www.hancinema.net Open in urlscan Pro
104.26.0.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hancinema.net/korean_jerome.php
Submission: On August 28 via manual (August 28th 2023, 7:05:13 pm UTC) from SG — Scanned from SG

Summary HTTP 302 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 67 IPs in 6 countries across 59 domains to perform 302 HTTP transactions. The main IP is 104.26.0.212, located in and belongs to CLOUDFLARENET, US. The main domain is www.hancinema.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2023. Valid for: a year.

This is the only time www.hancinema.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	104.26.0.212 104.26.0.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
13	172.67.69.92 172.67.69.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.12.219 104.18.12.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.29.90 23.32.29.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.21.12.31 104.21.12.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.45.231 13.33.45.231	16509 (AMAZON-02) (AMAZON-02)
8	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.57.101 104.16.57.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	74.125.130.100 74.125.130.100	15169 (GOOGLE) (GOOGLE)
3	34.149.46.224 34.149.46.224	15169 (GOOGLE) (GOOGLE)
39	142.251.10.154 142.251.10.154	15169 (GOOGLE) (GOOGLE)
4 29	104.18.25.173 104.18.25.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	35.164.29.234 35.164.29.234	16509 (AMAZON-02) (AMAZON-02)
1	103.195.32.131 103.195.32.131	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.69.166.9 104.69.166.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2 14	74.125.68.155 74.125.68.155	15169 (GOOGLE) (GOOGLE)
2 2	54.151.165.0 54.151.165.0	16509 (AMAZON-02) (AMAZON-02)
2 2	67.199.150.81 67.199.150.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.231.16.113 13.231.16.113	16509 (AMAZON-02) (AMAZON-02)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
1	64.233.170.154 64.233.170.154	15169 (GOOGLE) (GOOGLE)
1	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
9	74.125.200.156 74.125.200.156	15169 (GOOGLE) (GOOGLE)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
5	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	34.233.157.77 34.233.157.77	14618 (AMAZON-AES) (AMAZON-AES)
3	18.65.39.30 18.65.39.30	16509 (AMAZON-02) (AMAZON-02)
2	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
21	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
1	182.161.73.148 182.161.73.148	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	74.125.200.147 74.125.200.147	15169 (GOOGLE) (GOOGLE)
4	142.251.12.157 142.251.12.157	15169 (GOOGLE) (GOOGLE)
1	103.229.10.180 103.229.10.180	16509 (AMAZON-02) (AMAZON-02)
2 2	89.207.22.76 89.207.22.76	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	13.33.88.98 13.33.88.98	16509 (AMAZON-02) (AMAZON-02)
2 2	139.162.58.205 139.162.58.205	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	133.186.161.88 133.186.161.88	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1	23.207.181.73 23.207.181.73	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.108.101.161 23.108.101.161	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.249.77 13.224.249.77	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.67.38.106 172.67.38.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.92.130 13.33.92.130	16509 (AMAZON-02) (AMAZON-02)
3	74.125.68.132 74.125.68.132	15169 (GOOGLE) (GOOGLE)
2	104.21.5.40 104.21.5.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	182.161.73.132 182.161.73.132	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
7	182.161.73.159 182.161.73.159	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	182.161.73.142 182.161.73.142	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	172.217.194.149 172.217.194.149	15169 (GOOGLE) (GOOGLE)
1	184.51.97.203 184.51.97.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.74.107.222 52.74.107.222	16509 (AMAZON-02) (AMAZON-02)
2	74.125.130.157 74.125.130.157	15169 (GOOGLE) (GOOGLE)
1	142.251.12.148 142.251.12.148	15169 (GOOGLE) (GOOGLE)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	52.74.240.101 52.74.240.101	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
5 5	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
2 2	52.192.160.122 52.192.160.122	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	183.79.219.252 183.79.219.252	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
3	172.67.132.240 172.67.132.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3.224.245.106 3.224.245.106	14618 (AMAZON-AES) (AMAZON-AES)
1	182.161.74.19 182.161.74.19	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	18.232.200.223 18.232.200.223	14618 (AMAZON-AES) (AMAZON-AES)
2	135.181.123.227 135.181.123.227	24940 (HETZNER-AS) (HETZNER-AS)
3	52.84.228.19 52.84.228.19	() ()
2	142.251.175.155 142.251.175.155	() ()
2	34.196.183.221 34.196.183.221	() ()
1	13.35.23.2 13.35.23.2	() ()
302	67

31 104.26.0.212 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hancinema.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
photos.hancinema.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.hancinema.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.69.92 (United States)

ASN13335 (CLOUDFLARENET, US)

07c225f3.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.219 (None, )

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.29.90 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-90.deploy.static.akamaitechnologies.com

tg1.ergadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.12.31 (None, )

ASN13335 (CLOUDFLARENET, US)

media.bidgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srv.bidgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.bidgx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.45.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-45-231.sin2.r.cloudfront.net

d1tbj6eaenapdy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.57.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.130.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.46.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.46.149.34.bc.googleusercontent.com

thomastorch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.18.25.173 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.29.234 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-29-234.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.195.32.131 (Singapore)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-01-pub-prod-sg1.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.148.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.125.68.155 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.151.165.0 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-165-0.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.81 (Singapore) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Singapore) 1 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.231.16.113 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-16-113.ap-northeast-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.200.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.233.157.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-157-77.compute-1.amazonaws.com

servt.ergadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.39.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-30.ams1.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

ads.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.200.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.22.76 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.98 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-98.sin2.r.cloudfront.net

cr-p1.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.58.205 (Singapore) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1471-205.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.181.73 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-181-73.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.108.101.161 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

b1t-sindc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-sindc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-77.sin52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.38.106 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.92.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-92-130.sin2.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net

3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.5.40 (None, )

ASN13335 (CLOUDFLARENET, US)

media-aso1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

cat.sg1.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 182.161.73.159 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

imageproxy.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

csm.as.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.97.203 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-97-203.deploy.static.akamaitechnologies.com

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.107.222 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-107-222.ap-southeast-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.148 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.240.101 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-240-101.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.213.12.39 (Tokyo, Japan) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.160.122 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-160-122.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.219.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.132.240 (United States)

ASN13335 (CLOUDFLARENET, US)

cid.media-aso1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lib.media-aso1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.224.245.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-245-106.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

rtb.jp2.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.200.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-200-223.compute-1.amazonaws.com

serv.ergadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.181.123.227 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.227.123.181.135.clients.your-server.de

in.logtail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.228.19 (None, )

ASN- ()

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.175.155 (None, )

ASN- ()

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.183.221 (None, )

ASN- ()

2pqo3eid5b.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.23.2 (None, )

ASN- ()

