goo.by Open in urlscan Pro
2606:4700:3037::ac43:899a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://goo.by/5932T
Effective URL:
https://goo.by/
Submission: On August 04 via manual (August 4th 2023, 5:48:23 am UTC) from SG — Scanned from SG

Summary HTTP 223 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 29 domains to perform 223 HTTP transactions. The main IP is 2606:4700:3037::ac43:899a, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.by.
TLS certificate: Issued by GTS CA 1P5 on July 22nd 2023. Valid for: 3 months.

This is the only time goo.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3037::ac43:899a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	2404:6800:400... 2404:6800:4003:c05::9b	15169 (GOOGLE) (GOOGLE)
5 11	2404:6800:400... 2404:6800:4003:c11::6a	15169 (GOOGLE) (GOOGLE)
23	2404:6800:400... 2404:6800:4003:c02::5e	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2404:6800:400... 2404:6800:4003:c1a::9a	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c00::5e	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
39	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4003:c02::9b	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4003:c05::66	15169 (GOOGLE) (GOOGLE)
8 25	172.253.118.156 172.253.118.156	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	104.254.151.69 104.254.151.69	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	52.197.138.198 52.197.138.198	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	52.197.225.32 52.197.225.32	16509 (AMAZON-02) (AMAZON-02)
6 6	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
7	2404:6800:400... 2404:6800:4003:c00::95	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
2	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 2	54.198.143.1 54.198.143.1	14618 (AMAZON-AES) (AMAZON-AES)
1 2	23.73.13.34 23.73.13.34	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	103.229.206.241 103.229.206.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.247.47.28 35.247.47.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	2406:da18:929... 2406:da18:929:5a00:d14c:9505:b089:6ff7	16509 (AMAZON-02) (AMAZON-02)
2	142.251.175.157 142.251.175.157	15169 (GOOGLE) (GOOGLE)
223	23

17 2606:4700:3037::ac43:899a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goo.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2404:6800:4003:c05::9b (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c11::6a (Singapore) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2404:6800:4003:c02::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::9a (Singapore)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c00::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4003:c02::9b (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4003:c05::66 (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.253.118.156 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.69 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.197.138.198 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-138-198.ap-northeast-1.compute.amazonaws.com

v9999.adv.admeme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.225.32 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-225-32.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.105.236 (Luxembourg) 6 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4003:c00::95 (Singapore)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.143.1 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-143-1.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.73.13.34 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-34.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.247.47.28 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.47.247.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.232.238.37 (Tokyo, Japan) 2 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da18:929:5a00:d14c:9505:b089:6ff7 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
69	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	671 KB
52	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377	292 KB
29	gstatic.com www.gstatic.com fonts.gstatic.com	641 KB
25	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 3 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724	107 KB
17	goo.by 1 redirects goo.by	204 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	35 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	450 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	9 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 326	191 KB
6	gonet-ads.com 6 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27563	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	3 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4014	61 KB
2	fout.jp 2 redirects sync.fout.jp — Cisco Umbrella Rank: 45195	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1446	650 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 810	3 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 664	725 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 845 s.tribalfusion.com — Cisco Umbrella Rank: 2074	1 KB
2	uncn.jp 2 redirects ds.uncn.jp — Cisco Umbrella Rank: 25239	1 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 573	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 360	2 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	748 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 836	752 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1037	923 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7818	641 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2300	173 B
1	admeme.net 1 redirects v9999.adv.admeme.net — Cisco Umbrella Rank: 19829	306 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 775	542 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	600 B
223	29

	Domain	Requested by
39	tpc.googlesyndication.com	googleads.g.doubleclick.net goo.by tpc.googlesyndication.com pagead2.googlesyndication.com
30	pagead2.googlesyndication.com	goo.by pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
25	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net goo.by
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net goo.by
23	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
17	goo.by	1 redirects goo.by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com goo.by
11	www.google.com	5 redirects goo.by www.gstatic.com www.google.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	cdnjs.cloudflare.com	goo.by
8	www.googletagservices.com	googleads.g.doubleclick.net
8	fonts.googleapis.com	googleads.g.doubleclick.net
7	s0.2mdn.net	goo.by s0.2mdn.net googleads.g.doubleclick.net
6	sync.gonet-ads.com	6 redirects
6	fonts.gstatic.com	www.google.com fonts.googleapis.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	mc.yandex.ru	1 redirects goo.by
2	googleads4.g.doubleclick.net	goo.by
2	sync.fout.jp	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	sync.srv.stackadapt.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	ds.uncn.jp	2 redirects
2	b1sync.zemanta.com	2 redirects
2	x.bidswitch.net	2 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	sync.mathtag.com	1 redirects
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	v9999.adv.admeme.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
223	35

This site contains no links.

Subject Issuer	Validity	Valid
goo.by GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 33 frames:

Primary Page: https://goo.by/
Frame ID: 572BE885340A6D44497D17620FFAD819
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: E48FA6CF87565D32B71F23FF2191F338
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=hwe9gz1srohc
Frame ID: 954662529CFC83340D5FCBD17F42EF70
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1691128096&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128095993&bpp=7&bdt=153&idt=345&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895004425320&frm=20&pv=2&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367
Frame ID: CD9B6FC41ED6D0B8B1B4D2125D5F202E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128096&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128096000&bpp=2&bdt=160&idt=369&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qJtSZNiMYF&p=https%3A//goo.by&dtd=372
Frame ID: B9B9383262B5FB4DE33210A7316430F7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 320F0EE4794CB6F56D8D9CEE1E07396A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280&nras=3&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Eoh7sFq0p5&p=https%3A//goo.by&dtd=36
Frame ID: DC76602AF8F15BD54DCDD31A0069BBA7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41
Frame ID: 9E9FEC79C95706A42F835C77804E0C04
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48
Frame ID: 89B29A02BA2ADDC970AAF16FA1A47ED1
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 63C84DD350F7733C9C906731D3C0D40A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: D8FE441C77E910DCEBE41CE65DD326AF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 57AA02611260F7A829C4F686AFC5FF32
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0765400BB17CB00ABDDD69099B0BF198
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 334F21C9541EE4F296F775C7DFECE66E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 02B49A86982ED26F4A504878CAF33B3A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4B129931E695617BF7436E22F119E17A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B82DBAB414D03C1F8EB826768D3FA67D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C1D277CB47EF29097157E54852B57655
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY2_Dn7QEwAQ&v=APEucNVDcNPnP7bgcM0v0mK3ZQhs0JtxeQfGLf8498Ldy2QkM00S3_xVHyDOMi6UDGncRnLZ__YTI9xqgpjWO2biBMtybvawdUbgMR1hjJiHqVt-20c9vxw
Frame ID: EFEBA18BED30B24C516EFCF1252B96A6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9B7674F61E8D7DD0AD2667D291C7F5EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 009FA01CB1880F54A905D3B7D9BDE4AA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA3512C2EB58BE7EDDD9AFDFDA4C90FA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C670D207D305F681944DBCC7684DDBD5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250
Frame ID: CB57A3EF0C6F331C99B903185F3D7CBE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 8E155FC19268DE6D0A94C8EFAE2DFBBA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: C19A5EACDFA9D62719013FC8F51D58C2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 569EEB0D85F7953ADE6289518CF97DD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 83A5E683E814D499B801223AA48A965C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: D80317912C58FF5C1DC3B93F5DFCF4C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 87FA6D663FC047A49BBEFE3DE83A47BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js
Frame ID: 188A1C66744FF54210D30501A77ADD44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EC7820C137464B89D47C4895110DBED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF17A9862C8F5E056333303B5E911AF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Goo.gl URL Shortener. Shorten URL Free!

Page URL History Show full URLs

https://goo.by/5932T HTTP 301
https://goo.by/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery DevBridge Autocomplete (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/jquery\.devbridge-autocomplete/([0-9.]+)/jquery\.autocomplete(?:.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

223
Requests

90 %
HTTPS

45 %
IPv6

29
Domains

35
Subdomains

23
IPs

6
Countries

2663 kB
Transfer

7177 kB
Size

46
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.by/5932T HTTP 301
https://goo.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 55

https://mc.yandex.ru/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A783891824818%3Ahid%3A880952686%3Az%3A0%3Ai%3A20230804054817%3Aet%3A1691128097%3Ac%3A1%3Arn%3A562666776%3Arqn%3A1%3Au%3A1691128097759324925%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C189%2C1%2C762%2C762%2C1%2C130%2C10%2C%2C%2C%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1691128094885%3Arqnl%3A1%3Ast%3A1691128097%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A783891824818%3Ahid%3A880952686%3Az%3A0%3Ai%3A20230804054817%3Aet%3A1691128097%3Ac%3A1%3Arn%3A562666776%3Arqn%3A1%3Au%3A1691128097759324925%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C189%2C1%2C762%2C762%2C1%2C130%2C10%2C%2C%2C%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1691128094885%3Arqnl%3A1%3Ast%3A1691128097%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0&C=1

Request Chain 142

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMyRIkdfAHzYalHcWf1ItAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKr6jCpKz4JVXOjemkUVwyo&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKr6jCpKz4JVXOjemkUVwyo%26google_cver%3D1

Request Chain 144

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM4OTI3MDkwMjc1NDc2MDUwMA%3D%3D

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJjzfUwU1uA3UzCrGr207AQ&google_cver=1&google_push=AXcoOmS2Mdso4x94QEzba0cER3f1Gjivxhv7owiZFsd1OfGsxlNXqHTzm9zzK0Z67TY3sH_fNvEloGi_eLFn1lf5d-U4q_g9olPh7sw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJjzfUwU1uA3UzCrGr207AQ&google_push=AXcoOmS2Mdso4x94QEzba0cER3f1Gjivxhv7owiZFsd1OfGsxlNXqHTzm9zzK0Z67TY3sH_fNvEloGi_eLFn1lf5d-U4q_g9olPh7sw

Request Chain 150

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDO0Srv1XSYeRVrIGI8OIZM&google_cver=1&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWDI0XkzpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWDI0XkzpA

Request Chain 152

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECNlTfQb7YOhKf8ifa-L8KQ&google_cver=1&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECNlTfQb7YOhKf8ifa-L8KQ&google_cver=1&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw&google_hm=f0mXYU1hQPyvjtv8nKLk5w==

Request Chain 153

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJK86qEv0mahewUikY4bZgA&google_cver=1&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJK86qEv0mahewUikY4bZgA&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI&google_hm=czdWLXdfal9zTVRPUEk4by1ZZ0M=

Request Chain 154

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEOHIkFlufjH8cD-Vg7NJx-Y&google_cver=1&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrHZzjPuqX5ZsEmA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrHZzjPuqX5ZsEmA&google_hm=Aas2iuTBeEzxtKUunXHzZIA

Request Chain 155

https://sync.gonet-ads.com/match/google?google_gid=CAESEOqAy9a5LQprjJQWwj3KG2M&google_cver=1&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZywXzm7VEcliQW HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEOqAy9a5LQprjJQWwj3KG2M&google_cver=1&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZywXzm7VEcliQW&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZywXzm7VEcliQW HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 159

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 162

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELOKuanDYghGJ-j2P046u70&google_cver=1&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7OruwPYnEWRCACuK9B61y-s5cDTu4iGkN6lhU9sqarDu9xxyxm0f9rRX70tI7gfcgPE9ua5MAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7OruwPYnEWRCACuK9B61y-s5cDTu4iGkN6lhU9sqarDu9xxyxm0f9rRX70tI7gfcgPE9ua5MAA

Request Chain 163

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEHawqK-iHqg6Ea7sj3NvhbA&google_cver=1&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8z-rH8hxqirCUqZIAG7YlFVk87QKgUcjgtaZ_KB8Hua63ZaMzWTa6LE_wVFmOVwbiRf7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8z-rH8hxqirCUqZIAG7YlFVk87QKgUcjgtaZ_KB8Hua63ZaMzWTa6LE_wVFmOVwbiRf7&google_hm=ATkw_qfgRkfkvJThtD9c1wI

Request Chain 164

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPrN8mmW-aXuJPOFzlcnnfY&google_cver=1&google_push=AXcoOmS7xW0O3NnpI-qC9jYQYirDoPmC4DfFBc6d-qyS94ZsHghfG-unoMFCiMS4G_IhvAxzzKOyixujHCVXjDcgQCW2lhTqbpMXLLoEXgXG-Assj2hSkVETNEhHbsRAyw8AF3LRyVJnT0ValanKdzgEcWFD15o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Yzg5MzU1NWEtYTc4YS00Yjc2LThjZTctYTg2NTk4YTMzYjdh&google_push=AXcoOmS7xW0O3NnpI-qC9jYQYirDoPmC4DfFBc6d-qyS94ZsHghfG-unoMFCiMS4G_IhvAxzzKOyixujHCVXjDcgQCW2lhTqbpMXLLoEXgXG-Assj2hSkVETNEhHbsRAyw8AF3LRyVJnT0ValanKdzgEcWFD15o HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 165

https://sync.gonet-ads.com/match/google?google_gid=CAESEARmUrKQuc7VfWOPG01TMTU&google_cver=1&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQvYdlNUiywslFVX0DxKFchQltNwek8fOb96Mjq3wvBEqzF0R66DLN1bmJQ30yzc1WHDPA HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEARmUrKQuc7VfWOPG01TMTU&google_cver=1&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQvYdlNUiywslFVX0DxKFchQltNwek8fOb96Mjq3wvBEqzF0R66DLN1bmJQ30yzc1WHDPA&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MTRmYTM4YTg0NzNjZDA0NA&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQvYdlNUiywslFVX0DxKFchQltNwek8fOb96Mjq3wvBEqzF0R66DLN1bmJQ30yzc1WHDPA HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 174

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDujc90WX0XnVZoI121TkHQ&google_cver=1&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq-NdpCg9WMudTufba9K8ehsZxgF7blMu99UMYi0gSxx-mR6wAd3-APS6xofhn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq-NdpCg9WMudTufba9K8ehsZxgF7blMu99UMYi0gSxx-mR6wAd3-APS6xofhn

Request Chain 175

https://um.simpli.fi/gp_match?google_gid=CAESEGFde0yLQSfEHoDcz9MeP84&google_cver=1&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-CfLNwyWEp5yNKQ9xRsOdn63xkPEJls_cZoDk7miqZvnFumb2JCDZeJGbsdbksc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744CB1C1D8244200BE10BFCECAC43CD4&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-CfLNwyWEp5yNKQ9xRsOdn63xkPEJls_cZoDk7miqZvnFumb2JCDZeJGbsdbksc

Request Chain 176

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESED55YeFKy3CaBbx2XuvI_zQ&google_cver=1&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJA1VBQcz1dloeXHzD5AB_3mkNLR46i8lX_0Mpgzi1x7d7-q0xaYkbu-QJskDzsqjGM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJA1VBQcz1dloeXHzD5AB_3mkNLR46i8lX_0Mpgzi1x7d7-q0xaYkbu-QJskDzsqjGM&google_hm=&from_google=pc1

Request Chain 177

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESED55YeFKy3CaBbx2XuvI_zQ&google_cver=1&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5WkqqcYJg7y4FRK6pZCWWtstKbISYKYrN-Ksm4AXkoNpWSOmUs2NRgwV-t7TOU1it0V4lvnlO0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5WkqqcYJg7y4FRK6pZCWWtstKbISYKYrN-Ksm4AXkoNpWSOmUs2NRgwV-t7TOU1it0V4lvnlO0&google_hm=eWJxd19aUzhqVFVYMFpYdjJUdHNVVGJER2tV&from_google=sp1

Request Chain 178

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED_f5pwzZ4jnFAteWjCZ6Ww&google_cver=1&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR_C2N4L-G8WQTseO5lyw9uhiqEJdpu6ZpUmT9fYnWTcp0iOm9DqE5q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR_C2N4L-G8WQTseO5lyw9uhiqEJdpu6ZpUmT9fYnWTcp0iOm9DqE5q&google_hm=eS1yVkJHWHRWRTJwSG15V2Y0d2dwWHZtY28uZGN4M0dven5B

