:4003:c04::9d
2404:6800:4003:c05::9c
2404:6800:4003:c06::65
2404:6800:4003:c11::5f
2404:6800:4003:c11::84
2404:6800:400f:e::6
2600:9000:223b:6600:2:e529:700:93a1
2600:9000:229f:3c00:9:46dc:4700:93a1
2606:4700:3034::6815:4c3d
2606:4700::6810:5514
2a00:1450:4002:406::2003
2a0d:da00:a:4018::
2a0d:da00:a:401c::
44.226.153.224
52.84.251.10
54.254.190.124
74.125.200.156
74.125.24.149
74.125.24.154
74.125.68.155
04c54e0cba9a2d77c842c722580967e43d4b087d6cd2b7dad6a084d0a9a863ff
0c1261638aabb0652def5b7f0df35b89468e8e3002ea09594732fc58ebfdaa11
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e21cab60d153302391fc28c7cc2e16c8150ab3abd923793aa7357db24c81241
1eb6788548f27d73b951b4bc04f26c1a0a00acfe5e5bb82193c097cfd099375d
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
27276db8faef922a4178d9d2eadd730e032a973f5379ddc241f3523e1a8192bd
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2e64e1000d4aacc8dd40f84f9c6aa298766622754c80dd5e0f329a72221d290b
30a3308b931ebea10b6cfadc547a108ef531620b3345a773e07f8dd4ac13387e
31260397b49a0c1315f0addbce02183c63c625f819183763076df7adf4ed29f8
33a135533179b403a70d8a8a0efffcb1ecbd57cbe4cb6b86328e8bf9d01386b6
40a7e755a281ee8fe6bde03565df4c3ae9c352801b56a602b92d64c188fc16ad
444f8c03846f9e15331c26b6e97df23db8ac7a874814853b8c3d8a0e0e18cea9
44e22856c09114ecbb82ddd44fa68238d3414d085baa692a5fe47bb700ae315e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2829524e1ffcfacb15998bbe38941bfbf6110ce8f028d8117efcdbd8273fb
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
495308771f2f55a772b8c8ce9925ba84e4e348bb1822b338f901f83c9ddebed2
49c733544f200fe2483551d84e016d9826d0e6fa5e5fc3a8458becb3956477cb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4aeb3e5a52a68f2e124b7a59fff0905ceeae3b023a8bccadbe06651948424687
4b8620363494b5339467f48d19185e03ef71b1f6509dfa438934494cd7d00e45
52f888c7e318356e9fa4173b6a4bf615994749bb49d156dff286a4332582a16f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
58788a30af68f92836329a22bed11ee437cdcc310cc9697f53d7a06142ad1416
5ae9552d446982cedbbeb56c92ec7461d79f2e7734efa66bd0633e095b12d645
5c19b07da37c37687178e29f0670a6327f66ca60562545a00a79711fcc542d79
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
6649f7fd4521c5911cf4807fa4170b370eece1a5373d24a45800735e91670c66
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b25d67c3a102ece6d250c464075217ba4c387c5a8e71b54f622a15f09f548a4
6fac4ee889db41cd60e93f4b12b758f08b27f389b4e60ed9095fef4ac1249b49
78a0b7266f642f96b673c4065063dba46a80f651ff12352eb82aa877c23b9186
7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049
81213f215c5c386c13ce408768284d753696c19697e34e4c31a9fe95a56b0557
839cadf10d90e8ff26ea723c6259b7ee025c2d5890e6b89d854161c6da0ced7e
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
895270b136a0737a264068bb17b3ca5dfa6fa0243e7763b6b18fc4218554d0ae
8bead66ac0cded59a7beff3c05d1e4323a8ba55527ae6c7b8c47738f113236fe
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
9031eb816cf73159f6ff95cad55dd994ac45381c056f13e9cef41141e7ba347f
9b79076fb7e98e997b9855c2a9f4ff080ea4f2dff021a78a6bb1afd865f1f9a3
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa54fa500658b5ad7c37680e109aa1331df710351eb615bd605bc12fa443ff4d
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
aee407c8156259410d42a2bd3fe6594c28a91e6dd9bd6647fd3b9f63e3d9fdf6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b150d9b4151f7cd309c4c7808de642e3030efcdbc40f3bec35ae1c87e17b111a
b15bc577a7d75d4c2214c54a6930f48f80d289425d0fda7a381e88ba3679d2c7
b1d2903d5ed6caccb908ea88b0b16f0b136765e74cfdeaa19483962fff633c47
b3474f9e42f470faef4db25d456e1370e9cdacef7deab620d90362e86f2d933e
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b732fa78a773915e664b708d41264990b45a9245fe8e1064fafd247ad98c13f2
b9fcd2ac2a0284f6d5c17f8810269345a186d1db3e571af48c17c206f02ee4c3
bc4e743b194d2f57a5ed03d1521d6b0b70e4dfef4ad867a2b59cf2f2b6c317c6
bcc0d426238e27f219faa067fb0a964eca5e7747cdad68e0ae4ea6c4ddc7efa7
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c847711ff48dee7e6da9e66a9d779e98fd972f58829a8d8001ec223b3301e86e
c9a9fd833929d4dc615994a20db855ce81af8661eace68718f685104b6bd72a9
cef283b537b5b439f78780bdfe94561204b0131029ee560a85692813daefcc65
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b2899d4c90c803d5877707cfaa1c2c20ed78422be3118982e5d243f35e392
dcca172fb8956a6cb32cc2e0938b4658afc275ddabe650e890cfdd13924c9d44
ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148
e1c8d0e914fe6e903937889b09ca92511f6fc95d8b46655f231df0db25e9075a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a12b84f9543d5ba3231837c2f2467563405aa66a582b6fc400985f85df49ad
e76a81d16824d3288fd16917a64dd4ed831b530e14f9f9e37b56d014eb585f5e
e80b03fd2a2af6103562feadfeadcd1a1bedcad3fcd4da4f12af14bfbc7bbdf7
e85e88e3c5147dc3710c5f8213be4449a8be2b937c573539332db3d72cc80b8a
eb38566c2d8632c572762df38bfbcf6f9841dc4e6db084a36ade1d8a23ab691b
ed7c8d79c191d80ee8637d87829e915ac0acc819526b573137368ffdacf74ec0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f4a03055e7ff59aacb1ed57cb2d53c64d10b1b9d2cacb2f42be7d6380db63dc4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f912101806c688ff68c1860085b24f38250d5e0d442247b4d569796cab0223b6
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60

bscads.com Open in urlscan Pro 139.99.103.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

95 %HTTPS

61 %IPv6

24 Domains

45 Subdomains

37 IPs

8 Countries

2483 kBTransfer

12594 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bscads.com Open in urlscan Pro
139.99.103.9 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

95 %
HTTPS

61 %
IPv6

24
Domains

45
Subdomains

37
IPs

8
Countries

2483 kB
Transfer

12594 kB
Size

13
Cookies

155 HTTP transactions
4 data transactions