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com 21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com 96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com	722 KB
36	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 242 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 pubads.g.doubleclick.net	544 KB
31	hancinema.net 1 redirects www.hancinema.net photos.hancinema.net images.hancinema.net	271 KB
29	tribalfusion.com 4 redirects s.tribalfusion.com — Cisco Umbrella Rank: 1944 a.tribalfusion.com — Cisco Umbrella Rank: 817	47 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 imageproxy.as.criteo.net — Cisco Umbrella Rank: 14802 csm.as.criteo.net — Cisco Umbrella Rank: 13322	539 KB
13	07c225f3.online 07c225f3.online — Cisco Umbrella Rank: 348935	514 KB
10	adsafeprotected.com 1 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 632 fw.adsafeprotected.com — Cisco Umbrella Rank: 914 dt.adsafeprotected.com — Cisco Umbrella Rank: 586	100 KB
8	google.com analytics.google.com — Cisco Umbrella Rank: 166 www.google.com — Cisco Umbrella Rank: 2	4 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	130 KB
7	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 17474 player.avplayer.com — Cisco Umbrella Rank: 14243 content1.avplayer.com — Cisco Umbrella Rank: 18713	290 KB
6	ergadx.com tg1.ergadx.com — Cisco Umbrella Rank: 573966 servt.ergadx.com — Cisco Umbrella Rank: 586677 serv.ergadx.com — Cisco Umbrella Rank: 646195	11 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 352	4 KB
5	media-aso1.com media-aso1.com — Cisco Umbrella Rank: 397795 cid.media-aso1.com — Cisco Umbrella Rank: 430933 lib.media-aso1.com — Cisco Umbrella Rank: 545169	27 KB
5	criteo.com ads.as.criteo.com — Cisco Umbrella Rank: 13034 cat.sg1.as.criteo.com — Cisco Umbrella Rank: 12870 gum.criteo.com — Cisco Umbrella Rank: 435 rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18835	62 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	265 KB
4	amazon-adsystem.com c.amazon-adsystem.com aax.amazon-adsystem.com	64 KB
4	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 553 b1t-sindc1.zemanta.com — Cisco Umbrella Rank: 24638 b1-sindc1.zemanta.com — Cisco Umbrella Rank: 48653	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	140 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 769 simage2.pubmatic.com — Cisco Umbrella Rank: 797	1 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 481	958 B
3	thomastorch.com thomastorch.com	107 KB
3	bidgx.com media.bidgx.com — Cisco Umbrella Rank: 543082 srv.bidgx.com — Cisco Umbrella Rank: 360432 track.bidgx.com — Cisco Umbrella Rank: 416020	17 KB
2	amazonaws.com 2pqo3eid5b.execute-api.us-east-1.amazonaws.com	222 B
2	logtail.com in.logtail.com — Cisco Umbrella Rank: 103108	146 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5535	1 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 795 id5-sync.com — Cisco Umbrella Rank: 411	27 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 852 bcp.crwdcntrl.net — Cisco Umbrella Rank: 813	13 KB
2	appier.net 2 redirects a.c.appier.net — Cisco Umbrella Rank: 15514	1 KB
2	ladsp.com 2 redirects cr-p1.ladsp.com — Cisco Umbrella Rank: 77039	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 360	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	892 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	926 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	562 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	2 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	1 KB
2	exponential.com tags.expo9.exponential.com — Cisco Umbrella Rank: 12971	5 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1049	497 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3582	623 B
1	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 6138	233 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 713	583 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	46 KB
1	aniview.com player.aniview.com — Cisco Umbrella Rank: 1809	128 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1478	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1129	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	896 B
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1595	2 KB
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 76580	161 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 798	464 B
1	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12628	408 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 532	477 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 364	767 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 646	471 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2369	122 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 648	338 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
1	cloudfront.net d1tbj6eaenapdy.cloudfront.net	10 KB
0	spotxchange.com Failed sync.search.spotxchange.com Failed
302	59

	Domain	Requested by
32	pagead2.googlesyndication.com	www.hancinema.net s.tribalfusion.com pagead2.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com www.hancinema.net pagead2.googlesyndication.com
18	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com
16	photos.hancinema.net	www.hancinema.net
14	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
13	07c225f3.online	www.hancinema.net 07c225f3.online
13	www.hancinema.net	1 redirects www.hancinema.net 07c225f3.online static.cloudflareinsights.com
12	static.criteo.net	www.hancinema.net securepubads.g.doubleclick.net ads.as.criteo.com cdnjs.cloudflare.com static.criteo.net
11	a.tribalfusion.com	4 redirects s.tribalfusion.com
9	securepubads.g.doubleclick.net	d1tbj6eaenapdy.cloudfront.net securepubads.g.doubleclick.net
8	cdnjs.cloudflare.com	www.hancinema.net ads.as.criteo.com media-aso1.com
7	imageproxy.as.criteo.net	ads.as.criteo.com
7	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	x.bidswitch.net	5 redirects
5	www.googletagmanager.com	www.hancinema.net www.googletagmanager.com
4	content1.avplayer.com	www.hancinema.net
4	www.googletagservices.com	googleads.g.doubleclick.net www.googletagservices.com
4	servt.ergadx.com	www.hancinema.net player.aniview.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	c.amazon-adsystem.com	player.aniview.com c.amazon-adsystem.com
3	static.adsafeprotected.com	www.hancinema.net googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects s.tribalfusion.com
3	thomastorch.com	www.hancinema.net thomastorch.com
2	2pqo3eid5b.execute-api.us-east-1.amazonaws.com	media-aso1.com
2	pubads.g.doubleclick.net	player.aniview.com
2	in.logtail.com	media-aso1.com
2	cid.media-aso1.com	media-aso1.com
2	pool.admedo.com	2 redirects
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	fw.adsafeprotected.com	1 redirects ad.doubleclick.net
2	csm.as.criteo.net	ads.as.criteo.com
2	media-aso1.com	media.bidgx.com media-aso1.com
2	b1sync.zemanta.com	2 redirects
2	a.c.appier.net	2 redirects
2	cr-p1.ladsp.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	player.avplayer.com	tg1.ergadx.com www.hancinema.net
2	ups.analytics.yahoo.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	dpm.demdex.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	images.hancinema.net	www.hancinema.net
2	tags.expo9.exponential.com	www.hancinema.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	lib.media-aso1.com	www.hancinema.net
1	serv.ergadx.com	player.aniview.com
1	rtb.jp2.as.criteo.com	googleads.g.doubleclick.net
1	b1-sindc1.zemanta.com	googleads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	trace.mediago.io	1 redirects
1	cksync.yahoo.co.jp	googleads.g.doubleclick.net
1	dsp.adkernel.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	player.aniview.com	player.avplayer.com
1	ad.doubleclick.net	www.googletagservices.com
1	cat.sg1.as.criteo.com	ads.as.criteo.com
1	96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	track.bidgx.com	media.bidgx.com
1	b1t-sindc1.zemanta.com	googleads.g.doubleclick.net
1	widgets.outbrain.com	googleads.g.doubleclick.net
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.as.criteo.com	googleads.g.doubleclick.net
1	feed.avplayer.com	tg1.ergadx.com
1	srv.bidgx.com	media.bidgx.com
1	www.google.com.sg	www.hancinema.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	aa.agkn.com	1 redirects
1	pixel.rubiconproject.com	s.tribalfusion.com
1	simage2.pubmatic.com	1 redirects
1	tags.bluekai.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.tribalfusion.com
1	beacon.krxd.net	s.tribalfusion.com
1	static.cloudflareinsights.com	www.hancinema.net
1	d1tbj6eaenapdy.cloudfront.net	www.hancinema.net
1	media.bidgx.com	www.hancinema.net
1	tg1.ergadx.com	www.hancinema.net
0	sync.search.spotxchange.com Failed	s.tribalfusion.com
302	94

This site contains links to these domains. Also see Links.