Request Chain 180

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDDpjS8cUtOaofAJgCLogho&google_cver=1&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07JuvWdhv4tT4N4zrzfovAUkvLRjTPs77n7ASuIoHfpU_qRIG_d1miCQxUMzDzFK9c9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07JuvWdhv4tT4N4zrzfovAUkvLRjTPs77n7ASuIoHfpU_qRIG_d1miCQxUMzDzFK9c9

223 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goo.by/
Redirect Chain

https://goo.by/5932T
https://goo.by/

25 KB
8 KB

190ms
189ms

Document
text/html

2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa476efa48384d2f5a63164359a0e6194660621bcec0b5158a0057effd0d08c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f1482a5cd1e3fab-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 04 Aug 2023 05:48:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjX5brn30HKcLMSx2%2B76IDiOG1hJ5EAqKWF03gbLYwciC8YaOXQ1lIttF%2FUTxTeLQ1grQNmDlGI0S2zAKZ1LhVHyRbRpW7yvwcp2esAmI7nvq1IgSPYazQHMpebQ86Xa1j3CWrA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f1482a13f053fab-SIN
content-type: text/html; charset=UTF-8
date: Fri, 04 Aug 2023 05:48:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWFmwZ1Q5ZhK1GML24sLz0vD9kXRRTZ5ityf2%2FYe8UD4ult2J%2F3ZEngb%2FEBPgpih6mEoL5usu%2BdcCFbtwUapbsLNbKkzKC3cNXbJWHLnr7ZtSwWkEB9ACEaSvtVHHrYuMqp080g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 bootstrap.min.css
goo.by/static/css/ 89 KB
16 KB 29ms
29ms Stylesheet
text/css 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/bootstrap.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13250148
etag: W/"626b7a86-1631a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2hfP00U5c1mEOhug3vAGdw%2FO7X7hV1p9QsXkv%2FMRrjfJij02yBpjUYd2o8pD4ZTnbNEPxpT7wzgQHtN1ksfMcn5po9ylM43AsWYn0n7ZzKlrEkPrDyHYcvaqIr%2FhdAy5v%2Fznsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7f1482a70fbd3e2a-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 style.css
goo.by/themes/spartan/ 69 KB
13 KB 37ms
32ms Stylesheet
text/css 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/themes/spartan/style.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13250148
cf-polished: origSize=84847
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:41:48 GMT
server: cloudflare
etag: W/"626b7a9c-14b6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC04A67kD4aY%2B6vbT%2BSsrngoC3VOheOi7sBEKMHRk2WGOZ5Xrqk66nwWs7TjbCYbxNwQPPsfPNhDsClvsNUzKwnR1VGm33sw517nJDu1VyKn3apt8vy1m8qR5ehadR%2BjJpWzmNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7f1482a70fc43e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 components.min.css
goo.by/static/css/ 19 KB
3 KB 38ms
33ms Stylesheet
text/css 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/components.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13250148
etag: W/"626b7a87-4b61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PU4PB9Z078jucXmXuJCSJiayDm370qQA57jGD9%2BP0TshtTLEQJTdmMOD%2Fsnv1GPI7QPDhz6moHKTCSX24CauOUVEdMIIOSSiwf7c%2BiQF%2BacMfHpgrXvyhMIdxg2DSTmDvkbagk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7f1482a70fc63e2a-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-all.min.css
goo.by/static/css/ 56 KB
13 KB 38ms
34ms Stylesheet
text/css 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/css/fa-all.min.css
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13250148
etag: W/"626b7a86-df5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL0PzfWpsxNzGaRpeWDultF6QAR%2B65SsKAxGAFL4XdEBM0wZDdduDx%2B1t4d2KxFl21l1y5oImuTiUaCLH38%2B234n7jc8FJBwO1LYMBvaPB8%2BMxYBgusOj9f9ueoM9Ug8eYxdMC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7f1482a70fc83e2a-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.min.js Show response
goo.by/static/js/ 82 KB
30 KB 39ms
35ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/js/jquery.min.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:41:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13256704
etag: W/"626b7a93-14696"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvr%2FfMz4XoOJRPiSy6kzGjcIll48CDSJuTwO0fTH4CO1cZnTMzvA3EVlv%2BjQaTrlRrj%2FVUSXHl0Svs8PDO6WlQ1Dzhnv6B1rTKCato4h3lf6mMoZ%2Bro%2FKGz6Om%2BukPwO7iSpHTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a70fc93e2a-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.min.js Show response
goo.by/static/ 3 KB
2 KB 40ms
36ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/bootstrap.min.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13256705
etag: W/"626b7a28-d5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn8MPjwago4hcKIAiu%2BlxJWOrvvUobOmN6hggpBnuQkaaYN6dONHu8lTKxWcfuvMoZufjh2AVpt0dpLd0CFKqotT6nS9WjjSMdyR6gESgwMx%2B8crfieXkQO9nvOHjrKGke0cp9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a70fca3e2a-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 application.fn.js Show response
goo.by/static/ 3 KB
2 KB 40ms
36ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/application.fn.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256705
cf-polished: origSize=4361
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-1109"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TS7VvO%2FvoicqHbkbbhJC0hVdDCKWgH8gUJQZCz7SAYUqQlTo6OJK6LxWanKWFYLGFsvzXMW2X0Q5kJGfVD2ip7E%2FpX5XhZwgRRaz5xmyewjNK6HYapadnK9UxGp1HllnFZm1OHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a70fcc3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 datepicker.min.js Show response
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 17 KB
6 KB 51ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.js?v=0.6.4

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5975052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5100
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-4449"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QRJrxvVsSRrcO72NJDPlpDMRPfWto7JmcrbraoyDIFhzlrC5JTNuyAaJ4w1vIqP%2Fd4hAIqh7%2FYa%2FMV2ToR8VCkFh4xirbPHy0E5cxOLyMRheT0M5NeF35Gis85yoDNmZnoMs%2F%2B541p5IjtSr6e4EsEi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f944953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 datepicker.min.css
cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/ 3 KB
1 KB 56ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/datepicker/0.6.4/datepicker.min.css?v=0.6.4

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4257346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 720
last-modified: Mon, 04 May 2020 16:09:23 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e33-d76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jcSq2aa65v5eAEE%2Fnm%2BK14DzPEj0qwTn3JFDu2SMiHenvDLoASEh2CYER35E9CwJVfCUQEuQpLKoqmPtdzKYyoxhRviINxUruPw%2FjLkSw8ZBzzopJNl4oRUK%2FWCU9uBt0MlgyHXJ6EgGCc2rRXMKAoCI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f924953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 chosen.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/ 26 KB
6 KB 55ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 458781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5485
last-modified: Thu, 22 Jun 2023 10:55:27 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "6494289f-156d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkJ2saxbgwOY66quYNIsGE6ftCaLHOD2ddCWBhMbYZ1PDb2r00ZDlgiF1ve7BcmqGoUVxRikXUYWSz5CEuSzU357yDo%2FaWU%2B0cOYwLS4YzEO323fYTE3yfQO6S288rmrRHSbiTSYauQvdjbCKdmAEDyb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f964953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 icheck.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/ 4 KB
2 KB 52ms
10ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1908
last-modified: Tue, 01 Aug 2023 15:38:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64c926ea-774"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye1REaN%2FApaCtP5ozByTvASKnShAjD8XIHwOHXfgh9e8g6jF74TF89EK0fq1T4H12kn4W%2BnLvxslmbNp5%2BwP50ybdSW4SL3IS1FbrYlc0HB2HT4lgX0ALt%2BknMgIaaMc2OdkfrYzEvTlYjMeOPA0wtiy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f984953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/ 10 KB
3 KB 53ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6253071
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2906
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-2824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDYu3QsaLKxYAKjqsxc6NU%2Bmq3iNalcRXvZLUwmRHdkalT%2BOQw%2FBpUb2BHJjIN2%2BjJP1fiEdCdwheHbvZ2FXxaDv4XLPKJkRfAPUod21Wvy8s8iabPZ11CI%2F3GqJn61DV6LKuFNWi2lE7wvipOO2rMFu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f994953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 51ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1918129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCWXSzNQgzWLDZ5ZdCfMqyBbvTGvhfXHWgT4j0Ug1JZIb2QiCj9o6iKK73CP6aW4tn6pMviRQgErKllGhahvW4rMaPZrPM13nZg2WG4oHrXLJRwqHhwD8NRrpHcMiwCj5llDRawZ5Gaa3P9aAHJ4t5EZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f9b4953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 55ms
13ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 542438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Thu, 22 Jun 2023 10:57:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942932-3b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmip8e%2BGAZd2dKAu9xpYno6vikLw%2BqXO8zSvMLOZaSqYytlokcK%2FlL0x0QsROyM4prkFmq9vZlOYgJNvgerI8AQAP6XlJNSC%2F2OdOx%2Fx7zAtcnVeDmCIobCdK9awIcvtPVGH1%2BI3uZhxR5SVxPfFz4h%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f934953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 jquery.autocomplete.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/ 13 KB
4 KB 52ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1749459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3860
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-331b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TyoWK1OItjSNF69vMhL6fpy5NdDZdVO0q1xBbHDWv1kUvu6ty18S8XqZmvLgbdfS8g6LizaXhYlMYpjUR7UK68uAY%2BKX8MoSn8SEGmKtpZU7xyCwfmAVUvi8eptbhX%2FjbvLlHkkaV8locT5VdNdJnwbu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f9c4953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H2 200 pace.js Show response
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/ 25 KB
5 KB 53ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7543509
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5158
last-modified: Mon, 04 May 2020 16:13:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f40-621b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzePs%2Be9t9Pc5bTfKNefWaoS449gko%2BqqmeTW0GDDOP4u5b4IjSwPVtM%2FPb3wi312%2B%2By0Zm%2F3zfMyBFUe5ui4L6yB%2FAz9mhuh41Br0cMlm07D56JZeIt%2BO61Vv5iRSvKQq0dg285FoqYeDEH9gk2QuNx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f1482a74f9d4953-SIN
expires: Wed, 24 Jul 2024 05:48:15 GMT

GET
H3 200 application.js Show response
goo.by/static/ 15 KB
5 KB 39ms
37ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/application.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256704
cf-polished: origSize=19442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:51 GMT
server: cloudflare
etag: W/"626b7a27-4bf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF0D9XQnp5XqquHX0GbZA4QYyCgQH3S7Rdd9Ov7NvtU%2FXh7d6Z15uGUF0rH13S0jJTU8MwrLoBugG3zVlXjUkf0VsXi4y3LRT9jZOzvJxG1QTavue1v4tst2%2BvdXxxZLE1OYLpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a70fcd3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 server.js Show response
goo.by/static/ 8 KB
3 KB 40ms
38ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/server.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256704
cf-polished: origSize=12112
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-2f50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwJlq7wKdjXvs7xtvE0%2Fi0wc9dh4SbPsjyIcOyLkM6F2kMV1D8t%2Bf8LORmDhA%2FAlY%2BlG8Taz1voyrgP7N5cs4CnxBjhNJr97Q3UxsiBnGTgcniUzGYOkvqLffDHxV0ABUTp5kZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a70fce3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 27ms
18ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22d60ecf06846dd1422d3ce4043f4b6709c4d052db55e37853dc8d3c957a0e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50906
x-xss-protection: 0
server: cafe
etag: 10146618775714940865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:15 GMT

GET
H3 200 auto_site_logo.png
goo.by/content/ 3 KB
4 KB 18ms
18ms Image
image/png 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/content/auto_site_logo.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256703
alt-svc: h3=":443"; ma=86400
content-length: 3400
last-modified: Sun, 08 May 2022 12:53:50 GMT
server: cloudflare
etag: "6277bd5e-d48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIDhQTSATGAwDDCBYd2x95tk7F2Ymht9lJw%2Bnnk1AKsO7phKgWdeMi8e1faYUNUzbP8OvfUYkzL1%2BgQy2J78cV7jqCOj9XhKVRSgorDvYtsp65GrYr%2BOh%2FJW%2FsUp9AjQ2%2B9C%2FCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f1482a788693e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
905 B 18ms
8ms Script
text/javascript 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

386528adf81f8cf660dc157133f0e970de8954df99350deffffe33b8de31f72e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 04 Aug 2023 05:48:15 GMT

GET
H3 200 landing.png
goo.by/themes/cleanex/assets/images/ 17 KB
17 KB 19ms
18ms Image
image/png 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/themes/cleanex/assets/images/landing.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645044
alt-svc: h3=":443"; ma=86400
content-length: 17186
last-modified: Fri, 29 Apr 2022 05:44:07 GMT
server: cloudflare
etag: "626b7b27-4322"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odm%2FVQYvC0a630e%2BDCNUn2uSRnrFSBfyICWjD8MQadniI3fDsOohLcpMNDv%2FZaj6oeKf%2FhbJgKN2R0S7eXBqAPagyz4O34Qx99UXXwKUThc1%2BKYs%2F%2BUZ8IdBCDPGmnbgtHAukGw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f1482a7886b3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 profiles.png
goo.by/static/img/ 62 KB
63 KB 15ms
15ms Image
image/png 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://goo.by/static/img/profiles.png
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256703
alt-svc: h3=":443"; ma=86400
content-length: 63985
last-modified: Fri, 29 Apr 2022 05:41:34 GMT
server: cloudflare
etag: "626b7a8e-f9f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euUCjKo9ZfUc6%2F5sN6O5tVMEMr5DZgn6St3kmVZxeELKdEoyrbf8891aLJWrAQkjhvbSnnUqi2jxy%2FRUbFD%2BYtEGa5uOh6MeP0bPsTLafOgV2QQTe21Ar9t6BXp85UBEatvbMFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f1482a7886d3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 main.js Show response
goo.by/themes/spartan/assets/js/ 794 B
700 B 22ms
22ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/themes/spartan/assets/js/main.js
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256703
cf-polished: origSize=869
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:44:04 GMT
server: cloudflare
etag: W/"626b7b24-365"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27VMlQKadguiFX%2BNjQeps1HBJJ6dqte1kVGANo9ulC6p%2Fs93mRGSGEXlRv82hf8KKVkl9R4LTOkAG6GgKaG0UCbFwwbJ9zpNtoxfYdkCLAHffHJMKSDbhLp5HjYqYNcms9Kl8ZU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a7885d3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 server.js Show response
goo.by/static/ 8 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/server.js?v=1.0
Requested by: Host: goo.by
URL: https://goo.by/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256703
cf-polished: origSize=12112
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 29 Apr 2022 05:39:52 GMT
server: cloudflare
etag: W/"626b7a28-2f50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZZhxOB3fLReqTC5C%2F4OpUolssqsGfnWWeZ623KTec8PicGwwfEi%2B3Q4epflCOfd6PnioussYS3MlGKmgNOKXPMinwa8DuZUtCy1koCOazekBh0O76YTAhO1K9e%2Bi1n5KoAJzaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7f1482a788663e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 glyphicons-halflings-regular.woff
goo.by/static/fonts/ 23 KB
23 KB 15ms
15ms Font
font/woff 2606:4700:3037::ac43:899a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.by/static/fonts/glyphicons-halflings-regular.woff
Requested by: Host: goo.by
URL: https://goo.by/static/css/bootstrap.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:899a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://goo.by/static/css/bootstrap.min.css
Origin: https://goo.by
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13256703
alt-svc: h3=":443"; ma=86400
content-length: 23320
last-modified: Fri, 29 Apr 2022 05:41:25 GMT
server: cloudflare
etag: "626b7a85-5b18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBVS36gclE%2Fzh7XhK%2FZbzuwTj8GxCc0zcQCqKPxVEtF0oeZSQsCdzVg3V4W4oSh8B5HxpMWXdTHqR9szRAZkhRP7TIirxpmGG3LfI8H85yl6eZ6b0QP3xR0261QLBpbXuuRaYE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7f1482a7986e3e2a-SIN
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ 434 KB
175 KB 14ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Origin: https://goo.by
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:48:08 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 168 KB
59 KB 979ms
410ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

54de913295caddd62057113241fd1869e9eed6c21dee5a01d3881446888d8f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-eb7b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 60283
expires: Fri, 04 Aug 2023 06:48:16 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/ 361 KB
124 KB 34ms
34ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fc4585241bd0897f43109d55a7558b64c81682d2a1f3163956094c4a2bf885c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126322
x-xss-protection: 0
server: cafe
etag: 13965738639882760386
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame E48F 10 KB
5 KB 5ms
4ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 13787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 01:58:29 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 01:58:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9546 48 KB
26 KB 267ms
267ms Document
text/html 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=hwe9gz1srohc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

395b42007d12f98c2595802e08d4b8f6b710055f4dce5440712cc2bccb0d757c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-seExLNyvusSW9WT49uDE_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26661
content-security-policy: script-src 'report-sample' 'nonce-seExLNyvusSW9WT49uDE_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
600 B 16ms
6ms Script
text/javascript 2404:6800:4003:c1a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=goo.by&callback=_gfp_s_&client=ca-pub-8917830189100721

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::9a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25befbcc2da0e42008fd248de65220af11fac457a7a87fb3375989e06642fea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD9B 613 KB
99 KB 883ms
882ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=293675617&adf=814277786&lmt=1691128096&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fgoo.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128095993&bpp=7&bdt=153&idt=345&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895004425320&frm=20&pv=2&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e158faa38926010d364dba4bf8cb5b902ea90b6f8551c97283db5ccafe0799d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 101583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
48ms Image
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cc-window%20cc-floating%20cc-type-info%20cc-theme-classic%20cc-bottom%20cc-right%20cc-color-override-1971232268%20&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 9546 55 KB
24 KB 13ms
4ms Stylesheet
text/css 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=hwe9gz1srohc

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:40:19 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/ Frame 9546 434 KB
174 KB 15ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178086
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 04:01:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:48:08 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9B9 114 KB
39 KB 570ms
570ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128096&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128096000&bpp=2&bdt=160&idt=369&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qJtSZNiMYF&p=https%3A//goo.by&dtd=372

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f76e1642eaafbd1fae3e91797da53e533b4a6ca12a5548fbeeef234e7f74a6d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39911
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:16 GMT
expires: Fri, 04 Aug 2023 05:48:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9546 2 KB
2 KB 5ms
5ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:58:18 GMT
x-content-type-options: nosniff
age: 64198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 10 Aug 2023 11:58:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9546 15 KB
16 KB 13ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:16:15 GMT
x-content-type-options: nosniff
age: 63121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 12:16:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9546 15 KB
15 KB 14ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:21:50 GMT
x-content-type-options: nosniff
age: 62786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 12:21:50 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9546 102 B
134 B 6ms
6ms Other
text/javascript 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75eed100ba64cb7efd63952190042ba256e4205c270dc83afabfdc90e752b815

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=hwe9gz1srohc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 04 Aug 2023 05:48:16 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9546 33 KB
19 KB 49ms
48ms XHR
application/json 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7f9ff00dd19830d6735c5ca9ea78bf45b4380838919dbac273bec8cfb1be3d14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw&co=aHR0cHM6Ly9nb28uYnk6NDQz&hl=en&v=pCoGBhjs9s8EhFOHJFe8cqis&size=invisible&cb=hwe9gz1srohc
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 04 Aug 2023 05:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19091
x-xss-protection: 1; mode=block
expires: Fri, 04 Aug 2023 05:48:16 GMT

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame B9B9 9 KB
4 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128096&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128096000&bpp=2&bdt=160&idt=369&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qJtSZNiMYF&p=https%3A//goo.by&dtd=372

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:35:13 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame B9B9 9 KB
4 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:32:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B9B9 14 KB
2 KB 20ms
11ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B9B9 2 KB
945 B 20ms
11ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame B9B9 23 KB
9 KB 21ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B9B9 3 KB
1 KB 22ms
13ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame B9B9 20 KB
8 KB 21ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9B9 179 KB
57 KB 1912ms
1895ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame B9B9 33 KB
14 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 320F 143 B
166 B 4ms
4ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128096&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128096000&bpp=2&bdt=160&idt=369&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qJtSZNiMYF&p=https%3A//goo.by&dtd=372
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 37
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:47:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B9B9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0704c0bdbe44fe0fda882aa2f07adfba2272b5eb31019f3d20a5ad9c3066517c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 320F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
162 B 207ms
207ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 04 Aug 2023 06:48:17 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/45619767/
Redirect Chain

https://mc.yandex.ru/watch/45619767?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.ru/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala...

435 B
518 B

213ms
213ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A783891824818%3Ahid%3A880952686%3Az%3A0%3Ai%3A20230804054817%3Aet%3A1691128097%3Ac%3A1%3Arn%3A562666776%3Arqn%3A1%3Au%3A1691128097759324925%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C189%2C1%2C762%2C762%2C1%2C130%2C10%2C%2C%2C%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1691128094885%3Arqnl%3A1%3Ast%3A1691128097%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccf1087f3f646f6c14b1dbdada36293da0ada86f66ae8db97623025960378a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 04-Aug-2023 05:48:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://goo.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Fri, 04-Aug-2023 05:48:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 04-Aug-2023 05:48:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/45619767/1?wmode=7&page-url=https%3A%2F%2Fgoo.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sp2sdh4awvfxhcq9eu02an%3Afp%3A1064%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A783891824818%3Ahid%3A880952686%3Az%3A0%3Ai%3A20230804054817%3Aet%3A1691128097%3Ac%3A1%3Arn%3A562666776%3Arqn%3A1%3Au%3A1691128097759324925%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C189%2C1%2C762%2C762%2C1%2C130%2C10%2C%2C%2C%2C1083%3Aco%3A0%3Acpf%3A1%3Ans%3A1691128094885%3Arqnl%3A1%3Ast%3A1691128097%3At%3AGoo.gl%20URL%20Shortener.%20Shorten%20URL%20Free%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://goo.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 04-Aug-2023 05:48:17 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/ 154 KB
52 KB 16ms
15ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6747ccf8e0e2763740a6b234a02ac70b6556cbe9bb9bb571e5b02187e2dc1b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53436
x-xss-protection: 0
server: cafe
etag: 16725407933402101000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H2 200 ca-pub-8917830189100721 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 80ms
59ms Script
application/javascript 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8917830189100721?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b03f5f8bed117ef9e1385c2f68c780a8f10b912b62723d9dcfd996118810562a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5WXunnEyXN76fyKPxOVopw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-5WXunnEyXN76fyKPxOVopw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC76 107 KB
38 KB 540ms
539ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280&nras=3&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Eoh7sFq0p5&p=https%3A//goo.by&dtd=36

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

486df11abe382b2ded8284a204240162dba66dbadb58e321faa4db7907ff9a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38895
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E9F 23 KB
11 KB 527ms
527ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ac05986bcc67a9d79934f9d85ee03f666e7066e93148821ecf3291e58dae6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11006
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 89B2 121 KB
42 KB 540ms
540ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa4a1d07c1399f4b72322e9d5b55436d3dbbf07574c1c5ddf9e1941a7718e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 63C8 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 13787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 01:58:30 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 01:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame D8FE 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 13787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 01:58:30 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 01:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 57AA 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 13787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 01:58:30 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 01:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/ Frame 0765 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 13787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 01:58:30 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 01:58:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWpgbN_QU50OBtPvSswwyWNgSwDowdedzMLA5IohoOJK7TFPzipmKhyWM3D82h7dY2rvT2rGCtrP23bOkm6yQXYike5lJI7_LJFSiKzkbn1mViVHOxVbTUTIdlXK3oKuUhj1ZvpSA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 30ms
30ms Script
application/javascript 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWpgbN_QU50OBtPvSswwyWNgSwDowdedzMLA5IohoOJK7TFPzipmKhyWM3D82h7dY2rvT2rGCtrP23bOkm6yQXYike5lJI7_LJFSiKzkbn1mViVHOxVbTUTIdlXK3oKuUhj1ZvpSA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMTI4MDk3LDQ5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nb28uYnkvIixudWxsLFtbOCwiNzhjX3BKVWl4dFEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.78c_pJUixtQ.es5.O/d=1/rs=AJlcJMw71NZicNz0TK9NwwWzvKuaxB7l-g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3118642b76000e0989aaf3eb26f05fb030c24779a28e4a73a01d08b59aa13910

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JxIprIFUzTIV5SA122z9WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-JxIprIFUzTIV5SA122z9WQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 63C8 4 KB
767 B 8ms
8ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:04:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63C8 205 B
229 B 10ms
9ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:54 GMT
x-content-type-options: nosniff
age: 64703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 02 Aug 2024 11:49:54 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 63C8 604 B
628 B 10ms
9ms Image
image/png 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:06 GMT
x-content-type-options: nosniff
age: 64811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 02 Aug 2024 11:48:06 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 63C8 15 KB
6 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 16:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 16:51:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 63C8 20 KB
9 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:22:28 GMT

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame D8FE 9 KB
4 KB 9ms
9ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:35:13 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame D8FE 9 KB
4 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:32:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D8FE 14 KB
1 KB 23ms
16ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:08:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D8FE 2 KB
931 B 16ms
7ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame D8FE 23 KB
9 KB 12ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D8FE 3 KB
1 KB 18ms
11ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame D8FE 20 KB
8 KB 17ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8FE 179 KB
56 KB 1322ms
1315ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame D8FE 33 KB
14 KB 18ms
12ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame 57AA 9 KB
4 KB 19ms
13ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:35:13 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame 57AA 9 KB
4 KB 18ms
12ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:32:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 57AA 14 KB
1 KB 19ms
15ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 57AA 2 KB
892 B 22ms
18ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 57AA 23 KB
9 KB 21ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 57AA 3 KB
1 KB 20ms
16ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 57AA 20 KB
8 KB 14ms
10ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57AA 179 KB
56 KB 1331ms
1327ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 57AA 33 KB
14 KB 24ms
21ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame 0765 9 KB
4 KB 15ms
13ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:35:13 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame 0765 9 KB
4 KB 14ms
13ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:32:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0765 14 KB
1 KB 14ms
14ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:08:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 0765 2 KB
892 B 18ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 0765 23 KB
9 KB 18ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 0765 3 KB
1 KB 17ms
16ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 0765 20 KB
8 KB 17ms
16ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0765 179 KB
56 KB 1315ms
1307ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 0765 33 KB
14 KB 20ms
19ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 AGSKWxWGxrTNRmgPqYHvPcYdXIaqBaqKaxqTcUvVEVxJJLeZxE638bwoBj9CO1jACVcjzq3r3ba-2f3ZaWIUuROJj0sX8NaiE209Eu4teUJQR2ZNZlDLZ3lLmJtid5yVmlFHwpfPhb2KWw== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 48ms
42ms Script
application/javascript 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGxrTNRmgPqYHvPcYdXIaqBaqKaxqTcUvVEVxJJLeZxE638bwoBj9CO1jACVcjzq3r3ba-2f3ZaWIUuROJj0sX8NaiE209Eu4teUJQR2ZNZlDLZ3lLmJtid5yVmlFHwpfPhb2KWw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMTI4MDk3LDU3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ29vLmJ5LyIsbnVsbCxbWzgsIjc4Y19wSlVpeHRRIl0sWzksInpoLUNOIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfaca7aab879bf76e0c341666a053105ad38019ec591601d77f6ea0edb5dd9cc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Y53D60RK-UNq1CpzkdyIrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Y53D60RK-UNq1CpzkdyIrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 334F 14 KB
1 KB 9ms
8ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 334F 2 KB
892 B 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 334F 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02B4 143 B
166 B 7ms
5ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:47:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 334F 3 KB
1 KB 5ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 334F 20 KB
8 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 334F 179 KB
56 KB 1278ms
1276ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 334F 33 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4B12 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:47:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B82D 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:47:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1D2 143 B
166 B 4ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 38
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:47:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 02B4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4B12
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

6ms
5ms

Document
text/html

2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B82D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C1D2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

5ms
5ms

Document
text/html

2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
expires: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 42 B
63 B 51ms
50ms Image
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYVrgWiPhGUlAQ5NotNbLDj-YBfPCsAZOozHygVFOI4HOHUtMyZxVzr4jtPUZ1JGmHisROVkV0RbxPUSrvqciYi6VmKpEXDYaIbkno89ffevI1cWM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 0
20 B 51ms
51ms Image
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15336168332831109184&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9E9F 86 KB
29 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 9E9F 3 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 9E9F 20 KB
8 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9E9F 0
0 53ms
52ms Image
text/html 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsNmkXIpRrGnbfmBwG2WOPux0sRJwpneEW5Pxews06N08pc_n5niTthyZ0dJoxt2dTEJYm1ObQ8gtcZJzQFViFHlsYTw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E9F 179 KB
56 KB 910ms
908ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DC76 4 KB
655 B 9ms
8ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280&nras=3&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Eoh7sFq0p5&p=https%3A//goo.by&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:04:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame DC76 2 KB
892 B 8ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame DC76 23 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame DC76 3 KB
1 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame DC76 20 KB
8 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC76 179 KB
56 KB 908ms
906ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame DC76 33 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFEB 645 B
254 B 15ms
15ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY2_Dn7QEwAQ&v=APEucNVDcNPnP7bgcM0v0mK3ZQhs0JtxeQfGLf8498Ldy2QkM00S3_xVHyDOMi6UDGncRnLZ__YTI9xqgpjWO2biBMtybvawdUbgMR1hjJiHqVt-20c9vxw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2ae469cc10e29b7bd733e737170d4c36.js Show response
www.gstatic.com/mysidia/ Frame 89B2 9 KB
4 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ae469cc10e29b7bd733e737170d4c36.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3928
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:35:13 GMT

GET
H3 200 a6ee089312df5653d2fa7f271076db81.js Show response
www.gstatic.com/mysidia/ Frame 89B2 9 KB
4 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6ee089312df5653d2fa7f271076db81.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4173
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:32:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 89B2 14 KB
1 KB 8ms
7ms Stylesheet
text/css 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Aug 2023 05:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 05:08:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 89B2 2 KB
892 B 5ms
3ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 89B2 23 KB
9 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 89B2 3 KB
1 KB 11ms
8ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/ Frame 89B2 20 KB
8 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 13:58:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89B2 179 KB
56 KB 893ms
893ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57430
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690976231057960"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 89B2 33 KB
14 KB 13ms
10ms Script
text/javascript 2404:6800:4003:c02::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:48:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 18:13:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Nov 2023 11:48:07 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9B76 1 KB
643 B 5ms
3ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 64342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 11:55:56 GMT
etag: 48472445140208031
expires: Fri, 04 Aug 2023 11:55:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14253672512839418169/ Frame DC76 62 KB
62 KB 5ms
5ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14253672512839418169/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26fb2241a2f9b9aa0381e946e4f2b45d682857bdd19aad8250e6f0efb1cf8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 00:41:02 GMT
x-content-type-options: nosniff
age: 18436
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63158
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:27:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 00:41:02 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3066397261708365231/ Frame DC76 4 KB
4 KB 8ms
8ms Image
image/jpeg 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3066397261708365231/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002dc6ef6d863abc37366003cb0bc3a181ff0c44e0a5078a72bc286247bc5c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 01:19:01 GMT
x-content-type-options: nosniff
age: 16157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4346
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:27:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Aug 2024 01:19:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EFEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0&C=1

43 B
632 B

43ms
43ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY2_Dn7QEwAQ&v=APEucNVDcNPnP7bgcM0v0mK3ZQhs0JtxeQfGLf8498Ldy2QkM00S3_xVHyDOMi6UDGncRnLZ__YTI9xqgpjWO2biBMtybvawdUbgMR1hjJiHqVt-20c9vxw
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1&gdpr=0&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EFEB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMyRIkdfAHzYalHcWf1ItAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1

43 B
632 B

43ms
43ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY2_Dn7QEwAQ&v=APEucNVDcNPnP7bgcM0v0mK3ZQhs0JtxeQfGLf8498Ldy2QkM00S3_xVHyDOMi6UDGncRnLZ__YTI9xqgpjWO2biBMtybvawdUbgMR1hjJiHqVt-20c9vxw
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIfH8EpXAvz4Gq67UEMeYi8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame EFEB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEKr6jCpKz4JVXOjemkUVwyo&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKr6jCpKz4JVXOjemkUVwyo%26google_cver%3D1

43 B
893 B

187ms
187ms

Image
image/gif

104.254.151.69
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKr6jCpKz4JVXOjemkUVwyo%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCfg1YY2_Dn7QEwAQ&v=APEucNVDcNPnP7bgcM0v0mK3ZQhs0JtxeQfGLf8498Ldy2QkM00S3_xVHyDOMi6UDGncRnLZ__YTI9xqgpjWO2biBMtybvawdUbgMR1hjJiHqVt-20c9vxw