Domain
www.twitter.com
www.facebook.com
www.instagram.com
www.pinterest.com
feeds.feedburner.com
photos.hancinema.net
www.cyworld.com
www.ad-shield.io

Subject Issuer	Validity	Valid
hancinema.net Cloudflare Inc ECC CA-3	`2023-06-01` - `2024-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
07c225f3.online R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
wl2.aniview.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
bidgx.com GTS CA 1P5	`2023-07-30` - `2023-10-28`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
thomastorch.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.avplayer.com GeoTrust TLS RSA CA G1	`2023-08-14` - `2024-09-13`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M02	`2023-07-04` - `2024-07-31`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-10` - `2023-10-07`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
media-aso1.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.sg1.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-14` - `2023-10-16`	3 months	crt.sh
*.as.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-12` - `2023-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-07-28` - `2024-08-27`	a year	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
cid.media-aso1.com GTS CA 1P5	`2023-07-15` - `2023-10-13`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.jp2.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-11`	3 months	crt.sh
lib.media-aso1.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.logtail.com R3	`2023-08-25` - `2023-11-23`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M02	`2023-07-25` - `2024-08-21`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh

This page contains 69 frames:

Primary Page: https://www.hancinema.net/korean_jerome.php
Frame ID: A302F4F2CFCE0EDC4B86857BF1C580DB
Requests: 84 HTTP requests in this frame

Frame: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Frame ID: 4867AF3114E6201700B9020B6F1B2F03
Requests: 3 HTTP requests in this frame

Frame: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Frame ID: AD25039AF6288E81250A3A0A59E3783B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Frame ID: CC6FC8627E3DDBF5B44D4744D940E3BF
Requests: 9 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Frame ID: F129697125A0476345C5157E9C242580
Requests: 9 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=alm1h3WrbX5bEnUaMrVEMcSTZbZdRsjIQFAvStMdWGv54beunW6r0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYg0q6qRrYATb3STdrWnFQsQFrq1Evq5afh4E3RmaMD1rF8TtbXnPvZapsrwotfA2qrl2Win3AnZcmFUKYVvQYsF2XG7nnEvU5Un2TrjGUPYYQab1QVZbnPW3MYH7mWPQM2sZbYXbMZcUPqs2PrbQPBD4Hnq0tUZdmt2o36BY3snZdTVJjmDEjpUaxpdE8n6qtOmr2sBa3npidtBmcodZawtmYYqRYHORiwwGyAD0dKrJ&mediaDataID=8039566&mediaName=frame.html
Frame ID: 7C87CF378A3C6D807E98DDE1C466CE6E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aBm0xQTtQ5orJmRFjtYEUr3T7f5aUXnTFIXFJ8UW7Xm67CmsrmmHYG2Tvg3t6N56nEnbMZa0GMX1s320GvunEjW3FUQWrfZcUP3TQqb2PsZbtStfN1djtW6Yp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2FamWEbnWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUA7nRqvREZaDtPT4OQMWtP2BwdMfpYsV6n&mediaDataID=6530936&mediaName=frame.html
Frame ID: E78BC3A78D0DD8AE5BC7B87A39AC8051
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aDm1xYUAv2REMYPGUoSdByYtnnWPUx3svUYbQIT6mw4mFhQPfA4WMm1HrLndIo5AJ15cr8Vc3lUsbeRPFxUtQTUbj32UIuUaQvWaJ8PEBZdQVjZbRFimPt3iWcbT2FmmnWiOYauN4WnZdQsrF5AnJpHEpVWY9YUY6XFJe0qqtPbQZbUFBXTtMWobJqRbvtXaFs5aUe5Ef0oabAXF7dUHnTmmYZamcvsmHQE2qne5dZar56jJmbbE0Gf01cYp0svnVnAQyPaUmFmVtrA1Tp2Rr9AWsRa15Ae2nbaQvd2ZbwAehXDmBPUOgcB&mediaDataID=9148826&mediaName=frame.html
Frame ID: 5AB1EE67ECE59FDFCCF9D743D62297B4
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aFmXLtUqrnTTQbQqrHRsYLRreoStU6Uc355rymmteOXT6m3WnFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY0nFjxRFJNXqFn4EUk2ar0mqfCYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTPaU1QcMrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3BmATWuQPZb3d3NvlU0PZc&mediaDataID=2713736&mediaName=frame.html
Frame ID: 7FEBC360AE75FB69D07A91F4BDB76514
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aHm0xQRUjs1E3t3EBe2qj1oTJF1bZbaTHFXnmrKnVMwod7K2qYh5tAn4PZbZbnrrEXc7XYs34XGjppE7T3UFUVUbHWPnYQq3QSsnMPHUu0dvoT6Yu2cvX0FnDTAin2P39QPbK3H3oXdUAnW2x4PvW4VnbVcBbVVZbiSAUvUtFWWrbP3r2pUqYvWqn6PqvHRsQIPFurSdfaUcMW5rTrmdupXEXN3HMDSGZbB5ArZcmtatTtFaYrfk1UY9XaeXRUJZbomu2toe4VrPZdm6Za1prXEuQqEunYvXPqjMsJRuXGDIO&mediaDataID=6546596&mediaName=frame.html
Frame ID: 0D95F6FDF88C6FAD897317B0CAA60871
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aJmX9qScUrStZbO1WZbpW63w4srWYbFIT6Tw56Q9Pm7K2tFy1dUKpdiM4mrR5svgTGBlWsbgPPQmWt3WUrMY3rInWaMqWaMlSEMFRcQZdQbupPH3dVVrR5r2xmWqq0quu3WMZdPVbB2A3HoWXrUdfbYFr71UQh1TEpSrYGUFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMEXU37WtbPnm3ZdnGjsotYE2aUj5tIp4mFZdpbYZdXcMUXsFVXGvnpTbx3bF2n6IBsFA3sEa7nCqN3EJZcWgJXTr&mediaDataID=6807466&mediaName=frame.html
Frame ID: 2D3A972F696D7F7803CE6A7E79B8E8A0
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aLm0pPSTYZbQVJZbPFqoSWQbUV3S5rimntZaOYEqu2tvZdQcMZd5A3ZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ4mbFoPFbpXqry3Efa5T75nEMC1rFbTHBQmAUBncjsmtYL5qZbj3t6m4AJGnrvLXVfTYcnU0cvwpTjQ2FMQVrZbZcUPn1QE35QcQtStZbr1dvoT6vp3VB1YFMATmPt2PU9R6ZbH4H3y0HQZdmHaw3PnR4sYdTsvjVsJjS6QmTWYTUUB45b2uUqjvVbjaSTA6sCiZctnjYPAuDmSmnRsyA4vmWj7&mediaDataID=5578346&mediaName=frame.html
Frame ID: 48B8F1578316B946A5F9FA65AF082D57
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=anmYSwRr6nPHvdWVM22rToodItXTXn3d3ZdPsfH46UHoHPOUdF70bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrtYTQr5EFf5TjRoEBIXFUaTWMRoAvImVfmpdUJ3qZbg5t6r4m7GmbrJ0sM0YVF51sBOmqbQ5UZbTWrBAVPn5PTb1ScUMQdUNYtZbuWPvM3VQWYrZbJTAis5mF6RPbC3dvn0WZbZanWiO4AYU3sUdUVraUsBfRmQMTtF3WrMP5bA3WEjvnnm6mQ6ZarVPNtmYUroYHxDXZaRsyAO9MDho&mediaDataID=4056396&mediaName=frame.html
Frame ID: 2C75448F44307FE798A7346AB271620C
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=apm09ToTbA1rZb9UWJQn6UIpGUvpdMG2qr72Hir5PbGnUjHYsMP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbqQdBy1dfrWPjp4cMUYbZbZcU6im2Pn9QmFE2tnO0dBLpdZav4PYY4cMdVV3jWVMhS6MyTHYRWrrX2UisVaMoVEJbSTYFSGQJRrZavSdQcUGUP5b6nmWqpYT6x4WMHPsBC4mFLoWenUtJd0bQ9XbbgXqIsRF3CTFBSTtJWorZb4PbrNN7ypNQqjua6JQBekM7eLnG66WFI7WSYQ0D6ivHQ0WSwARX&mediaDataID=6719746&mediaName=frame.html
Frame ID: D9C4C8F2882372A5E95D42F4213D1311
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aBm01STtQ5orJpPUZbpXTJr3Tjf4qn1nEFIXFJ8UW7XmAYZbncQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvunEjW3FUPVrjZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2r6mVTQmWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUAKt82rTmm4T8a0NBE4wFIyynEwyd7p5iw14W&mediaDataID=5436426&mediaName=frame.html
Frame ID: 933D61CD73FBB56B90BB4A2DD4CDA8AD
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aDm01SUAv2REMXSs3mSdYyYtJqTmQM2cvUYbQIT6mw4PMaPAZbA4WMm1HrLndIo5AJ15cr8Vc3lUsbeRPFxUtQTUbj23UEuUaQvWaJ8PEBZdQVjLPrqrSH3iWcbT2FmmnWiOYauN4WnZdQsrF5AnJpHEpVWY9YUY6XFJe0qqtPbQZbUFBXTtMWnrbsQFJyXaFs5aUe5Ef0oabAXF7dUHnTmmYZamcvsmHQE2qne5dZar56jJmbbE0Gf01cYp0svnVnAQyPaUmFmxoTX2nnyXUQ2YsoTWNca6qrA1PF3kMgeUY2&mediaDataID=7665496&mediaName=frame.html
Frame ID: A51A555A9418BEED3F4648AFBE40506C
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aFm0SRUqrnTTQaPqJZcSVFLRrZasPWYaVc355rymmteOXqXO2HUFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY1mFFxRFJNXqFn4EUk2anPnTfGYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTQar4PcUrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3CoBqoO8MEMQ67rSXiTDfxr8nW0JSZbdE&mediaDataID=6347136&mediaName=frame.html
Frame ID: 3CE34DCC900FE62364A73E125DAF1794
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 8C461F5F702975F65DB9C390E62EF460
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4E28DD36B0B2398AC1E6C44DA1F9A94A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C546BA69F726D6115ED551500D7C52DE
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C71455E9BCCC9F982D9FD82CE194D93E
Requests: 6 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-5L28S2Z
Frame ID: 4BFB158C53BD2B77DF43D4372F766A96
Requests: 1 HTTP requests in this frame