Protocol

Server

104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
an-x-request-uuid: 6f0a3949-d539-4075-a9fe-ee2fedc1364e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 103.254.153.207; 103.254.153.207; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
an-x-request-uuid: 1993fe1e-0968-4d79-8ff3-6cdc9b8a2800
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26gdpr%3D0%26code%3DCAESEKr6jCpKz4JVXOjemkUVwyo%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 103.254.153.207; 103.254.153.207; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFEB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM4OTI3MDkwMjc1NDc2MDUwMA%3D%3D

170 B
188 B

8ms
7ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM4OTI3MDkwMjc1NDc2MDUwMA%3D%3D

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
an-x-request-uuid: 444ee4d0-6068-41c4-9fe4-7609fb8077ca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjM4OTI3MDkwMjc1NDc2MDUwMA%3D%3D
x-proxy-origin: 103.254.153.207; 103.254.153.207; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 0
20 B 52ms
51ms Ping
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9382436471803&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 0
20 B 45ms
45ms Ping
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9382436471803&version=m202307240101&ct=76&x=1&cor=15336168332831110000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9E9F 87 KB
36 KB 52ms
52ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArX7OViOieTASv6MS4iNbJ6N877VlkBHV0JPs8cV0PY0UBaKFNM_zjcasrqo42kOEJOW4OZkP9ic-0yU9aq-LmyxGnb07x24ry3Ds_poDARNDeqcpuCozEfjIV4a6P8QImiIeJnTcTPu3QuH1u2HQnNPG4kti7mQOCL_kp1GN6Ewrh-6U&dbm_d=AKAmf-BoNhSMuhjCOBxcMItbnLj62I0lJ4pDykrAHunPuhSR4E0PV36OU_t8PCl1-G2y1RAV_fR6LsRWvJe6ROBD-36Ht_zc_7L8BpZ-FZvDDzjF3awzUvHqlTN3vtNlOgYYLdaV0zapP6tlPAeS9hD5etvqF878tzlYybCTkYZiEvkSgWyQnXHB0l5--L0e71Bk3dKTqv3eaYJLXVaDLGbx6EbaoEEKvl-aQYEz7WhFkwSEKUng6pvDmf49APYLgYGNt4jP93kCwoW5XLMBF77m2ihNAunfz0WT_6iR8AwaoBgVd-_C9QT7wTLc0buK3Q0z9g5HhWxIm5Dd7YiV0iB3-2zLygeUNccyKO16Iz_r7uhDUVB-Sn26ZP5kbxmaaUu_3NRr9x2FlwU26AJZFGLnpIXYBv5L8Gog_22SDJD1DDL72YjCwAj5NkNRxLxIjpHhsZOk_jrb7jja1oJloj9hpqngiVzbPnBHcPMSLL0wSHsDGqh9qnseNrS6RBlC7u5YqhH6lu00SoQbtRbEJIHJzChl92JuGHFRZLsEKYPHHPSzzQuP15pfnKBUXBONcQnJA4pWKK6EZpTPT-irW3tdzpHwTJPkoGrxmKUPP2HesGSerHExFR2ePWhP2mOahUv8v3fkeElWxDk0C5sKNiyM5btULNDRtN2MxxCOw-a3rZPLTIWMCfk3j7QxlSvCKHFqtM-gjXXqZjvC7TiHCINbhVxgKNIfFFmIxo09lXZERXRyA09abgZ1GPWEaoQw9YMBx0gao0ZNxzTDyxlqLKa7pQ3zjS0W_CMnLGUcX5F8reqaW6fQhwAPUhxZ0vysglS-SykBWZruI4hBRFJ5yILLPykE_D0Js2MldN57kIC28VM74UBqOvgX0Eu2aQj0y7n6Mdl1zVtkk9531LNekgE0LG82NjQ4SQ8QPdpQTumCgtKVYVktAofrjPLrimslkaGMm3JYy-e5LilOr65Qh5q3ra2Ht5mJmMpkSaikTMeTRDzJLPLShL7UQETCKrxYJ1IVUhXgHQrlm_fbm_3toSBvz4SDIH7t2MukYex17aFl3UbrEPmTY0whurbSeAWIBe1IXL14gFsXwDCzskJw57G98P3cMUkCMamyXZ4octhSoyLtjolW2pfO5oc16jNEctlQMV1mLalYrvVpzKeUZnnnqH2ooEx9mMxp-rk5RoP1SlVBe-RqgNMwlsAVs9QcGK7mOv1luNrORbkVc3OaeZ8j4uDbORRny0vq3Mn0dWXABmFNwrAKhRFR6JtgxytV4tBEjfyrS5atSYSrbHzUlNj2JklGH9SDTbzKMpHaKTOR8zjjkShHvXx2ePd3ySjvkYJS8AogXQfK4u1ag27JCj2xhEWg-TsVUB7dZQrm4B-rRpGmmQ_pqBpViIcE_ztzR3tUObLqmLsTtGAe4jQPJrIbsufugG2kuGuc4nne8Tsr1W6aLajHrnD4InTnvD42HkEvnuhsSA_I0R5b2CT8sz6WkUKGXNIm5WpsxGyWvbp01VJFhS-B1VAUoQMdIwYCXFN-CxqNaQahq_nZ09I3GpML-0_JRSOVQiCeUlHX75mz136QKzL7gnk-ALUorg8g_cnlDGd7se3EZUAtIrwbBcSM6RuQzy6t9K5fbuwBwydPjNHN26UFOqvtTrL2dlVXGcpdr1kL1jDcQuyDLVBdcSEidPLNg0YjY202Lb0zBKcw9SK3pG2-DCEd7TyIm_duxRgaeufHI6zpdMHBhzC4DFd2uZEe0oveChgxaNkHOXXFywzU25Gpp0TZ3Iu-h3dUql31ah8sBJtUrz7RW9YoygLNr2AerfxiL7ErzDk3bsctkO-VcFaGNk7pr_4wmnN8rhEYickIGDM6M9TkJfpPjs3GviSt7vpLW5W4XA6lHZjYmZX3M0M-_LHPNwWW6vAGpiD8fkKrdOJzvkZZ2aHuBxC0lMCWwPFrcr9L-1QtlPzoRHUbzyxc8v-9DJo3Of-Y42RD18XQ2gf9d3fh-6hYCpW6-qe6Jom0x5dET5k2iEAP0X4d38utkyFyCIMOeMRCS2SnqoFBu7M260atQO9__o0SK0FbSrzFvoj83JHPI2K5HTl8F4MOnTI_9A5CS5Fcii0q9uNJ9rdu-7haDcSuq7n1ZCGzFbm-t4SCLgO_KrmwUOS0bxY-VRF7tmViNU4jmzeRyydnNzjBlr2YyU-VvpY_RsyKnytj5L6QHB4K7-c9mMyvdsl9RB-ZFJOb880i5ezT5dBqZDDzMOyrXgonciNreAG-Z-NAmNkXHJI4WOhQl8VL-M0nJgIkgETiOXt1cz7PnNhWiKnN7hLqqfF8AsSzLiEqFN7myMiS2TO_Zu9DqAvnYBxAfIArdahuPkIShVw8W-epuvmOSHjDjbpmN3UQzI0J6Fc0Aiko5dA0MhicklyOCqNg1KE8AdZ4rWf1x24QUKoGbrKopnYEs8vEeWiM6Pup7XM7XZVaXfv3EUvrnEyl60iBoxZArv4WkSg1yVjPEyGUxVvaD_7UgJTgIoiCE7cd9vPGC-95yjFINqzXNf-Rc1Gymi0mAhHZHSL8wL0zDZHhWK5Qbc8oym23rRf8c0mAaZZC4qY7-v0DzMa2IfmPVNNRrSw_lihxSpUWYRdIR9MvxezuWgw8cSSEFectZ9dr9izhb4lG7Hg8cU4jDeVqP7XFYo2RGT0prIbD9K8exV8P5X7oBpth2kZ42-jFIq5KRjfsIiw-4gnh1QIdwLDNXB7punhQarHBMR6bPNGE9QZXKdfZCucXi2kywE81tbN0RVqQsPuN17RFgJTPSqqEyhaBKjLGyTWDZ-9Y2RXSvxzV4lPmQVr_Ez4Xk90dXwErROIzVMjjZXUwD7rlCAEDnnxS9FRYkGAgoH7DkfMEGNOGKhHjiqa21F6Dt_fVGGhqvksRr23sg2YsAPhFAy-R4G_-_E4ogL-q4n57bJtUrbNnYlX1u4GdD5kKGt_0RW54uS5XnB4FiJNyCGwCdJtJPViioXqdd04_2hLyoc6Kk5JQ-YlC9cPQutonNdoENypMtDy5ycsGkxaNiTDeg93rB3-Wmw2cVvbHQuBcWmqkFoOxwPvVzKj0zaZfaLaatYZiV2INpLm8g82Tx43Nw3-xBYpTxZH0bh81RiV8Z7kAiDwuZddg4Y4WWPMTO6R975epAShU0r3IBYXLGABlz-IgDXXOJa6puXWs29xytxjywaXakSJanm0gYzrMEBk7U0xPuvigIpEHyJGuRow7_4OiU0geP_0rLmoXnI6KHqr7mTfe2XcZTqXeNM1mGZBt1nUH6CRRUw&cid=CAQSPABpAlJWAsVNNEOyKXxXC23AJQiaioYclSwUBtoOu8EfQ3j8Omrov-YwoOylAxK_A8cAJLgmfTSzHqbJQBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fgoo.by%2F&ds=l&xdt=1&iif=1&cor=15336168332831110000&adk=943508955&idt=27&cac=0&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f5957c55f54d61242e69819383b448ccdd4a8d9deec2af4da568023d6b1f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=600&adk=3715219313&adf=4246272525&pi=t.aa~a.1063380833~rp.2&w=288&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=288x600&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1547&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=578&ady=2316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=M4viGn9Ebe&p=https%3A//goo.by&dtd=41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37000
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DC76 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fda9b73f2c5d5413c253b63a3761ac4becb2d58bb734416d0d20f5de42a36e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B76
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJjzfUwU1uA3UzCrGr207AQ&google_push=AXcoOmS2Mdso4x94QEzba0cER3f1Gjivxhv7owiZFsd1OfGsxlNXqHTzm9...

170 B
188 B

9ms
9ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJjzfUwU1uA3UzCrGr207AQ&google_push=AXcoOmS2Mdso4x94QEzba0cER3f1Gjivxhv7owiZFsd1OfGsxlNXqHTzm9zzK0Z67TY3sH_fNvEloGi_eLFn1lf5d-U4q_g9olPh7sw

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230062-FRA
pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1691128098.488814,VS0,VE99
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJjzfUwU1uA3UzCrGr207AQ&google_push=AXcoOmS2Mdso4x94QEzba0cER3f1Gjivxhv7owiZFsd1OfGsxlNXqHTzm9zzK0Z67TY3sH_fNvEloGi_eLFn1lf5d-U4q_g9olPh7sw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B76
Redirect Chain

https://v9999.adv.admeme.net/drtb/n?google_gid=CAESEDO0Srv1XSYeRVrIGI8OIZM&google_cver=1&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWD...
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWDI0XkzpA

170 B
188 B

8ms
8ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWDI0XkzpA

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AXcoOmSJ25aYM-qmFnl1q5OOtnTcCQDmVR-F4ePY3-tfhp_4EUfBMbAAcOIHCySnRD86QZXlCYhcQpVggE6M2KK5rcs18hWDI0XkzpA
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9B76 0
173 B 30ms
6ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPOC79YZbzTVqxCsTiAui18&google_cver=1&google_push=AXcoOmRio2XCnSygTZc_miD0qPCv0fhW6B4aczZiuk1_BGkjznEuHOR4M4Z1uoF7rjs3vXbXOf9r8lJsd3Gd8TUcgO8XgILTHiMafGQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280&nras=3&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Eoh7sFq0p5&p=https%3A//goo.by&dtd=36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B76
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECNlTfQb7YOhKf8ifa-L8KQ&google_cver=1&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECNlTfQb7YOhKf8ifa-L8KQ&google_cver=1&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEV...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw&google_hm=f0mXYU1hQPyvjtv8nKLk5w==

170 B
188 B

13ms
12ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw&google_hm=f0mXYU1hQPyvjtv8nKLk5w==

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw&google_hm=f0mXYU1hQPyvjtv8nKLk5w==
Date: Fri, 04 Aug 2023 05:48:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B76
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEJK86qEv0mahewUikY4bZgA&google_cver=1&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7M...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEJK86qEv0mahewUikY4bZgA&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7M...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI&google_hm=czdWLXdfal9zTVRPU...

170 B
188 B

9ms
8ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI&google_hm=czdWLXdfal9zTVRPUEk4by1ZZ0M=

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTqwOTatAStwrHNSheaK2r61vQdjn2GkbBwcaJMM5aCEd9NYvRkVxUyeGGqr4tRR7xMxKAOKBeYzcm7MClOmgM7oJ3B-2tKZVI&google_hm=czdWLXdfal9zTVRPUEk4by1ZZ0M=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9B76
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEOHIkFlufjH8cD-Vg7NJx-Y&google_cver=1&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrH...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrHZzjPuqX5ZsEmA&google_hm=Aas2iuTBeEzxtKUunX...

170 B
188 B

10ms
10ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrHZzjPuqX5ZsEmA&google_hm=Aas2iuTBeEzxtKUunXHzZIA

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmRq4QSEwdnZEvVlw1Up1471InbdDwGkQGHnz1WMOG0WnGo6EXMJmES_VzXPYBZx0hlyzH2azDAEBhyCAkPrHZzjPuqX5ZsEmA&google_hm=Aas2iuTBeEzxtKUunXHzZIA
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 233
Content-Type: text/html; charset=utf-8

GET
H3

200

dot.gif
s0.2mdn.net/ Frame 9B76
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEOqAy9a5LQprjJQWwj3KG2M&google_cver=1&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZy...
https://sync.gonet-ads.com/match/google?google_gid=CAESEOqAy9a5LQprjJQWwj3KG2M&google_cver=1&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZy...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push=AXcoOmRB-EaYk6ph0s0bz-sDpJFjRdHlQfEQp-PugJY9zOOWzoCcn3M3toFAQgMzbufNOFGZxU8IDxh-XiPp5SqymfZywXz...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
66 B

6ms
5ms

Image
image/gif

2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:37:09 GMT
x-content-type-options: nosniff
age: 65470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 11:37:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9B76 0
12 B 10ms
5ms Image
text/html 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kyr1sViB_IREIqYdScSBViLupuJfoKqPce71x-9D612k1s0n3FdLGvMJFTYKonniIKAtzWqg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 009F 1 KB
643 B 6ms
4ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 64342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 11:55:56 GMT
etag: 48472445140208031
expires: Fri, 04 Aug 2023 11:55:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 89B2 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea1e2ea7c9a7d251f44bce864460142b2de8f5ae549d58478cf75d1f26581b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 009F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIP...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xv...

43 B
421 B

220ms
203ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f1482b6bd978802-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 29
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEE3ifRq0Vye6vf4XL-AmNhI&google_cver=1&google_push=AXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTK1ey0UakxHFQU7gXg51_jTGHecSK7lYaEQX1B2UyyulrgyYAyWU0ThkcrQOYYDEzfRl3DcqUo968-EJcdNWYObmTn0xvIPbbwQhZHl5IoN5YiJBhuEXEbRsL20L99oekWbNh2m1M1pdg_zgVM3L8DDw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f1482b55a858802-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame 009F 43 B
641 B 217ms
69ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESED1LxDBKaYeJqwHLzOaXTto&google_cver=1&google_push=AXcoOmRJajWygCbsIv-kMukVjo8oWW210syqd2zP13_kDrsEMNu6oQBUgX3WwBKINzuifbAwQQ49adB14Qrh3RBQbm90xdSEj8Ig85KK2uiooopZvTSYzxjEaKT1gwY-QTpN8RHyNkRSaYtAi65pX4UhLe4fPQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 04 Aug 2023 05:48:18 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 009F 43 B
363 B 21ms
6ms Image
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ8cknFCguT0IttoPvbHb6EqKIEmTWAzgH-Trebfq70EJb6V9YgblAzxHfaIBvtMfYLij-T3Ft1aZ9CUoT_U6cMWlSoT76gIMpxq66QSBZxtiHG2SwOfomp0i872lY1Z-i6_HSrO_dv0ubBzXqpep8czg&google_gid=CAESEAABz8sNEKhA2X_AAO4tXSE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 245951
expires: Fri, 04 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 009F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELOKuanDYghGJ-j2P046u70&google_cver=1&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7Or...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7O...

170 B
188 B

8ms
8ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7OruwPYnEWRCACuK9B61y-s5cDTu4iGkN6lhU9sqarDu9xxyxm0f9rRX70tI7gfcgPE9ua5MAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmQZTRLkQbpQEgNrqpx0T2bdbSPHQYuWxka7i7h_VAsVJ0e9V4op7E7sdgnR48pJFr92veeY4Nbu-ofJ7OruwPYnEWRCACuK9B61y-s5cDTu4iGkN6lhU9sqarDu9xxyxm0f9rRX70tI7gfcgPE9ua5MAA
Date: Fri, 04 Aug 2023 05:48:18 GMT
Connection: keep-alive
Content-Length: 300
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 009F
Redirect Chain

https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEHawqK-iHqg6Ea7sj3NvhbA&google_cver=1&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8...
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8z-rH8hxqirCUqZIAG7YlFVk87QKgUcjgtaZ_KB8Hua...

170 B
188 B

8ms
7ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8z-rH8hxqirCUqZIAG7YlFVk87QKgUcjgtaZ_KB8Hua63ZaMzWTa6LE_wVFmOVwbiRf7&google_hm=ATkw_qfgRkfkvJThtD9c1wI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSKsm1dRloHAkN5GEK82GXDO0JID2JSUAINmC-dLLxU-7CYpxVdWdoA2Z1zm3KemYazPPtAwejoQKlA2mbe8z-rH8hxqirCUqZIAG7YlFVk87QKgUcjgtaZ_KB8Hua63ZaMzWTa6LE_wVFmOVwbiRf7&google_hm=ATkw_qfgRkfkvJThtD9c1wI
Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 287
Content-Type: text/html; charset=utf-8

GET
H2

200

report
sync.teads.tv/um/ Frame 009F
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPrN8mmW-aXu...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Yzg5MzU1NWEtYTc4YS00Yjc2LThjZTctYTg2NTk4YTMzYjdh&google_push=AXcoOmS7xW0O3NnpI-qC9jYQYirDoPmC4DfFBc6d-qyS94ZsHghfG-unoMFCiMS4G_Ihv...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

93ms
92ms

Image
image/gif

23.73.13.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48
Protocol: H2
Server: 23.73.13.34 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-34.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Fri, 04 Aug 2023 05:48:18 GMT
pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dot.gif
s0.2mdn.net/ Frame 009F
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEARmUrKQuc7VfWOPG01TMTU&google_cver=1&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQv...
https://sync.gonet-ads.com/match/google?google_gid=CAESEARmUrKQuc7VfWOPG01TMTU&google_cver=1&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQv...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MTRmYTM4YTg0NzNjZDA0NA&google_push=AXcoOmTmHMtA3PvyCmZXRt69L1Up8EMbTTXhVoBk_J3zghTeVziIFosLRkQW0GPMXoRIgOwNIeIti20B7fHzgvfV7pQvYdl...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1NmIyNjE4YTY1MGEyMw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
66 B

5ms
5ms

Image
image/gif

2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:37:09 GMT
x-content-type-options: nosniff
age: 65470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 11:37:09 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 009F 0
12 B 8ms
6ms Image
text/html 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqxcNJ2mHZzpTZyQprl555HUGEsi1c6v4lsxn_XgQNmtjrhQtsaADgi5aKZdIe0FSykQf1pHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9E9F 111 KB
39 KB 27ms
4ms Script
text/javascript 2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64361
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 11:55:37 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/ Frame 9E9F 11 KB
4 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArX7OViOieTASv6MS4iNbJ6N877VlkBHV0JPs8cV0PY0UBaKFNM_zjcasrqo42kOEJOW4OZkP9ic-0yU9aq-LmyxGnb07x24ry3Ds_poDARNDeqcpuCozEfjIV4a6P8QImiIeJnTcTPu3QuH1u2HQnNPG4kti7mQOCL_kp1GN6Ewrh-6U&dbm_d=AKAmf-BoNhSMuhjCOBxcMItbnLj62I0lJ4pDykrAHunPuhSR4E0PV36OU_t8PCl1-G2y1RAV_fR6LsRWvJe6ROBD-36Ht_zc_7L8BpZ-FZvDDzjF3awzUvHqlTN3vtNlOgYYLdaV0zapP6tlPAeS9hD5etvqF878tzlYybCTkYZiEvkSgWyQnXHB0l5--L0e71Bk3dKTqv3eaYJLXVaDLGbx6EbaoEEKvl-aQYEz7WhFkwSEKUng6pvDmf49APYLgYGNt4jP93kCwoW5XLMBF77m2ihNAunfz0WT_6iR8AwaoBgVd-_C9QT7wTLc0buK3Q0z9g5HhWxIm5Dd7YiV0iB3-2zLygeUNccyKO16Iz_r7uhDUVB-Sn26ZP5kbxmaaUu_3NRr9x2FlwU26AJZFGLnpIXYBv5L8Gog_22SDJD1DDL72YjCwAj5NkNRxLxIjpHhsZOk_jrb7jja1oJloj9hpqngiVzbPnBHcPMSLL0wSHsDGqh9qnseNrS6RBlC7u5YqhH6lu00SoQbtRbEJIHJzChl92JuGHFRZLsEKYPHHPSzzQuP15pfnKBUXBONcQnJA4pWKK6EZpTPT-irW3tdzpHwTJPkoGrxmKUPP2HesGSerHExFR2ePWhP2mOahUv8v3fkeElWxDk0C5sKNiyM5btULNDRtN2MxxCOw-a3rZPLTIWMCfk3j7QxlSvCKHFqtM-gjXXqZjvC7TiHCINbhVxgKNIfFFmIxo09lXZERXRyA09abgZ1GPWEaoQw9YMBx0gao0ZNxzTDyxlqLKa7pQ3zjS0W_CMnLGUcX5F8reqaW6fQhwAPUhxZ0vysglS-SykBWZruI4hBRFJ5yILLPykE_D0Js2MldN57kIC28VM74UBqOvgX0Eu2aQj0y7n6Mdl1zVtkk9531LNekgE0LG82NjQ4SQ8QPdpQTumCgtKVYVktAofrjPLrimslkaGMm3JYy-e5LilOr65Qh5q3ra2Ht5mJmMpkSaikTMeTRDzJLPLShL7UQETCKrxYJ1IVUhXgHQrlm_fbm_3toSBvz4SDIH7t2MukYex17aFl3UbrEPmTY0whurbSeAWIBe1IXL14gFsXwDCzskJw57G98P3cMUkCMamyXZ4octhSoyLtjolW2pfO5oc16jNEctlQMV1mLalYrvVpzKeUZnnnqH2ooEx9mMxp-rk5RoP1SlVBe-RqgNMwlsAVs9QcGK7mOv1luNrORbkVc3OaeZ8j4uDbORRny0vq3Mn0dWXABmFNwrAKhRFR6JtgxytV4tBEjfyrS5atSYSrbHzUlNj2JklGH9SDTbzKMpHaKTOR8zjjkShHvXx2ePd3ySjvkYJS8AogXQfK4u1ag27JCj2xhEWg-TsVUB7dZQrm4B-rRpGmmQ_pqBpViIcE_ztzR3tUObLqmLsTtGAe4jQPJrIbsufugG2kuGuc4nne8Tsr1W6aLajHrnD4InTnvD42HkEvnuhsSA_I0R5b2CT8sz6WkUKGXNIm5WpsxGyWvbp01VJFhS-B1VAUoQMdIwYCXFN-CxqNaQahq_nZ09I3GpML-0_JRSOVQiCeUlHX75mz136QKzL7gnk-ALUorg8g_cnlDGd7se3EZUAtIrwbBcSM6RuQzy6t9K5fbuwBwydPjNHN26UFOqvtTrL2dlVXGcpdr1kL1jDcQuyDLVBdcSEidPLNg0YjY202Lb0zBKcw9SK3pG2-DCEd7TyIm_duxRgaeufHI6zpdMHBhzC4DFd2uZEe0oveChgxaNkHOXXFywzU25Gpp0TZ3Iu-h3dUql31ah8sBJtUrz7RW9YoygLNr2AerfxiL7ErzDk3bsctkO-VcFaGNk7pr_4wmnN8rhEYickIGDM6M9TkJfpPjs3GviSt7vpLW5W4XA6lHZjYmZX3M0M-_LHPNwWW6vAGpiD8fkKrdOJzvkZZ2aHuBxC0lMCWwPFrcr9L-1QtlPzoRHUbzyxc8v-9DJo3Of-Y42RD18XQ2gf9d3fh-6hYCpW6-qe6Jom0x5dET5k2iEAP0X4d38utkyFyCIMOeMRCS2SnqoFBu7M260atQO9__o0SK0FbSrzFvoj83JHPI2K5HTl8F4MOnTI_9A5CS5Fcii0q9uNJ9rdu-7haDcSuq7n1ZCGzFbm-t4SCLgO_KrmwUOS0bxY-VRF7tmViNU4jmzeRyydnNzjBlr2YyU-VvpY_RsyKnytj5L6QHB4K7-c9mMyvdsl9RB-ZFJOb880i5ezT5dBqZDDzMOyrXgonciNreAG-Z-NAmNkXHJI4WOhQl8VL-M0nJgIkgETiOXt1cz7PnNhWiKnN7hLqqfF8AsSzLiEqFN7myMiS2TO_Zu9DqAvnYBxAfIArdahuPkIShVw8W-epuvmOSHjDjbpmN3UQzI0J6Fc0Aiko5dA0MhicklyOCqNg1KE8AdZ4rWf1x24QUKoGbrKopnYEs8vEeWiM6Pup7XM7XZVaXfv3EUvrnEyl60iBoxZArv4WkSg1yVjPEyGUxVvaD_7UgJTgIoiCE7cd9vPGC-95yjFINqzXNf-Rc1Gymi0mAhHZHSL8wL0zDZHhWK5Qbc8oym23rRf8c0mAaZZC4qY7-v0DzMa2IfmPVNNRrSw_lihxSpUWYRdIR9MvxezuWgw8cSSEFectZ9dr9izhb4lG7Hg8cU4jDeVqP7XFYo2RGT0prIbD9K8exV8P5X7oBpth2kZ42-jFIq5KRjfsIiw-4gnh1QIdwLDNXB7punhQarHBMR6bPNGE9QZXKdfZCucXi2kywE81tbN0RVqQsPuN17RFgJTPSqqEyhaBKjLGyTWDZ-9Y2RXSvxzV4lPmQVr_Ez4Xk90dXwErROIzVMjjZXUwD7rlCAEDnnxS9FRYkGAgoH7DkfMEGNOGKhHjiqa21F6Dt_fVGGhqvksRr23sg2YsAPhFAy-R4G_-_E4ogL-q4n57bJtUrbNnYlX1u4GdD5kKGt_0RW54uS5XnB4FiJNyCGwCdJtJPViioXqdd04_2hLyoc6Kk5JQ-YlC9cPQutonNdoENypMtDy5ycsGkxaNiTDeg93rB3-Wmw2cVvbHQuBcWmqkFoOxwPvVzKj0zaZfaLaatYZiV2INpLm8g82Tx43Nw3-xBYpTxZH0bh81RiV8Z7kAiDwuZddg4Y4WWPMTO6R975epAShU0r3IBYXLGABlz-IgDXXOJa6puXWs29xytxjywaXakSJanm0gYzrMEBk7U0xPuvigIpEHyJGuRow7_4OiU0geP_0rLmoXnI6KHqr7mTfe2XcZTqXeNM1mGZBt1nUH6CRRUw&cid=CAQSPABpAlJWAsVNNEOyKXxXC23AJQiaioYclSwUBtoOu8EfQ3j8Omrov-YwoOylAxK_A8cAJLgmfTSzHqbJQBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fgoo.by%2F&ds=l&xdt=1&iif=1&cor=15336168332831110000&adk=943508955&idt=27&cac=0&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 14:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:06:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/ Frame 9E9F 30 KB
11 KB 8ms
5ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230802/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 18:09:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11541
x-xss-protection: 0
server: cafe
etag: 12315695366903653922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Aug 2023 18:09:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E9F 41 KB
13 KB 12ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 05:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 260918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 05:19:40 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BA35 1 KB
643 B 8ms
7ms Document
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 64342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 11:55:56 GMT
etag: 48472445140208031
expires: Fri, 04 Aug 2023 11:55:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9E9F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f383a309ed99bef9b6cd7d1b5c7a6be44f48f504843ab50830229a4d0757546a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C670 22 KB
8 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 261519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 05:09:39 GMT
expires: Wed, 31 Jul 2024 05:09:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDujc90WX0XnVZoI121TkHQ&google_cver=1&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq-NdpCg9WMudTufba9K8ehsZxgF7blM...

170 B
188 B

8ms
8ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq-NdpCg9WMudTufba9K8ehsZxgF7blMu99UMYi0gSxx-mR6wAd3-APS6xofhn

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 04 Aug 2023 05:48:18 GMT
Server: MT3 1031 59fd23a master hkg hkg-pixel-x19 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSqecgE_-FIRV1BHl3oCUYVTM8IqoiWwa4nkCNvjRG387L7fZIAqCAXpP3p-AQQVyNmVW0L4MGCbNimQwcq-NdpCg9WMudTufba9K8ehsZxgF7blMu99UMYi0gSxx-mR6wAd3-APS6xofhn
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 04 Aug 2023 05:48:17 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGFde0yLQSfEHoDcz9MeP84&google_cver=1&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-CfLNwyWEp5yNKQ9xR...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744CB1C1D8244200BE10BFCECAC43CD4&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-Cf...

170 B
188 B

7ms
7ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744CB1C1D8244200BE10BFCECAC43CD4&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-CfLNwyWEp5yNKQ9xRsOdn63xkPEJls_cZoDk7miqZvnFumb2JCDZeJGbsdbksc

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 04 Aug 2023 05:48:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=744CB1C1D8244200BE10BFCECAC43CD4&google_push=AXcoOmSl1WshjRGdW74ZrzdoES1B1IZK6SI4Fba1sDkLkL681WxZRuWs-Lv_24xwTJuq_w1o5RzjJS2ehKDL-CfLNwyWEp5yNKQ9xRsOdn63xkPEJls_cZoDk7miqZvnFumb2JCDZeJGbsdbksc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 03 Aug 2023 05:48:18 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESED55YeFKy3CaBbx2XuvI_zQ&google_cver=1&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJ...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJA1VBQcz1dloeXHzD5AB_3mkNLR46i8lX_0Mpgzi1x7d7-q0x...

170 B
188 B

13ms
12ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJA1VBQcz1dloeXHzD5AB_3mkNLR46i8lX_0Mpgzi1x7d7-q0xaYkbu-QJskDzsqjGM&google_hm=&from_google=pc1

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:18 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQiFrVHs50HkAchGIuNVupV5iUB6wzviI6jJZe9nM8Ne4Q5Ua16KQuLyd1FC7aJ4iw_I4PLm_LyeJA1VBQcz1dloeXHzD5AB_3mkNLR46i8lX_0Mpgzi1x7d7-q0xaYkbu-QJskDzsqjGM&google_hm=&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESED55YeFKy3CaBbx2XuvI_zQ&google_cver=1&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5Wkq...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5WkqqcYJg7y4FRK6pZCWWtstKbISYKYrN-Ksm4AXkoNpWSOmUs2NRgwV-...

170 B
188 B

10ms
9ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5WkqqcYJg7y4FRK6pZCWWtstKbISYKYrN-Ksm4AXkoNpWSOmUs2NRgwV-t7TOU1it0V4lvnlO0&google_hm=eWJxd19aUzhqVFVYMFpYdjJUdHNVVGJER2tV&from_google=sp1

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Aug 2023 05:48:18 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTxGDrOnJGBeurBAIWKwyi_owA-CZfj2AvQes4KqdGpcJac4AjF4RRNzlSqqkpIi-_pW5WkqqcYJg7y4FRK6pZCWWtstKbISYKYrN-Ksm4AXkoNpWSOmUs2NRgwV-t7TOU1it0V4lvnlO0&google_hm=eWJxd19aUzhqVFVYMFpYdjJUdHNVVGJER2tV&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESED_f5pwzZ4jnFAteWjCZ6Ww&google_cver=1&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR_C2N4L-G8WQTseO5lyw9uhiqEJdpu6ZpUmT9fY...