Frame: https://www.hancinema.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js
Frame ID: E2041F1401438438F9AB275CF910870C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&adk=1812271804&adf=3279755396&lmt=1693220701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500904&bpp=2&bdt=1922&idt=877&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&nras=1&correlator=3089863421112&frm=23&ife=1&pv=2&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.w1zfynngq6cs&fsb=1&dtd=906
Frame ID: 8526CD9B3CBD8E86A97A8CCDAD19003A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919
Frame ID: 029C0F05935A394BF1CC7A4542C91F03
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&adk=1812271804&adf=3279755399&lmt=1693220701&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500856&bpp=3&bdt=1842&idt=981&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.l2shr394n809&fsb=1&dtd=998
Frame ID: 33669ED34BE09144E397B7B21ECB8E9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Frame ID: D8794CB9B3FC2AE02051ECB0D886A84D
Requests: 25 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZOzv3QANif4Bc-aVAA-1YGsCr1x_0BpUqB0Rew&u=%7CngRw8dZsUFvceNQQSdY2Nw2HZnZkQOTN5%2BzeHzVVEsc%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_JvYfZLm_vJzvOLJ12UxSe2Ddx4D--4qfoMW8seDx63X0TjnsRB_uaIPAuyzLw5Z0jkn8cXkFe0BKdYB0A7Wzi1_MIuwlF8EHmUciiveymfanX81ohGIA9HBtiJM1Xrc5ZTV9uEMzLcp6cAZs0MRi6zKIQ2x7yzXT3yMYjTsQDyvvLf7UbFf92KvpOvVOr5HEa0FDcIikx-l3Or3FyU4wm5S_WhyAYUQWll8SMj4AMd_mj2r9QFtsZmkX8767VcDVCJstQAdlfsyItUjNh6d47B5Ny2PE0pwF61USzLLerZlmqhHjtub3ft2mln7I2cj9B-L2vtSrpPRNvYcChDg8_Re7-0Vu7Tcpaenmc88wOXvj6lHlPbieHJiiOtC5HfPUKwvQ3UTJ5Gq2xUYOuj-cNsEmK97nNWcA4CDjT1UWjUgfF243RS5Wb8cQ1pOw0_gaJVMkGNCmTd-wdt1ZHICogdP6F3-iY5eaHOmHI3WcRuj5BengxSqz6uARW_nSDxX7W9EXFs29Vv34Bh6rCchJx65o4WlropYWF7jMU65rPbTITztvpv0RgepX-_7g5qo3Gp4Fc7PL9OQbzoSAsrvfyFeoMevsNyaYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFawo3e_sZP6TNpXNz7sP4Oq-uAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTYxMjg3MTgwNjE1MzY3MsgBCagDAcgDAqoEygFP0ByvZxBcXO9Xuhfclr75XP0NXzTEkD9oF9g-Y9GC_BaPM99jQgsOLpB4gbVfneAJp-Yh6a7tYn_U6atKjvuvWeCNl_wtT-hXGLqeMyO4y6cldiJ733WHckMxA4CNwskvahEfY3LFoM4pnS3QTjB6VXY0YFblN70nQ_OFcKOTJ3pEuNTG5FDNTEGUP3ErI0bVWBhjJgKQLDHtKRAwl9x8fuuiUKAi6Kp9JP8guX0vfccTqpCD6SHN_ocMMZbtGttNkjDoWB8S4lv3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DJAKntNRC8Fsu1NgWRoW5N0P4bA%26client%3Dca-pub-1612871806153672%26adurl%3D
Frame ID: C70E6DC69F8AB0ECA3E47C55E2911327
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7BCCF214710B067CF29E02C3E34AB7B
Requests: 9 HTTP requests in this frame

Frame: https://3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CB2EADB92EF116C42C1D9D0E0DA5130A
Requests: 1 HTTP requests in this frame

Frame: https://media-aso1.com/l.js?cid=hancinema-net
Frame ID: C3B4931B8A987084DED578B646A81758
Requests: 7 HTTP requests in this frame

Frame: https://21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 37B18312B8FFA584F34288A494113653
Requests: 1 HTTP requests in this frame

Frame: https://96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F81C28264AD500D0FE93F34B777BE605
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7
Frame ID: C46C7809A67696997224D3370C0EE4D2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80B1D6066781D943A57B8478B8D6C85F
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hancinema.net
Frame ID: 207D7A82892E35CD0A187AACCEBB16EA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59EEE4ADAF6C0A4B891F26D00797D275
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA356033EA5B50054FE95C0953B727B6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D5378A855635A52D4D51C5103EE08DDC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4058EFB90C1D7A895FA6EFFE1725CEDE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B78813083996ACD499968538CE45C9F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13B98A913E213642A2AD2C9594448888
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39D782E0E7512E407AF99763D28468D7
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FA560B1E3C1C15C2A8A65019E4519F5E
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 0B02B966FCA7A289F3E4B4DC26477C11
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 906289CBCAB2B175A282A585A74EEF1A
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 5E10BECAA0E002AEDB9DA3F40D96C4FC
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 741A12EE8083D1B081043940C74FFBDB
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: F439C5A7FD3F61B1CAB53CD629EB37B8
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 4E769D6D25647B2BE775C47721704E06
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: A1151D14788B8652B11845659E5C2040
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 022114BEB0C0B6DE6ACE8A25410CB3DD
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 6D572607AA420995C6495113DCD4E58B
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: AA3D97E2975C2BA8952159225155E739
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 1E612C99C1B165F83E15C7589E34154A
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: A2A5F8852CAF1B01530E693F82E2DFAB
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: F07614CE02F62376CCF058A25B4D2205
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 22E1B7FCBEC1BA141E4DCB2C4EBDA803
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 26260FE1CEC09C8DFAAEA0D5ABE12872
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 15C7C3304618FE930C1250674868728D
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 0E81608ABFF1979EBF6D5FF02239E5E7
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: CCF6C60A7282843BBDB22888825DAFA4
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 422EE32BC36E0D03ED36A7938BEBE05F
Requests: 1 HTTP requests in this frame

Frame: https://lib.media-aso1.com/prebid8.3.0v1.js
Frame ID: 4E07D0048034250830CA020DBA0791CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EE5368EE2AA1F870F8A6457D691D9059
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79BDF1FFB207E2A0E9BD843A8B449B73
Requests: 2 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 6D1063A42F2076B2544C588D0249EA86
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 121F1FD9E84A8FA9EA0DF6C8967F2BF5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12E654F52DAF4A978DA061C93A7EE557
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jerome (제롬) @ HanCinema

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

302
Requests

86 %
HTTPS

0 %
IPv6

59
Domains

94
Subdomains

67
IPs

6
Countries

4128 kB
Transfer

12884 kB
Size

66
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.twitter.com/hancinema

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hancinema

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hancinema/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/hancinema

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/hancinema/AUJj
Title: RSS

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293957.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: http://www.cyworld.com/JeromeTo
Title: Cyworld Minhompy

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo1449845.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo1449844.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo417117.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293958.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293956.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293955.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293954.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293953.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo293952.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo13927.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://photos.hancinema.net/photos/photo13926.jpg
Title: 🔍 Zoom

Search URL Search Domain Scan URL

URL: https://www.ad-shield.io/
Title: https: //www.ad-shield.io/

Search URL Search Domain Scan URL

URL: https://www.ad-shield.io/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://a.tribalfusion.com/i.match?p=b22&u=18072662105505648232&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105505648232

Request Chain 83

https://a.tribalfusion.com/i.match?p=b24&u=18072662105505648232&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105505648232

Request Chain 84

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=7f30aed9-2deb-407e-96b2-c306f66b06cb HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662105505648232

Request Chain 85

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662105505648232&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662105505648232&C=1 HTTP 302
https://a.tribalfusion.com/i.match?p=b20&u=ZOzv3ZySjNqoNMARhv4k2AAA

Request Chain 86

https://tags.bluekai.com/site/4229?id=18072662105505648232&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662105505648232 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm=&google_sc=&google_ula=2786954&google_hm=18072662105505648232&google_tc= HTTP 302
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENi2RfZgAJM6spdMfneiVOg&google_cver=1&google_ula=2786954,0

Request Chain 88

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b13&u=39129202267706666332832405549621127348

Request Chain 89

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662105505648232%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662105505648232%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662105505648232&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
https://a.tribalfusion.com/i.match?p=b11&u=BDBDAC35-3AE9-4A14-AC7C-7E83BCEAD555

Request Chain 90

https://a.tribalfusion.com/i.match?p=b10&u=18072662105505648232&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105505648232&expires=180

Request Chain 91

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662105505648232 HTTP 302
https://a.tribalfusion.com/i.match?p=b23&u=231843304622010685521

Request Chain 92

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662105505648232&_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662105505648232&_origin=1&redir=true&verify=true HTTP 302
https://a.tribalfusion.com/i.match?p=b17&u=y-V6wlQidE2uifulYw227U47V9l1lDslA-~A

Request Chain 104

https://www.hancinema.net/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.hancinema.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

Request Chain 127

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_cver=1&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTHL_yHeyu-l7pVpXBF8zMgfuQckpy48s7g_iejmhAW2-QNRuxo HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ee2ef31bf722538&is_secure=true&networkId=14000&version=1&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_cver=1&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTHL_yHeyu-l7pVpXBF8zMgfuQckpy48s7g_iejmhAW2-QNRuxo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALdYBSEfqdiwN-P91HAAAAAAA&expiration=1693335903&google_cver=1&is_secure=true&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTHL_yHeyu-l7pVpXBF8zMgfuQckpy48s7g_iejmhAW2-QNRuxo

Request Chain 128

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHDrNDDnQe-kKlaVbF6jYlo&google_cver=1&google_push=AXcoOmSiIICrtFs70U2smp3E_JFpW5auTBRB1nUM-PK5hWexFNLFQWZWTRMM5TqAwup-Mq1jx_hCNpqwC_U3wqt9-z_Sx_4DsZYjfCA HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHDrNDDnQe-kKlaVbF6jYlo&google_cver=1&google_push=AXcoOmSiIICrtFs70U2smp3E_JFpW5auTBRB1nUM-PK5hWexFNLFQWZWTRMM5TqAwup-Mq1jx_hCNpqwC_U3wqt9-z_Sx_4DsZYjfCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ2NTRjZTMtNTI2MS00ODZhLThiYTQtMjQxODM0YjRhY2Ex&google_push&gdpr=0&gdpr_consent=&ttd_tdid=54654ce3-5261-486a-8ba4-241834b4aca1

Request Chain 129

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_gid=CAESEHL0NigqIke4q0Wae4II94M&google_cver=1 HTTP 302
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_gid=CAESEHL0NigqIke4q0Wae4II94M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_hm=AZ2J66rNS4D1ks8AD7MO3B27FMA

Request Chain 130

https://a.c.appier.net/gcm?google_gid=CAESEJZppIBhd6LB-kxWZAFM4EM&google_cver=1&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-Kfzp13d2riXEQOPYYjU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-Kfzp13d2riXEQOPYYjU

Request Chain 131

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOsPP0u0BcLXyp5FVDfK9M&google_cver=1&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOsPP0u0BcLXyp5FVDfK9M&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM&google_hm=d0F0Y2FvV3ljNGxKRWVkWVZaUXg=

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGH-JLEbOX4wy9fy3lRE2yw&google_cver=1&google_push=AXcoOmRjMo18OtvafrwjS2JnThd5vx3szgbBRGFxgOzAOMSwGmcOTbqpf5mlDHTUps3hKnGngBLxsgsgYOYz6oJpU6i5WHsfzLspiyIPgO-_sxbcu-IVFj1tBIxSjTLga50tBskST-AXpiYJkZotD8IbxCqaag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGH-JLEbOX4wy9fy3lRE2yw&google_push=AXcoOmRjMo18OtvafrwjS2JnThd5vx3szgbBRGFxgOzAOMSwGmcOTbqpf5mlDHTUps3hKnGngBLxsgsgYOYz6oJpU6i5WHsfzLspiyIPgO-_sxbcu-IVFj1tBIxSjTLga50tBskST-AXpiYJkZotD8IbxCqaag

Request Chain 202

https://a.c.appier.net/gcm?google_gid=CAESEJZppIBhd6LB-kxWZAFM4EM&google_cver=1&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYpHYcSOryOcFsQPO7-oAEsqEQl07HL9OimMBNhVOlHwYGk3ZVnZ40l6aGff_OP8xwVME8nr2J HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYpHYcSOryOcFsQPO7-oAEsqEQl07HL9OimMBNhVOlHwYGk3ZVnZ40l6aGff_OP8xwVME8nr2J

Request Chain 203

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sBhpItroN2SJ98HHhq8rEIj22w HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sBhpItroN2SJ98HHhq8rEIj22w HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=6cc8ad22-7b4e-419c-992b-afbd3d10b073 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=6cc8ad22-7b4e-419c-992b-afbd3d10b073 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=22a4e9b0-790c-4247-943d-324e775b6d30&user_group=1&ssp=google&bsw_param=6cc8ad22-7b4e-419c-992b-afbd3d10b073 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sBhpItroN2SJ98HHhq8rEIj22w&google_hm=bMitIntOQZyZK6-9PRCwcw==

Request Chain 204

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluIGV9zyXaHOvRidQSONZFACb6-hWH1rvWaA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluIGV9zyXaHOvRidQSONZFACb6-hWH1rvWaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluIGV9zyXaHOvRidQSONZFACb6-hWH1rvWaA&google_hm=bMitIntOQZyZK6-9PRCwcw==

Request Chain 207

https://trace.mediago.io/cs/google?google_gid=CAESEFnDgO_a5jwK8OuYNd9iujE&google_cver=1&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoeqa4BrI784vT5LbLsUIyZxfedgE7cAg_98obgFL1V8ODxjGBvh2qj1dASBcpIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoeqa4BrI784vT5LbLsUIyZxfedgE7cAg_98obgFL1V8ODxjGBvh2qj1dASBcpIg&google_hm=a6873b07c48a7df2469b5f5974af3675