170 B
188 B

13ms
10ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR_C2N4L-G8WQTseO5lyw9uhiqEJdpu6ZpUmT9fYnWTcp0iOm9DqE5q&google_hm=eS1yVkJHWHRWRTJwSG15V2Y0d2dwWHZtY28uZGN4M0dven5B

Requested by

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 04 Aug 2023 05:48:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSqcUpvCs2Y1y0uo7t7oO16NMTcxu_lHWWGxWAhZEMnEuQIBrLeiqdC1c3qIC5miu1MgVkD58tn7y3Y3JYM8W31FBR_C2N4L-G8WQTseO5lyw9uhiqEJdpu6ZpUmT9fYnWTcp0iOm9DqE5q&google_hm=eS1yVkJHWHRWRTJwSG15V2Y0d2dwWHZtY28uZGN4M0dven5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BA35 43 B
362 B 7ms
4ms Image
image/gif 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTWGjJUKcpsUUs_1BGUPDGln-O1DT0H3DsATzUoSMoKQk1sWwhFq3G5IgUC0L8lEJclT4-afBTryTqFqr4veC4-NlWSbJXbqhCbcG-a4hqwFBRKEhOdyVhDygAfOPEgKBfB6CMSoeHq-SxB&google_gid=CAESEPIkPMdgv9StFGXFahPDRWA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:17 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 202740
expires: Fri, 04 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BA35
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEDDpjS8cUtOaofAJgCLogho&google_cver=1&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07JuvW...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07Juv...

170 B
188 B

11ms
11ms

Image
image/png

172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07JuvWdhv4tT4N4zrzfovAUkvLRjTPs77n7ASuIoHfpU_qRIG_d1miCQxUMzDzFK9c9

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kObEIUrYWopTuGTcQ5xBn2f-mc8&google_push=AXcoOmTmf75mtsbildLH_OlrFhwJ9VVcd4EZHaPXBWaANPnMOPQo0QnOhlQl56VP5vkYxz092Hade86nX07JuvWdhv4tT4N4zrzfovAUkvLRjTPs77n7ASuIoHfpU_qRIG_d1miCQxUMzDzFK9c9
Date: Fri, 04 Aug 2023 05:48:19 GMT
Connection: keep-alive
Content-Length: 290
Content-Type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BA35 0
12 B 8ms
6ms Image
text/html 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IcQXfA4ZRfOPkq9H0re4aldfJ9QkNvwLn0tV7Z4--ZS7XdZVPTItbyYN07nnZOFZ6na6eh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/862388148268265876/ Frame CB57 6 KB
2 KB 14ms
5ms Document
text/html 2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a2d07e69c3f1d2be6a03c10c538b3582281c2f7c20424ffffb8e899685b8caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 58822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2369
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:27:56 GMT
expires: Fri, 02 Aug 2024 13:27:56 GMT
last-modified: Mon, 12 Jun 2023 12:14:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E9F 0
0 80ms
57ms Fetch
image/gif 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBTIzghRoZBQCC6D6MvfxbqxTKm0ra-nvlQTmdz01xECGOQuRTZSQRR5CoVBLhFbZd46X2WSrEfIpxhCngMXv0ANcc7NY8PA3f7fEaySjlKZdouyCROM93HserzbmTTB6jtIbEMLWW00KJQ_ezCK6n7_qzEa2QXisLGNEH02mcF0ZJp63dEu5wkT5nu8_LfGOy_Yf3I0-AsRlCz0vaOXix3OpqMC4FhUomx4AMMUEcHM18dee7FVjG559_GzD6d8qb1yiVxiZne41LnX1JzWZQcuQB-8l1YeD70l_qk_sJUObnKUGBdn3xxSLJ7FQrEVPP134jUDvFc7i2JCFfJOg1OWk_DhR8q9vXZofydPhhupXOoRJ7fUV1gKc85TBdO2xEMz4A6zPny8tjJnptB3_Edhu6d6bMYR1nqDt6cpxl8qjHQ6CyrTsrQV89LBIUVyWNVYd-5t5ZJCAcuyZORCIhZxDjqvu43N2n0NMiJ7e3HMbzAosJ6Lf5T2ktmRPDWA0cs7Db3MmWb3jL2je9mP5IsU1mKgug1dFjWxRObspNIFv8bzkSEwzthXNPgWiFD7AiYrwj6uBc2Y-X6-tLJnI4wXpRsHfykQT5mUNbwole6Lb0gU1qKuO3MliT_RsR90jn4SxhB8ll6rRQhAGuXV3VEIIs9AF-gzrFm1pDNcA9MfTZGnbbZW6YAY-gWht7qc4TkrqvNHn-CkOtOu45b1aCi17RHZQTMAKkIReOEwsTEV4zdyb2gwEeFGD6PSDp21SB-qPsYQx8ZrE5COkz9aSnkY_fZH31ipMr5Nve1C7UuBcqXfUIP1MGCqxtEHW6O9wyLzOSIE12uZJB_yZtUtKLrI7DWNozMgK1Xgd7LqxGM8_EkBKqJE6UKNev53E1uxNG_G2jvJyCw7U54aG5o4aSXYsJJxjSLREieFzskSBC41Npl18UVTuFHM_avKMbZBKnUlBNJcDRzRfb9ygIy9r_1L--EjUE0ZNCXp2-_ptn_YWGuA1PJL_WbeRrO_lUHqYQexr7N6B2GOcOwVfkJMVJnR1xxAgbhGvBbbOK2hD7BY2Fal4OKQhJA7_nCcHt7syBdPPco9g_F5N--Tl6MQiavuMUNJ8oUxj08-Ouih9bDN0F8tB8ZHCqw1iAv2X1n7FcYPKg9YvVlpkAUMeQeRye48TUGwnWPRQBRohO8d_8fDaLFwbMiH4zwCJqjgIWgqTezVj86neoriU95qWz&sai=AMfl-YRUv__E8nI28m4e7ddVLd-q0d-BuzHvg5pHhPB_zY5IeuG6rgdVkUGWjOaYO78uEdx4ZCvFfgh_A31sTubxJFfUrslXrLNnfP3SMqgCDjm2fTQNbriU8b7Ynkuua0VioQrSgfwr8uV7-bTYThg9L3ifMK1RkTXJT8dDuWVDz3LW_7PTYquGPHp8NBynG4sILsD5uv_z8x8sFWpiuFlr6Jip55WP1nw9Fn-1jjsVwU7jTIOSE_0T6M4hvvQolca84NfOBmY&sig=Cg0ArKJSzPOJ_yYPCk3iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=51&cbvp=1&cstd=48&cisv=r20230802.96316&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 05:48:18 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C670 37 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CB57 186 KB
48 KB 11ms
8ms Script
text/javascript 2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 200 160x600.js Show response
s0.2mdn.net/sadbundle/862388148268265876/ Frame CB57 49 KB
9 KB 9ms
6ms Script
application/x-javascript 2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/862388148268265876/160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c47329a2de8e7fb85091c4f6f37a7888a8f4def341f861ebd2e16dd1e4c819ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9696
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:14:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Aug 2024 13:27:56 GMT

GET
H3 200 160x600_atlas_P_.png
s0.2mdn.net/sadbundle/862388148268265876/ Frame CB57 91 KB
91 KB 5ms
4ms Image
image/png 2404:6800:4003:c00::95
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/862388148268265876/160x600_atlas_P_.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d724b952945d596ba2e97c5c1cdab83dfa4b690ada141b5944daf12a6e5561ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/862388148268265876/160x600.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:17:11 GMT
x-content-type-options: nosniff
age: 63067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93432
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 12:14:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 02 Aug 2024 12:17:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E9F 0
0 54ms
54ms Fetch
image/gif 142.251.175.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBTIzghRoZBQCC6D6MvfxbqxTKm0ra-nvlQTmdz01xECGOQuRTZSQRR5CoVBLhFbZd46X2WSrEfIpxhCngMXv0ANcc7NY8PA3f7fEaySjlKZdouyCROM93HserzbmTTB6jtIbEMLWW00KJQ_ezCK6n7_qzEa2QXisLGNEH02mcF0ZJp63dEu5wkT5nu8_LfGOy_Yf3I0-AsRlCz0vaOXix3OpqMC4FhUomx4AMMUEcHM18dee7FVjG559_GzD6d8qb1yiVxiZne41LnX1JzWZQcuQB-8l1YeD70l_qk_sJUObnKUGBdn3xxSLJ7FQrEVPP134jUDvFc7i2JCFfJOg1OWk_DhR8q9vXZofydPhhupXOoRJ7fUV1gKc85TBdO2xEMz4A6zPny8tjJnptB3_Edhu6d6bMYR1nqDt6cpxl8qjHQ6CyrTsrQV89LBIUVyWNVYd-5t5ZJCAcuyZORCIhZxDjqvu43N2n0NMiJ7e3HMbzAosJ6Lf5T2ktmRPDWA0cs7Db3MmWb3jL2je9mP5IsU1mKgug1dFjWxRObspNIFv8bzkSEwzthXNPgWiFD7AiYrwj6uBc2Y-X6-tLJnI4wXpRsHfykQT5mUNbwole6Lb0gU1qKuO3MliT_RsR90jn4SxhB8ll6rRQhAGuXV3VEIIs9AF-gzrFm1pDNcA9MfTZGnbbZW6YAY-gWht7qc4TkrqvNHn-CkOtOu45b1aCi17RHZQTMAKkIReOEwsTEV4zdyb2gwEeFGD6PSDp21SB-qPsYQx8ZrE5COkz9aSnkY_fZH31ipMr5Nve1C7UuBcqXfUIP1MGCqxtEHW6O9wyLzOSIE12uZJB_yZtUtKLrI7DWNozMgK1Xgd7LqxGM8_EkBKqJE6UKNev53E1uxNG_G2jvJyCw7U54aG5o4aSXYsJJxjSLREieFzskSBC41Npl18UVTuFHM_avKMbZBKnUlBNJcDRzRfb9ygIy9r_1L--EjUE0ZNCXp2-_ptn_YWGuA1PJL_WbeRrO_lUHqYQexr7N6B2GOcOwVfkJMVJnR1xxAgbhGvBbbOK2hD7BY2Fal4OKQhJA7_nCcHt7syBdPPco9g_F5N--Tl6MQiavuMUNJ8oUxj08-Ouih9bDN0F8tB8ZHCqw1iAv2X1n7FcYPKg9YvVlpkAUMeQeRye48TUGwnWPRQBRohO8d_8fDaLFwbMiH4zwCJqjgIWgqTezVj86neoriU95qWz&sai=AMfl-YRUv__E8nI28m4e7ddVLd-q0d-BuzHvg5pHhPB_zY5IeuG6rgdVkUGWjOaYO78uEdx4ZCvFfgh_A31sTubxJFfUrslXrLNnfP3SMqgCDjm2fTQNbriU8b7Ynkuua0VioQrSgfwr8uV7-bTYThg9L3ifMK1RkTXJT8dDuWVDz3LW_7PTYquGPHp8NBynG4sILsD5uv_z8x8sFWpiuFlr6Jip55WP1nw9Fn-1jjsVwU7jTIOSE_0T6M4hvvQolca84NfOBmY&sig=Cg0ArKJSzPOJ_yYPCk3iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=148&vt=11&dtpt=97&dett=3&cstd=48&cisv=r20230802.96316&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Aug 2023 05:48:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C670 0
20 B 59ms
56ms Image
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzlYiIpHMZLuuA-ni3LUPktmUoAMAAAAAOAHgBAI&bg=!qqmlqf3NAAZGOVy5Zjk7ADkAdvg8WgnvabWyOPdVgFnETNCmIovNzZHaN_LuwoaSqn6CfuWx_wIXOfwlCr0pYOdVwaQ3a2nTeusCAAAArlIAAAAJaAEHCgCqQHCoNmMDwhxVorgWqc9TCF-U5nJsLbdm_N2cqNpK9xbAIEcmYMfjUWmm4n5LX9pmYjMXDTrIc7aB3gI5M431Th4ToipoxxSxQyC-XCoFUdqIHISrnPeDrvIyppjIWDm1VCRYwJMqQcmZVaiViwHnkXimhEMsg4OY9ZlHUZVftupAGYJm3BujChh3eUE_ZP70BppPOYkI4dfn-FEt67BwT6uYMcSKzlqY6keZAr-FZ754wB21LQf2ucJ_WAx1_S1AwDTePVleBMy5okUS0qd1-Jdzfw3qUWSBkk8qdwmy59BNzpriIrcZHKm_ogw4Kd3i1pCG3pnSoXLnYfVAT19wDTQ0X6Uxgoynd7r8KCmso3OlwWhZS3KMGlS5iLtQSD1NoeWMESZAciqA4_OYDsuH5XONlae7Cl_GS5UzCm_XnNex-wuQTk6t5zcCBjDIuyQO-GXLc4wbqyh4F9k76cIODni_-LBMXISwJiMl6whWrjcnn6QTOFjfWgxEHvF0_19Jloqj0TPOIUwzyG5oBYsN7vuRIZfpiRO4Nz2-dFMi1IguT7ngrbbK5dwZ0PHLHJvbmScOnQSVdxfJvyaXaWDlhXhDYyINX81lAzd49Jnjc_NTB0HPEAXgbS5hzDqegaE3Sko2pOz1RX5HmnzIZVlwCAl-SCmOr_M-UwBBdTDNB-q99YPa8IJVCEPZDy52QOpVKm6Lljxitylu5mzPaB9dvTpq5DOOlH4BBJUVzEDKLcCyglrTZQR3GNrkhJX-jrTvps47kGeFIjBNpt9BI2wZAXbjfHXqDBqP3PiQhda23bOJ9cB3xOo_UonajUwbeSjF8sYHcXiqVgEJl7V1THvTDhuEb5RXAHKVkoWuS1xMZS1nlHbhlv9jS1gGccyPV0tq3biwjyW4dUBz01JheVx06OESWxr5vGksZUJrsQNuVlF4DApByPidcaah6ZVwpyn8sb4AiwEeIyZDngNZoXj0_K3yuDVwnAilkw7qZYoLIVCZHa-_5HAgQGcdvRJj3w3oxA3Kt2ld8Re3T3n2CkhKXVgGI7IzNy8bD_z6NABU1fPiksUIBVpX3cirNBxFqRzco0UKISEY6HUZsdjU1BTz5eivhL9tQwqV6RgnXDSpP0DK5fxv31Av1LkUiLQpSnHf3vAEV3CysRDldLYs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 12ms
11ms Image
image/gif 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.863410649398665

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-mQH0rp4uTtt17l7Oua1IpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-mQH0rp4uTtt17l7Oua1IpQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 16ms
16ms Image
image/gif 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.683404885505761