Request Chain 227

https://fw.adsafeprotected.com/rfw/st/1104607/70775984/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.hancinema.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.hancinema.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1612871806153672%26output%3Dhtml%26h%3D250%26slotname%3D1776509735%26adk%3D701384798%26adf%3D3075933881%26pi%3Dt.ma~as.1776509735%26w%3D300%26fwrn%3D3%26lmt%3D1693220701%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.hancinema.net%252Fkorean_jerome.php%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1693249500859%26bpp%3D1%26bdt%3D1845%26idt%3D998%26shv%3Dr20230823%26mjsv%3Dm202308220101%26ptt%3D9%26saldr%3Daa%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D3089863421112%26frm%3D23%26ife%3D1%26pv%3D1%26ga_vid%3D710989253.1693249501%26ga_sid%3D1693249502%26ga_hid%3D413432646%26ga_fc%3D1%26nhd%3D1%26u_tz%3D480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D287%26ady%3D989%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3845404606%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31076838%252C31077328%252C44795910%252C31076995%252C44796700%26oid%3D2%26pvsid%3D454518118224158%26tmod%3D1742144339%26uas%3D0%26nvt%3D1%26fc%3D1664%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D2%26uci%3D2.4mbj52zgbz5p%26fsb%3D1%26dtd%3D1002&adsafe_type=d&adsafe_jsinfo=,id:f6f13464-6490-00dc-722a-153a5b3eb07e,c:mE4JDP,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-6c94bcc666-cjnfk,rg:sg,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tOfYmqH+111%7C121%7C122%7C123%7C124%7C1251%7C1252%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c*.1104607-70775984%7C13c1%7C13c21%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b,idMap:13c*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:27,oid:cbb23b39-45d5-11ee-82fa-8a2b592c6bdf,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=

302 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request korean_jerome.php Show response
www.hancinema.net/ 50 KB
12 KB 1189ms
617ms Document
text/html 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 7e4ae9511a9191f548fdd73cf243397036a0edb0ef73eb71ae1fb7a8664ac2c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7fded2a5e8bb897a-SIN
content-encoding: gzip
content-type: text/html; charset=iso-8859-1
date: Mon, 28 Aug 2023 19:04:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1SUA5ARWNVm8hnUl6SG%2FFyEwrFg%2F8zTC1oEuU%2FSYSRoGKz1d%2FAatRrybHZDbCnFKKLvRbOdaKh5pdvJlAFAeG6bQQq1%2FPRPZv1r6M71t1ntMmnfFw22oTm%2F2dijT2M0Yhbc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/5.3.3

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
49 KB 644ms
88ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-81279-1

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ae35948a144288a04250b295a24aeaef973408866142f90f834fae7487d540b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 19:04:57 GMT

GET
H2 200 loader.min.js Show response
07c225f3.online/ 61 KB
20 KB 661ms
98ms Script
application/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://07c225f3.online/loader.min.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6066510b0bd9dee82e1f8ff5e2aa41b4c028ce9326b5599b0778fdd44d628271

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2302
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2846acf8b409b26655f91c49d9361769"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zw5d3YGADvmaBzJ4vwkzSC1ATp5N%2BJsM7Si5N6VwU4F1lw%2FCO6REEBs1Lh6p7TqmR6uADHyANjWVDLcdQsjWTriC8rmrxKyNm8txBKj9EwJasHgapITCvfSJ1%2Fg4NNQOd0%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400, must-revalidate
access-control-allow-credentials: true
cf-ray: 7fded2ad4fd24024-SIN

GET
H2 200 HanCinema-Logo.png
www.hancinema.net/logos/ 19 KB
19 KB 138ms
136ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/HanCinema-Logo.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c068af6dfc0234569404701305fc3a9d0f31d4f54ea97e3c08f8d4675d2163

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2819
cf-polished: origFmt=png, origSize=41248
content-disposition: inline; filename="HanCinema-Logo.webp"
content-length: 19160
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Mar 2021 21:51:43 GMT
server: cloudflare
etag: "16b5850-a120-5bcd116f699c0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxxbfWUWtVZhn%2BR0w2QLqjCbKeAp%2FQ3AnL2fEGL%2Fuel0wWUCJgQWHNe%2FU0Zt6FbO9szVhS2QaG4ONZ%2FSmann2FgjsvRm%2FnJLuBowYUmo9ULmFoRUpiiSXaBurt4n6ydiamq7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefc4897a-SIN

GET
H2 200 twitter-icon.png
www.hancinema.net/logos/ 2 KB
2 KB 138ms
136ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/twitter-icon.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9691f6543526903ca8774d43b38aad8ebf04efc79ef94ffe7d178a56c2f89f6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2819
cf-polished: origFmt=png, origSize=5940
content-disposition: inline; filename="twitter-icon.webp"
content-length: 1938
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Feb 2021 01:20:10 GMT
server: cloudflare
etag: "16b62af-1734-5bb69e74b8680"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvZp%2F4ESjuGT19IN6%2BNryWT%2Fz9Ay0jgHMvNQTPtfNre%2B1V4IKCBPXgLGkbkeg9ohZis5TwB29WnHj9aCgMaiDg5Vq%2F8Zz8%2FaZLVrwuJJAZA%2BwNRfsOMDG1pTqch2ku4Kvtrj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefc2897a-SIN

GET
H2 200 facebook-icon.png
www.hancinema.net/logos/ 3 KB
4 KB 95ms
94ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/facebook-icon.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e85560dd1bed553a99af3c5ceb7740f048a19f0f38194b6c4089e17aac06b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2893
cf-polished: origFmt=png, origSize=8935
content-disposition: inline; filename="facebook-icon.webp"
content-length: 3450
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Feb 2021 01:20:10 GMT
server: cloudflare
etag: "16b62a6-22e7-5bb69e74b8680"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym%2FSlrxCx6sU%2FU56BX6mqdzM98lzIOTtzkos6IftyYT3EAL6M0w3brI36oGpt0R2AOn%2Fl6Hf3rheoFCmGrVsntTJztk0RR%2BMNy8%2BCUsSsMSgwqrDkA1axAZmR7mQJbH5cdN5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefbf897a-SIN

GET
H2 200 instagram-icon.png
www.hancinema.net/logos/ 9 KB
10 KB 100ms
99ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/instagram-icon.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4ef911ee49fdd3118b41a55968fb30522a89f48bebb73abeefcc737c5741574

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6828
cf-polished: origFmt=png, origSize=16711
content-disposition: inline; filename="instagram-icon.webp"
content-length: 9624
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Feb 2021 01:20:10 GMT
server: cloudflare
etag: "16b62c4-4147-5bb69e74b8680"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7vQXfIq0kW%2FVYUnR4WhCccl3f70y3a94HluTHGP39WObdxovPQaQXfyou44egvL6cPlEHy%2FS%2FOrwUYwHbs4pNBq2GFMCvsfWlzBAEfx0BFfGzDhH1%2BhVVLgrPN66oKOIQcY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefc1897a-SIN

GET
H2 200 pinterest-icon.png
www.hancinema.net/logos/ 3 KB
3 KB 137ms
135ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/pinterest-icon.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c1fc8c18d24d19d6c884f5fd28d6c5a2ffd92d82173f0e3969070e299a6123

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4741
cf-polished: origFmt=png, origSize=9376
content-disposition: inline; filename="pinterest-icon.webp"
content-length: 3124
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Feb 2021 01:20:10 GMT
server: cloudflare
etag: "16b62b1-24a0-5bb69e74b8680"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69oKlvMCj5S9gvn4yxbAXEFjOffLkNlhWzsJNyN%2BBMx8nl4A%2BGr0yd%2BIMcczeWt%2Fvkc8mM3sTwwkL7w3%2FayNX8HLe8TdyBpG4Voisn5C%2BU%2FvWvhAv3O1ch6nbYTd1d9MIWc4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefc3897a-SIN

GET
H2 200 email.png
www.hancinema.net/logos/ 1 KB
1 KB 101ms
100ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/email.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823de2158122dc8c5b8a532270c8b9ae1b0a573ab9a4b3287c5a4d985863eee5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6827
cf-polished: origFmt=png, origSize=2518
content-disposition: inline; filename="email.webp"
content-length: 1094
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Mar 2021 22:54:50 GMT
server: cloudflare
etag: "16b584f-9d6-5bcd1f8afa280"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6CZThP%2FYxwiQRlLw0HKHfw8seMhw0spT0JHthkL0dcMi6sKn8QqXxVAybXsKyqL2ZoDRnSxdqc27wXQwkuDCGbrNqyhjQk%2Fz%2ByG5UUo3TEwlpOtcEGeF8BkZWHHrfjA%2Fm68"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2aeefc0897a-SIN

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/hancinema/atf/ 7 KB
3 KB 1717ms
788ms Script
application/x-javascript 104.18.12.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/hancinema/atf/tags.js
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 2317
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 1
etag: 5909443542969422214
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 7fded2b3feae882c-SIN
expires: Mon, 28 Aug 2023 20:04:58 GMT

GET
H2 200 photo293957.jpg
photos.hancinema.net/photos/ 33 KB
33 KB 462ms
457ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/photo293957.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcf516b0bac4f9a3104d20f97b79ce95895b80befa2cc2a1a8b54ae339600dd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=46660
content-disposition: inline; filename="photo293957.webp"
content-length: 33776
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:32 GMT
server: cloudflare
etag: "1905f3d-b644-4d89a290f2502"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmWHcgsmP1Z5WARH4A5fbaV4zvfxx2XrKs6u%2FhTM1X7KiUV2eKhmXdvTwOl%2BGrryQq4G2N6ytN9yKthh6L%2FhsgIIQI5Oc8ukU3FCkImX9wzHp%2BoxXLKPOR2jH2udYUqhKa3pUqc5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b91864897a-SIN

GET
H2 200 cyworld-icon.png
www.hancinema.net/logos/ 4 KB
5 KB 94ms
94ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hancinema.net/logos/cyworld-icon.png
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61138e8c3b67e3af8d7af25df3412b239aad6cc9701ca3d23c77c1062541e3dd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084
cf-polished: origFmt=png, origSize=8608
content-disposition: inline; filename="cyworld-icon.webp"
content-length: 4518
cf-bgj: imgq:85,h2pri
last-modified: Tue, 16 Feb 2021 01:20:10 GMT
server: cloudflare
etag: "16b62cb-21a0-5bb69e74b8680"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDwP16Nhg8X9AUQiCB1TWb%2FGY6zaIdxZNVYfY3rfuYjvcS2wUcqM7TQE2PqSvCBK%2Bj4kCEZV6PF9hLir%2BB%2Bfe7dLhE7K9Udj3RdcGnko5IYG6HIJgTuYIdYG2N%2BqKpoJwOsp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7fded2b90852897a-SIN

GET
H/1.1 200
OK spt Show response
tg1.ergadx.com/api/adserver/ 29 KB
8 KB 1447ms
421ms Script
text/javascript 23.32.29.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.ergadx.com/api/adserver/spt?AV_TAGID=64c0f4b686f27acac302e485&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.90 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bff9d0bec6e0c2e257b7475acb24f4b99b3d67e00c2b77956fd0d65e719171d8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Mon, 28 Aug 2023 19:05:01 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7271
Expires: Mon, 28 Aug 2023 19:10:01 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/hancinema/us/ 7 KB
2 KB 1010ms
820ms Script
application/x-javascript 104.18.12.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/hancinema/us/tags.js
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 2317
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 1
etag: 5909443542969422214
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 7fded2b3feb1882c-SIN
expires: Mon, 28 Aug 2023 20:04:58 GMT

GET
H2 200 posterphoto13839.jpg
photos.hancinema.net/photos/ 9 KB
9 KB 186ms
185ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto13839.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4089b24589fe24c05fa742bd60bb2f4cbbb7b2ea3c94931efe58c8d04f2d3f75

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2718
cf-polished: qual=85, origFmt=jpeg, origSize=10575
content-disposition: inline; filename="posterphoto13839.webp"
content-length: 8762
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2006 10:21:52 GMT
server: cloudflare
etag: "18c2803-294f-40dec4ff8f000"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGdDfqVh2IgV5bInqg7B8Dw2y4kdkEO%2FAxtIzvSadsNQPzlOl0YSJ8%2FePdW0dA25QquPPOqS2n9y8xNosD8FnpD%2BDf9hvq5rRdtRfTvIzLdFzmPlV%2BYxBl6QY73m3ZINVFfaTF37"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968b3897a-SIN

GET
H2 200 posterphoto1022230.jpg
photos.hancinema.net/photos/ 8 KB
8 KB 109ms
108ms Image
image/jpeg 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto1022230.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667c7c8e6fe98a76c1862736c68ef5d4f56abd626cf642febe15d51eb1532498

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2718
cf-polished: degrade=85, origSize=9649, status=webp_bigger
content-length: 7923
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Dec 2018 01:32:43 GMT
server: cloudflare
etag: "155bd8b-25b1-57ca0f102cc04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaGjrBdRGzvus0Lca%2FrONxgQjAKGmiO8jc5DZyueJWsV8xoTzFTnRdgdHdjZcIAm20OxspDdrpQ3QrpvDQZR%2BFpvZRGKy%2BdMjt0judK54U6mwi8IRAXKrXU%2BaD2RLiuXSvAAPUkh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968aa897a-SIN

GET
H2 200 posterphoto290375.jpg
photos.hancinema.net/photos/ 10 KB
10 KB 188ms
187ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto290375.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388638f8588c36e617ce23eb5776672ea9cd56a8099557416ee88242809b96ad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2718
cf-polished: qual=85, origFmt=jpeg, origSize=12580
content-disposition: inline; filename="posterphoto290375.webp"
content-length: 9810
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Mar 2013 18:20:44 GMT
server: cloudflare
etag: "190378a-3124-4d7aa3b367fe6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnH88hz%2BntblcY7Q8bGNfVPmTGShzVP7fjlmzk%2Fr7f9bYen2HovDOM7KHfcVBdRlW%2Fb3O8Z3oZ1zmJrh%2F1OTDKwb6Ysr7Mc9MKBSZ8L7lQ5u5f%2FjZJ5t9qzFErhp3pqs4pXm8yz6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968b0897a-SIN

GET
H2 200 posterphoto1449845.jpg
photos.hancinema.net/photos/ 11 KB
12 KB 468ms
467ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto1449845.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf0d60a46bf31e9cd598154c949a867d61509bd1bae48e5dad01eb65b4c4188

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=14223
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=VEgi_LO4LpCM1Afo7EBhBYPfPRQinYMFemVwsAWKUy4-1693249499-0-AQSsU1KbOBibB7RsovGaxAlZ1ShxKJohR_yFfzc8HF3AQm1SJcq_Huy5DkUACQOvstA1vwF-4JrsmZT8Y1gHzizKvwpxsdD2L8g62jSfotJXdWIuVqoP60hCjNRLwDjZZDlZ6TrcJTJaTcy-bDYpHZkDhquO7bcEy1KogGUxcNXlQVkTsI6mqNEF4cxVgfxyAQ; report-to cf-csp-endpoint
content-disposition: inline; filename="posterphoto1449845.webp"
content-length: 11158
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Mar 2022 13:20:12 GMT
server: cloudflare
etag: "179130f-378f-5daba5b2ea8ef"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mClzkE22OdCg7ct6wHry9V9vkyFOdBN5L7bUo1BEOMIk5jp8rl%2BpVm8ZsWi1tyDS58XHCS5CiMVMMPD3dALZXVT0nY9a3hLnGOg%2F7Hf6Oxna1BEIiOE%2FDdbWB9poRLN9AfBqhiLJ"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=VEgi_LO4LpCM1Afo7EBhBYPfPRQinYMFemVwsAWKUy4-1693249499-0-AQSsU1KbOBibB7RsovGaxAlZ1ShxKJohR_yFfzc8HF3AQm1SJcq_Huy5DkUACQOvstA1vwF-4JrsmZT8Y1gHzizKvwpxsdD2L8g62jSfotJXdWIuVqoP60hCjNRLwDjZZDlZ6TrcJTJaTcy-bDYpHZkDhquO7bcEy1KogGUxcNXlQVkTsI6mqNEF4cxVgfxyAQ"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968ae897a-SIN