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2UWivxeEIDLu0kwIkmDgRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-2UWivxeEIDLu0kwIkmDgRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
11ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kqLgOaXvM1Uq7n8coiT4FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:18 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kqLgOaXvM1Uq7n8coiT4FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://goo.by
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B9B9 33 KB
33 KB 5ms
4ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:53:02 GMT
x-content-type-options: nosniff
age: 64517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:53:02 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E15 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 89B2 33 KB
33 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:53:02 GMT
x-content-type-options: nosniff
age: 64517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 11:53:02 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC76 16 KB
16 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:26:59 GMT
x-content-type-options: nosniff
age: 62480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 12:26:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC76 15 KB
15 KB 6ms
6ms Font
font/woff2 2404:6800:4003:c00::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:26:38 GMT
x-content-type-options: nosniff
age: 62501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 12:26:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B9B9 0
25 B 60ms
60ms Image
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCouPIJHMZPH7F8GxrAH3uYv4B9D2uIhyyviB35cRlfO0nJEOEAEgi9r7HGCBBKABiOyd3gPIAQGpAtHSbTLh9Ek-qAMByAPLBKoEvQFP0CNZa-wpyfCTZMR3o_lfwE2VleYWUg1t5YpYiBSwFUgKKHbEOtzi8q-y5OEaMYZwIUEoIGqyTm542wp7JCdJpY-HBnOLGnTHL8Vd7a8pmC_XHC3Q59vl7QZuUIqhKl8QzGK_Jwt0ECAyOxLtnWyYv5Rp5hVvHuDcRmVwOwwz3aVzhn2hifAmG4qcZe9JJk0tvll8EBg-mOOnh-PMmXqCsxsdx_bclLoM5OtGnUMvMF4LkzyFSc3cqfduSAbABKr8uYz2A5IFBAgEGAGSBQQIBRgEgAfgk-IhqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQw_agAdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQLYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODkxNzgzMDE4OTEwMDcyMRgA&sigh=9NAK8jEiVU4&uach_m=[UACH]&cid=CAQSGwBpAlJWTdpL3AL0uRRxmdBpjTPD9zBexMZULRgB&cbvp=2&vis=1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&h=280&adk=2348938529&adf=2605566815&pi=t.aa~a.181677489~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128096&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128096000&bpp=2&bdt=160&idt=369&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qJtSZNiMYF&p=https%3A//goo.by&dtd=372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 05:48:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C19A 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 569E 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 83A5 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 89B2 0
25 B 55ms
55ms Image
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0kHGIZHMZJG9G8qxjMwPn9-J2AXistOdcKKps8LfEZ__qevjMxABIIva-xxgvwWgAdKE99MDyAEBqAMByAPLBKoEvAFP0H_41n8anL_SOTdd2r1IFIKyk1gjeOx0zvQyKydybn4cTCxo4QwI6SxvsPCFmaCCvubY41M5g3R_LmhY72Jj5jOtoVU6pn2ymdV8M1vPABx5MTPCz2LB9ZJiYufk8uTSy5ATp1bK3CibPYo2HRqJn46AvDZZDLJ0U6rDi-QKVpkQT1r5YSafu0aC6m8V6F9vbRcMwbQTRjkubZtek6upqpdEHwz8IdUBzJV0sx4BixXU1XVuEK-0kDZt6sAErNS0_5oEkgUECAQYAZIFBAgFGASAB5b7iCyoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDW_APSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMM0BUBgBcBshccChoIABIUcHViLTg5MTc4MzAxODkxMDA3MjEYAA&sigh=xSHa6jD-uSM&uach_m=[UACH]&cid=CAQSPABpAlJWeIDC5mHNysZ1HClKQG8cZEBnFBOGEuzeqTXiF76XmGlQ7IekEwtM-bi1GRHBNybB65xFtNZgBRgB&cbvp=2&vis=1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 05:48:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC76 0
25 B 61ms
61ms Image
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPGsyIZHMZMaCG4bC9QPg742gAZD_x5pxxLS53LcQ__WQ49cCEAEgi9r7HGC_BaABj7OOvwPIAQmoAwHIA8sEqgS8AU_Qc66f4v1KEC6n2GeqFUn8z06zrEgrfKRy6zgqcVxVlEP48-wMG6INhyC-ee9yntQ5XzY8w9DiDFQrnXpKBPZt1NaxMIibZbZhe0C0bBeFbd62igYjAZu01Z1dQCrDJMJpgrFFjNElXpa4eYej8S8xtIOt3o2mRc7eHVXMrZeELI3MSh_70AP08nhTn-TSEEPWizu9ue9fbdRAjGxF2qrHefXWTxKidv1k2UMb5WK_krM1flDKuLshXTCHwATeqb_qlgSSBQQIBBgBkgUECAUYBKAGLoAHtPaQzQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDHxwTSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLECuBPkA9gTDYgUBtAVAYAXAbIXHAoaCAASFHB1Yi04OTE3ODMwMTg5MTAwNzIxGAA&sigh=wqyPrO39Xrs&uach_m=[UACH]&cid=CAQSPABpAlJWcAtxQNYaUMwJH7T-VPzLD5BQReeql1Aac3YOMWtOg_a4u2hTOO-IBNNHYKNgQOJpgNSomz15-BgB&template_id=484&cbvp=2&vis=1

Requested by

Host: goo.by
URL: https://goo.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=3842512449&adf=1858515917&pi=t.aa~a.2596561788~rp.1&w=1140&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1140x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280&nras=3&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1926&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Eoh7sFq0p5&p=https%3A//goo.by&dtd=36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 04 Aug 2023 05:48:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 19ms
12ms XHR
application/json 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61dda521036580604dee7949011b09ffb1a9cc45c639cdfe56bec83fcf9621ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11684
x-xss-protection: 0

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D803 37 KB
14 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 87FA 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8917830189100721&output=html&h=280&adk=2814367607&adf=3589342682&pi=t.aa~a.2921636334~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1691128097&rafmt=1&to=qs&pwprc=8236848451&format=1200x280&url=https%3A%2F%2Fgoo.by%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691128097386&bpp=1&bdt=1546&idt=-M&shv=r20230802&mjsv=m202307270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd0a2e065a40f737a-22c1d181b9e7009e%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA&gpic=UID%3D00000c26de5ff458%3AT%3D1691128096%3ART%3D1691128096%3AS%3DALNI_MYYXxHMrJE0934jiFPsazFx51vh8g&prev_fmts=0x0%2C1140x280%2C1140x280%2C288x600&nras=5&correlator=5895004425320&frm=20&pv=1&ga_vid=801390025.1691128096&ga_sid=1691128096&ga_hid=1674203682&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3942&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31076509%2C44785295&oid=2&psts=AOrYGskpqGaUBl2RC2t1GJbsV6lpdDRvJveyNg0JqUUOZyaWvEd4rptEGtKM_RJDaYSYWA4_YNm77NKs_5p7PQv7FVpkbQ&pvsid=2250681923204799&tmod=156019060&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=yaS3QZcb0R&p=https%3A//goo.by&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 188A 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 05:48:19 GMT

GET
H3 200 adnetwork_ Show response
fundingchoicesmessages.google.com/f/AGSKWxVijSbYfNVzid41GsMFsTYTf5MXdDLW4wSpDUF3s4_6I2RWf1bumtI-zehAJpCjO9ZIirzwtCn_OUUpv7J1Q3EG0fAGGqWQp0S3s3ITJ1cje0BJqoZfgp_t34_fgm5DNdbrG4r86BXDOuef8dQ8B-MHweEb5... 54 B
109 B 25ms
24ms Script
application/javascript 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVijSbYfNVzid41GsMFsTYTf5MXdDLW4wSpDUF3s4_6I2RWf1bumtI-zehAJpCjO9ZIirzwtCn_OUUpv7J1Q3EG0fAGGqWQp0S3s3ITJ1cje0BJqoZfgp_t34_fgm5DNdbrG4r86BXDOuef8dQ8B-MHweEb57iz-NYsMPSQl86Wb2js2uL-BnFhWmwA/_/mini_ads./headerAdvertismentTab._120x800a./radioAdEmbed./adnetwork_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.78c_pJUixtQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw71NZicNz0TK9NwwWzvKuaxB7l-g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dea47e8e61d68a74a0ca014457ea3e0490bea4b47fcfa821ed27154fff166192

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fO5gDxIGh1Hoci01wH8Jtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-fO5gDxIGh1Hoci01wH8Jtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
82 B 4ms
3ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.78c_pJUixtQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMw71NZicNz0TK9NwwWzvKuaxB7l-g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 06:09:25 GMT

POST
H3 204 AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9YAgYwUq2aU7i2rR7nM_Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9YAgYwUq2aU7i2rR7nM_Fg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://goo.by
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EC7 13 KB
5 KB 6ms
4ms Document
text/html 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 85635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 06:01:04 GMT
expires: Fri, 02 Aug 2024 06:01:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF17 783 B
536 B 8ms
7ms Document
text/html 2404:6800:4003:c11::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c11::6a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbdf1f6d4bd687dc111403f5290581e64924adf8cba33775754d6ed9fb008379

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vG39B6VJZXk5w2e2LmEaeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goo.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-vG39B6VJZXk5w2e2LmEaeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 05:48:19 GMT
expires: Fri, 04 Aug 2023 05:48:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
11ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ocJe0jVNBuDg-kRiVx7SzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-ocJe0jVNBuDg-kRiVx7SzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://goo.by
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF17 0
0 57ms
57ms Image
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=2250681923204799&rc=05AL0Sog9uugxFIZWr1m5aIfRd-9U6OEQ-5zjm-msSkB9kB6WbEmY6cUhrgxyuU1XjoiFw4A7HimMgG1AmDMk6fhXsB02cBKIJqgck9RsJZIiejh1srAyN4kosYEHhvpuYKeqkMg0mVwU9NFoRLe2AyR6j4GdKoEVu4BG4uOpUsrmj_vI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9EC7 37 KB
14 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YWyqd_Oya_dSvH525JbJDwnpcpeKFun9cRHY8jAJ9QQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 11:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14704
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 02 Aug 2024 11:49:16 GMT

POST
H3 204 AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MwqnoxImdiX-NiwBCg49QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-MwqnoxImdiX-NiwBCg49QQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://goo.by
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 13ms
12ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUVwWrD4ZnVFxvaZI4SW9iPl2iUmHA4E1v_hhooJP-XuXsvDCEAZUw4GGpR5BGlvbnPS8OQCnD8hbMCKiDajtQAMWfMRkhKJr0fH8VoQXm38veGzbqZV18SPv-6f_Tt69VIc3jClw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xTGcQ4pmMllVHqTvMswFiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-xTGcQ4pmMllVHqTvMswFiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://goo.by
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU0kSqF3V6Wex3abC1er0JewfNuNrRbpZ8RG5YlQWfUpETgCUKjsjqdKhIKc2LCAIx7FevsW6kbBGaoI2iX1CmqDLeX2VS0JwXEE04UNHPc2GW2-qhn5I7cBhDoOUp15PDsHSwh5w== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 26ms
25ms Script
application/javascript 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0kSqF3V6Wex3abC1er0JewfNuNrRbpZ8RG5YlQWfUpETgCUKjsjqdKhIKc2LCAIx7FevsW6kbBGaoI2iX1CmqDLeX2VS0JwXEE04UNHPc2GW2-qhn5I7cBhDoOUp15PDsHSwh5w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMTI4MDk5LDY3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nb28uYnkvIixudWxsLFtbOCwiNzhjX3BKVWl4dFEiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7dd40558b6c23711babb71046cb4484d20ee2966c832358eb40d10b44c685a8e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nvacbe8ar7oVvbXBuib3Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: script-src 'report-sample' 'nonce-nvacbe8ar7oVvbXBuib3Xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXcwHVZXUGVfo_qRxBhiz5TL8xtK8KyQI9qtxUYJxJYqxHR2SnvFsN20i2JY9x5Lr1HTyYqVWuerKnLLOzoMEuViYBIlh_9kkh5iVvMfUzc8anVm4vvcPPhacJj3VQRmwQZvCUvQA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXcwHVZXUGVfo_qRxBhiz5TL8xtK8KyQI9qtxUYJxJYqxHR2SnvFsN20i2JY9x5Lr1HTyYqVWuerKnLLOzoMEuViYBIlh_9kkh5iVvMfUzc8anVm4vvcPPhacJj3VQRmwQZvCUvQA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-As6MZMolIiUwVQT4l4U69A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-As6MZMolIiUwVQT4l4U69A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://goo.by
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoKSIbNEW5bFHN1phq1dBrhyuMg9xy3yKmVgtTAX9eDLozUInO916-ppQLNF7suFKcNyh5G1e5tdcArP1MhbyNCr-bSTU8xyKuj0tI_ukNms8dEhdqHeMitCpq6_s9jk1fkZMuyg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
12ms XHR
text/html 2404:6800:4003:c05::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoKSIbNEW5bFHN1phq1dBrhyuMg9xy3yKmVgtTAX9eDLozUInO916-ppQLNF7suFKcNyh5G1e5tdcArP1MhbyNCr-bSTU8xyKuj0tI_ukNms8dEhdqHeMitCpq6_s9jk1fkZMuyg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::66 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EqHL9iHiENjrf0Fgs8dBJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://goo.by/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-EqHL9iHiENjrf0Fgs8dBJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://goo.by
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9EC7 0
10 B 3ms
3ms Image
text/plain 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OZlWSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 05:48:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E9F 0
28 B 50ms
50ms Ping
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9382436471803&version=m202307240101&ct=76&x=1&cor=15336168332831110000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9B9 42 B
64 B 51ms
50ms Fetch
image/gif 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqnrpMY1Fie9STlXKy9Br13hymgYTZW4pD2yNs0G3r8igHPl53ZWcu3xzwNsltMP-8njjxbhHrWBa1IAetiu4uJfR9CmcOOp9K_XqHafzzsFu0Os_ZqySBX2yKyqE7IreU3stY9lxhTw&sai=AMfl-YTy27cg7_eIZrnvXDrUroWsWi9aD_a1wRW_nn9oDgDrdzb3yj82hbtQSIsi8HAh_Xlg8w_k9BX6_nu4&sig=Cg0ArKJSzD7ejoc_uhpuEAE&cid=CAQSGwBpAlJWTdpL3AL0uRRxmdBpjTPD9zBexMZULRgB&id=lidar2&mcvt=1002&p=0,0,280,1140&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230802&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2348938529&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691128096373&rpt=2827&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Aug 2023 05:48:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2404:6800:4003:c05::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=2250681923204799&bg=!yMuly5_NAAZGOVy5Zjk7ADkAdvg8WofoN0tBXYowy9o0eAg0ZT8RcuJhmOFuQ5Rn9Sn_cnmG4y3TAfVzRrgv4ri2Cn8w5xOO3aoCAAAAWVIAAAAFaAEHCgCtcbjLVY_rqKuSt2ycHJvjk4I7oSaWL9y87n6D-PPnxZJNxQoTuAu8lkceFh9YO6dInHsGuV6vtifCFqXesrxlxsQR1vuDZRiM1rAivd55mubl4kgRafB6BK80uPJQ1UxZkpOkqgPln0hY1G3NXq_9cXBVrDLGKqm255YROQguPCVr9pjIK0Jh1rS3No1xrrJFeNK_UdIy2lNLTnSi34TfMSuL8mWPRQRh2x4SuAeZAqMFHQ81t7CGD0ouhIsZ3nLvnXKYNVJ-WSF6pyXaMf0W4btlk9p8hjccqrhF3uN2apz2TG9EFswLsCDr5zqWH6akqwbv_L1UdbmsD0wNhAe2o47aJ93-VXNiDez9EMTYRabsOH5ZBK-MreHnmhBDXIpYcTe8yNSWsXSi1AhhrGHSHlQIkuHwsS49ENTAAYBNVIlq-ONwO3T5v0J11L4eQgP2eOvrwp2sMaA5QEgUBqvqQ9qyA9on_6mwgSrekFtogXB3S5EX3PDaNeFAli16aCTpKwv6OU_NsY0VC2aoIsfzF-N5J_Vzj6ewqBRi09HGGdRuZ5JRCNzStVE9TWW9mpJl4yTxo8L4hjnaB95060JXQJW5m8tRrtgTiX7OlJ7vDTEV0MJS9lY85wfQJjKoQ-st_yZAZLivsIpWN2UEBrEoIsxHl8NiTQlAiSnaEdy_Ch59M0QCJYTO8YArYqt4mCJe5Tges_VKpEJ5B4mqibDcYcc9OmH4M3iyTjGlsOYaPlZ_xrD6D1MxMZivYUONdPgCUxcYa5UjsuTFYhMznWSpIdwLSSvCmT3bg9sASl2jDgZQhSomqvG0Oyj34ZtupY_UBen4-kIoMaWlcx_OzU_v8VlPB7dPgbBhA3iIk78XyiyGweBQ8feFPdEm8uj2_sko-hsv4UVPB-ydb5h1imJZ5C9sa5HSovwEtehEAq2lTJZCJAxOPBpdhuEgLxx_RZ2ufUMLwguanub21jVu61PdZlK2STCN1-m371fwtLNWIFxUFH9-dKaDC_ZTBCK16OEa9Is5npxTdlZ5Zhmp6WRLg-SJxFgkLs7HomimlOjEdbCVHdmwka4lrJUwJ0JSKEdvrP6asmKbNtpjAkTNRb-icBy7Et_oA7g0Un1_cjEC5t-MSZ0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c05::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://goo.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 18:04:40	Name: _GRECAPTCHA Value: 09AL0Sog-84BRoP_RXnzdPp4tnPMy9Ogu8VlpEmMwPfwZNChcKuIGYsA8ZE5KLZFSXh2o-ETi82DNP_YLLvIzZOvM
goo.by/	1969-12-31 23:59:59	Name: PHPSESSID Value: d7i7r17duhoas293l7humo57rn
.goo.by/	1970-01-20 23:07:04	Name: __gads Value: ID=d0a2e065a40f737a-22c1d181b9e7009e:T=1691128096:RT=1691128096:S=ALNI_Marqj-jLl5MIGYL9mVGsZ9j-t5jbA
.goo.by/	1970-01-20 23:07:04	Name: __gpi Value: UID=00000c26de5ff458:T=1691128096:RT=1691128096:S=ALNI_MYYXxHMrJE0934jiFPsazFx51vh8g
.doubleclick.net/	1970-01-20 13:45:31	Name: DSID Value: NO_DATA
.goo.by/	1970-01-20 22:31:04	Name: _ym_uid Value: 1691128097759324925
.goo.by/	1970-01-20 22:31:04	Name: _ym_d Value: 1691128097
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1744618461691128097
.yandex.ru/	1970-01-20 23:21:28	Name: i Value: Nd/KBy5nQxvcnIyzi03jugDpvdQzuhE2TMfTY6B5UvuGF6kVVoU4e8Y1W5JGuC9ihu9x53RoBuf/ogLZOFbrMsCLttQ=
.yandex.ru/	1970-01-20 23:21:28	Name: yandexuid Value: 5035980001691128097
.yandex.ru/	1970-01-20 23:21:28	Name: yuidss Value: 5035980001691128097
.yandex.ru/	1970-01-20 22:31:04	Name: ymex Value: 2006488097.yc.1691128097#2006488097.yrts.1691128097#2006488097.yrtsi.1691128097
.yandex.ru/	1970-01-20 22:31:04	Name: bh Value: KgI/MA==
.goo.by/	1970-01-20 13:46:40	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 23:21:28	Name: IDE Value: AHWqTUkkFhVtpPJbdvHPpCqtKn5fzuj79KPe1jw6GgO49BBQPmin0LBG1hKbCsRUBfg
.doubleclick.net/	1970-01-20 18:04:40	Name: APC Value: AfxxVi467MtwKmDdTCkyIr74HpZa7yI-Fq4VWJf9oHgOBx-xQwjQQw
.blismedia.com/	1970-01-20 22:31:08	Name: b Value: 64CC91225968907FC4264BB9BLIS
.yahoo.com/	1970-01-20 22:31:25	Name: A3 Value: d=AQABBCKRzGQCEBxqDrEwAVel2V3c3PEciSMFEgEBAQHizWTWZAAAAAAA_eMAAA&S=AQAAAvI9DaFC4DcGahlcQyXfuao
.mathtag.com/	1970-01-20 23:11:23	Name: uuid Value: 095a64cc-9122-4f00-a7b5-1d7e4419d769
.mathtag.com/	1970-01-20 14:28:40	Name: mt_mop Value: 4:1691128098
.teads.tv/	1970-01-20 22:29:37	Name: tt_viewer Value: c893555a-a78a-4b76-8ce7-a86598a33b7a
.bidswitch.net/	1970-01-20 22:31:04	Name: tuuid Value: 7f499761-4d61-40fc-af8e-dbfc9ca2e4e7
.bidswitch.net/	1970-01-20 22:31:04	Name: c Value: 1691128098
.bidswitch.net/	1970-01-20 22:31:04	Name: tuuid_lu Value: 1691128098
.send.microad.jp/	1970-01-20 15:55:04	Name: TR Value: 900771abfc9322dc558644d2f54343a93e91afdb2c726667
.fout.jp/	1970-01-20 23:21:28	Name: uid Value: ybqw_ZS8jTUX0ZXv2TtsUTbDGkU
.bidswitch.net/	1970-01-20 13:45:28	Name: google_push Value: AXcoOmR___42RwSU4fnnSIHS7wE1XxhkLGCjp3q1bKnriX6ExQFYFBAAKzn6ZTVQXj3mXxDyeyJXLALgn0wLEVdA5AXN3u19w0Efvw
.casalemedia.com/	1970-01-20 22:31:04	Name: CMID Value: ZMyRIkdfAHzYalHcWf1ItAAA
.casalemedia.com/	1970-01-20 15:55:04	Name: CMPS Value: 4997
.casalemedia.com/	1970-01-20 15:55:04	Name: CMPRO Value: 4997
.uncn.jp/	1970-01-20 22:31:04	Name: t Value: v_3930fea7-e046-47e4-bc94-e1b43f5cd702
.tribalfusion.com/	1970-01-20 15:55:04	Name: ANON_ID Value: aFntuJrZcAQ9BqEr72it9ZaYKQqTZdTv466EUvpe96Ee6XEyu21KUqAhtZcdQei5jf7tm9vw1WCDPAPHe5RGIQ3Hkgdd
.simpli.fi/	1970-01-20 22:32:30	Name: suid Value: 744CB1C1D8244200BE10BFCECAC43CD4
.everesttech.net/	1970-01-20 22:31:04	Name: everest_g_v2 Value: g_surferid~ZMyRIgAAAtB3UAA4
.adnxs.com/	1970-01-20 15:55:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?afLNHF!]tbPl1M>e)ZlrFUfJ+tGXxoeSbizpNXrF=A)40-@ghQvFRXSpc?0M6W!P@R3If)y3KL9D3I?+jKt'y5
.adnxs.com/	1970-01-20 15:55:04	Name: uuid2 Value: 4137089993960729755
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.zemanta.com/	1970-01-20 22:31:04	Name: zuid Value: s7V-w_j_sMTOPI8o-YgC
sync.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id Value: s%3A0-90e6c421-4ad8-5a8a-53b8-64dc439c419f.87Rmv%2Fc77xi6VDBsJjrCl6vBvL2FJmzAMvkY43ABlM8
.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id Value: s%3A0-90e6c421-4ad8-5a8a-53b8-64dc439c419f.87Rmv%2Fc77xi6VDBsJjrCl6vBvL2FJmzAMvkY43ABlM8
sync.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id-v2 Value: s%3AkObEIUrYWopTuGTcQ5xBn2f-mc8.mzMW7TNk10qG4MqapNCMLTCCJSB1FxJ9h7P9RROEH0s
.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id-v2 Value: s%3AkObEIUrYWopTuGTcQ5xBn2f-mc8.mzMW7TNk10qG4MqapNCMLTCCJSB1FxJ9h7P9RROEH0s
.gonet-ads.com/	1970-01-20 22:32:30	Name: pid Value: Mjg1NmIyNjE4YTY1MGEyMw
sync.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id-v3 Value: s%3AAQAKIFssaO5eRPoHGccn6UI3ZX6tcalSe88aFp_l4HM_4DW2EHwYBCCjorKmBjABOgShleyOQgS57F6g.K5lxfeUhkpfsu%2BMyCgahnqN65%2FzXlkBJXoYf%2Fctohik
.srv.stackadapt.com/	1970-01-20 22:31:04	Name: sa-user-id-v3 Value: s%3AAQAKIFssaO5eRPoHGccn6UI3ZX6tcalSe88aFp_l4HM_4DW2EHwYBCCjorKmBjABOgShleyOQgS57F6g.K5lxfeUhkpfsu%2BMyCgahnqN65%2FzXlkBJXoYf%2Fctohik
.goo.by/	1970-01-20 22:31:04	Name: FCNEC Value: %5B%5B%22AKsRol8HgIlw7hU81g9rLuyLuRhFkpmJs0pljk0DErp0BUpghsLNZ_twVlt3hpC-9gozX19zJO0-JGjNjm_1n7hw3A0lv1_LiEQBjSjsDfRcC_Ka_xTyNOZxgBxJVq8l6EMTOycx7U2TR25VZjLmy-m0DhAsSNT-xQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=293675613&client=ca-pub-8917830189100721&fa=3&ifi=11&uci=a!b&btvi=4&xpc=BnNgOgpYxr&p=https%3A//goo.by Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=293675612&client=ca-pub-8917830189100721&fa=2&ifi=13&uci=a!d&btvi=6&xpc=XDTnH5irfW&p=https%3A//goo.by Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=293675614&client=ca-pub-8917830189100721&fa=4&ifi=12&uci=a!c&btvi=5&xpc=hcrkms7wPg&p=https%3A//goo.by Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aid.send.microad.jp
b1sync.zemanta.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dis.criteo.com
ds.uncn.jp
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
goo.by
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
s0.2mdn.net
sync-tm.everesttech.net
sync.fout.jp
sync.gonet-ads.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
v9999.adv.admeme.net
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
103.229.206.241
104.254.151.69
139.5.84.243
142.251.175.157
151.101.66.49
172.253.118.156
182.161.73.146
188.42.105.236
202.232.238.37
202.233.84.1
23.73.13.34
2404:6800:4003:c00::5e
2404:6800:4003:c00::95
2404:6800:4003:c02::5e
2404:6800:4003:c02::9b
2404:6800:4003:c03::84
2404:6800:4003:c04::5f
2404:6800:4003:c05::66
2404:6800:4003:c05::9b
2404:6800:4003:c11::6a
2404:6800:4003:c1a::9a
2406:da18:929:5a00:d14c:9505:b089:6ff7
2606:4700:3037::ac43:899a
2606:4700::6811:180e
2606:4700::6812:18ad
2a02:6b8::1:119
34.96.105.8
35.213.12.39
35.247.47.28
52.197.138.198
52.197.225.32
54.198.143.1
70.42.32.63
002dc6ef6d863abc37366003cb0bc3a181ff0c44e0a5078a72bc286247bc5c64
04ef638f6dbee1ba0b4b94860aebd2767dd9a249f118a72265810ab146bb8d53
0704c0bdbe44fe0fda882aa2f07adfba2272b5eb31019f3d20a5ad9c3066517c
08e5970dcee7ecf02ab04df2d6be02568a71594f4923491e9f3e8ae3306a853f
08ec63812b5c543fbc24b98cf05328d849347f0dc0b2cbdf9bc463435b5ad1f6
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
171ca22825d9d3284a7e20e85120854bc2bf6fb15b821ce6bed382f14ff51c29
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1912ec9329c898b56073a8120eb94e72e0bb858b390443cbc65d18a494572215
195ffe64f7501043f3700fdf9fbf2012d0b66fa26dcad328db4d5e8430fb520b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
22d60ecf06846dd1422d3ce4043f4b6709c4d052db55e37853dc8d3c957a0e43
25befbcc2da0e42008fd248de65220af11fac457a7a87fb3375989e06642fea0
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3118642b76000e0989aaf3eb26f05fb030c24779a28e4a73a01d08b59aa13910
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
386528adf81f8cf660dc157133f0e970de8954df99350deffffe33b8de31f72e
395b42007d12f98c2595802e08d4b8f6b710055f4dce5440712cc2bccb0d757c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc4585241bd0897f43109d55a7558b64c81682d2a1f3163956094c4a2bf885c
43df0eac8cd04fe4184d857d79cb2b72f9c636dfbc7d3bc6555ce0aacf2f2c47
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45b4eee66ac74743c86ea5a55ea614ddb12bc1407e4bfca8ff92c308c82795e2
486df11abe382b2ded8284a204240162dba66dbadb58e321faa4db7907ff9a34
4a2d07e69c3f1d2be6a03c10c538b3582281c2f7c20424ffffb8e899685b8caa
4a3e6ec11bb876d43db91a92fc49c6e93ff5ee9b735f45aa758f95d3bdc54884
4ac05986bcc67a9d79934f9d85ee03f666e7066e93148821ecf3291e58dae6b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54de913295caddd62057113241fd1869e9eed6c21dee5a01d3881446888d8f32
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7e07dfb2d7437793e8b1ed577739a8bd55558df14aa7234714675ba53f71ee
6102d725c22f9bf27ef542ceae070843153f3e0926b89820a75f29b107e33cb2
616caa77f3b26bf752bc7e76e496c90f09e972978a16e9fd7111d8f23009f504
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dda521036580604dee7949011b09ffb1a9cc45c639cdfe56bec83fcf9621ca
6461e3d621bb44222b85c04e787c3a1bc2c296316d77bc175e682c177557fa76
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6747ccf8e0e2763740a6b234a02ac70b6556cbe9bb9bb571e5b02187e2dc1b7f
68decb9b04351770373306a7d4eef2a677b9f2541d790a42fc6f72e8cdcc7bd0
6c785dee6ed2b248070e51f80868e1b938665681c17188c4e579c9c509ae05d8
75eed100ba64cb7efd63952190042ba256e4205c270dc83afabfdc90e752b815
7dd40558b6c23711babb71046cb4484d20ee2966c832358eb40d10b44c685a8e
7f9ff00dd19830d6735c5ca9ea78bf45b4380838919dbac273bec8cfb1be3d14
877de2ffab95719d6ff1f1048fa912e70ee31879a2a31f868eb5b1770252d8fb
8aa476efa48384d2f5a63164359a0e6194660621bcec0b5158a0057effd0d08c
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fda9b73f2c5d5413c253b63a3761ac4becb2d58bb734416d0d20f5de42a36e4
a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a7c3e55eaa9ecaa4ca4a2ebffc199b1d3b5c4c568e832a107811ca61db66bcbb
a898f00aabf0e5632b47a59e092c4662c8cbda0c33ea6d0d424cbced57e3ee72
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b03f5f8bed117ef9e1385c2f68c780a8f10b912b62723d9dcfd996118810562a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c44313430f757e3a44c796394ad431ad413d363d4467dfbc6cf1867e560969c3
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c47329a2de8e7fb85091c4f6f37a7888a8f4def341f861ebd2e16dd1e4c819ff
c4f5957c55f54d61242e69819383b448ccdd4a8d9deec2af4da568023d6b1f97
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ccf1087f3f646f6c14b1dbdada36293da0ada86f66ae8db97623025960378a90
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaca7aab879bf76e0c341666a053105ad38019ec591601d77f6ea0edb5dd9cc
d69ba2a3cb603ff3aba5f081ad98b683d0b0788524d62f5b4df4f240658b4c90
d724b952945d596ba2e97c5c1cdab83dfa4b690ada141b5944daf12a6e5561ce
daa4a1d07c1399f4b72322e9d5b55436d3dbbf07574c1c5ddf9e1941a7718e19
dbdf1f6d4bd687dc111403f5290581e64924adf8cba33775754d6ed9fb008379
dea47e8e61d68a74a0ca014457ea3e0490bea4b47fcfa821ed27154fff166192
e158faa38926010d364dba4bf8cb5b902ea90b6f8551c97283db5ccafe0799d3
e26fb2241a2f9b9aa0381e946e4f2b45d682857bdd19aad8250e6f0efb1cf8f6
e337c98d5ed7ed7e852c87ee65bf108bd1cf6377d585c9f7b595a9e54ad41fa5
e34cc28c89135c2b0c670921036fb262a23a9f688337de5e180a404d84d3ea30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
eea1e2ea7c9a7d251f44bce864460142b2de8f5ae549d58478cf75d1f26581b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf
f383a309ed99bef9b6cd7d1b5c7a6be44f48f504843ab50830229a4d0757546a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f76e1642eaafbd1fae3e91797da53e533b4a6ca12a5548fbeeef234e7f74a6d4
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

goo.by Open in urlscan Pro 2606:4700:3037::ac43:899a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

223 Requests

90 %HTTPS

45 %IPv6

29 Domains

35 Subdomains

23 IPs

6 Countries

2663 kBTransfer

7177 kBSize

46 Cookies

0 Outgoing links

Page URL History

Redirected requests

223 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goo.by Open in urlscan Pro
2606:4700:3037::ac43:899a Public Scan

Screenshot
Live screenshot

Full Image

223
Requests

90 %
HTTPS

45 %
IPv6

29
Domains

35
Subdomains

23
IPs

6
Countries

2663 kB
Transfer

7177 kB
Size

46
Cookies

223 HTTP transactions
4 data transactions