GET
H2 200 posterphoto1449844.jpg
photos.hancinema.net/photos/ 5 KB
6 KB 148ms
147ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto1449844.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c8ef13c89c0ac84ae067b5ba5661ba9a0c631a4f10d221ee7190b9831e1659

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5573
cf-polished: qual=85, origFmt=jpeg, origSize=6903
content-disposition: inline; filename="posterphoto1449844.webp"
content-length: 5240
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Mar 2022 13:20:11 GMT
server: cloudflare
etag: "179130a-1af7-5daba5b2b7495"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF%2F1JxfqgW%2FruZJ0h134BbAqcGY4UmTs6mJ17VJIS4rWpy6u3w3NxEZtsoePhCnTYu3YBYHnZj6138slTnWl0XNfGSxHrcrUQkLlh6FTTknTOwQUCGB2DmBzPYcTqAptbVh4JM74"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968af897a-SIN

GET
H2 200 posterphoto417117.jpg
photos.hancinema.net/photos/ 13 KB
13 KB 146ms
145ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto417117.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f376ae12e71e8daa1b4b735abd305ecb83a1fac5477c570fb3f8e68757b3ae6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=16266
content-disposition: inline; filename="posterphoto417117.webp"
content-length: 13238
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Mar 2014 23:24:21 GMT
server: cloudflare
etag: "193827e-3f8a-4f5262f829c05"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br2Xc6i0CbBD9jcb%2FAmqogafwf4wA0cZyHrio5QIq%2Fzj%2FfGiwjGZwFrA8QG1JlgyxPhi47g2Ed1YPd5NorGLBOp33dre7gtoH7BZmE5kHDzwSlaTAw6hTDwVZxffFeJ5a5aL5K7%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968ad897a-SIN

GET
H2 200 posterphoto293958.jpg
photos.hancinema.net/photos/ 7 KB
8 KB 149ms
148ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293958.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b195b7982a434ef1d5be410aa1fc828cd2c28bcbd92227ec89330b44af90d53

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=10863
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=pmFXqUVU6xxVQ13YoPMb3N6jawAhRnO_WkzzEUy8oJM-1693249499-0-ARjCjBpzAz9wqja20apufIcAIOkFFMDPwhxzlgxY5DuRCICpE1pC-5DQp6B1xysktFPE71tlS9PGgsIXUxpH6oujOnk7UkqHWDL8OMo7qSxs088mzP4qkLr_Egapzl82zXzFKlC8XiKF8D4GaWFojDuIJVyVwI_E4Lv3WopgKmdKHMAlQgHEUtGmzw-gHDCHdw; report-to cf-csp-endpoint
content-disposition: inline; filename="posterphoto293958.webp"
content-length: 7076
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:54 GMT
server: cloudflare
etag: "1905f46-2a6f-4d89a2a5bd4eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWCyQiR3vb32FCsP0PerVcMAx0KdkXKPFxh1jmlDkcKZL3k1pwDMZMY5Cn80UtS0fx5c55SMRIHtKviB2Vz7O8Eft0xaaSg43W8oQneggchmlsavDog61uE%2FYAtwrCywpvvq10PM"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=pmFXqUVU6xxVQ13YoPMb3N6jawAhRnO_WkzzEUy8oJM-1693249499-0-ARjCjBpzAz9wqja20apufIcAIOkFFMDPwhxzlgxY5DuRCICpE1pC-5DQp6B1xysktFPE71tlS9PGgsIXUxpH6oujOnk7UkqHWDL8OMo7qSxs088mzP4qkLr_Egapzl82zXzFKlC8XiKF8D4GaWFojDuIJVyVwI_E4Lv3WopgKmdKHMAlQgHEUtGmzw-gHDCHdw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968b2897a-SIN

GET
H2 200 posterphoto293957.jpg
photos.hancinema.net/photos/ 11 KB
12 KB 105ms
104ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293957.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae13a055c909e01673b435a3d3fad35541465fa10432f2e9844204c7bae3fd4a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=14872
content-disposition: inline; filename="posterphoto293957.webp"
content-length: 11672
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:32 GMT
server: cloudflare
etag: "1905f41-3a18-4d89a290fffc2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NQ%2BweLmHKo5cEYprOROd%2FYAToHhFrv5PD%2FeyY4Cm%2F8aXsN59Cv5%2FiJ8Ht%2B%2BvF45CmaX1VOgMAc%2BYtIPIQa4lZuHw75FTPMgVftk643agGEPLONxP6AQ%2BsNfQR0YEu%2FvvT3BjFhc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968ac897a-SIN

GET
H2 200 posterphoto293956.jpg
photos.hancinema.net/photos/ 12 KB
12 KB 187ms
186ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293956.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ee1b5e88bc9bc886d0c0f5d1aaabdc144a53547a47f27dc253d100b5e44cf0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=15911
content-disposition: inline; filename="posterphoto293956.webp"
content-length: 12192
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:31 GMT
server: cloudflare
etag: "1905f3c-3e27-4d89a2909bf4b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI8etc3PGfmQsunKMJ9CNTwMvLAr6xYjCpV%2BLTc9nkizPnnFnPMWoAOo9rTJ9GTprlixFFpXsVYW93TCm5A1Lnk0lT%2F04QNz7%2Fnt7DXIuURkPXgShkzB4H7OpqSlKNAepmEMX11P"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2b968b1897a-SIN

GET
H2 200 posterphoto293955.jpg
photos.hancinema.net/photos/ 9 KB
10 KB 96ms
94ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293955.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1cf569e70060d02505b891936991708b929da9aed889b0b347b9304e40f5b15

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=12612
content-disposition: inline; filename="posterphoto293955.webp"
content-length: 9468
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:30 GMT
server: cloudflare
etag: "1905f37-3144-4d89a28f2e31d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqWmTQ08xzDKqV0LzQGy6%2FklMutcjm50qF631jx6n%2B0MwE3jFaUapiTt%2FIRMsVxseUkM4F4Qj9vKUNcnS%2FQpay7P6nAcTkGiixm0tqI2EaPhnpeb9VorETMVYziD1Sg9TcGG4nhq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2be6c1c897a-SIN

GET
H2 200 posterphoto293954.jpg
photos.hancinema.net/photos/ 15 KB
16 KB 142ms
141ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293954.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d96e9175047dae4a4e08521adb76db1d811489cc2999faf9d6a43a2e93879b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5571
cf-polished: qual=85, origFmt=jpeg, origSize=19540
content-disposition: inline; filename="posterphoto293954.webp"
content-length: 15588
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:24 GMT
server: cloudflare
etag: "1905f32-4c54-4d89a28996574"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3KaMUP5r8%2BgthlwADhbzf1gGKMwqI9J4IZHnPJAK2lPgVNLwXb8lXdpZrg6Z4thDBx2LMIl9QDjJQoUeucaCllhxAQngVwOyBeHl2rMAOoHs08Ns1wz7mrY1li80uXjBrazIMh1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2be7c27897a-SIN

GET
H2 200 posterphoto293953.jpg
photos.hancinema.net/photos/ 17 KB
18 KB 106ms
106ms Image
image/jpeg 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293953.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29dddc94f23e000d3cb957fa0e8503645c306249ec0dec283f378b5dedfd7cc7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5571
cf-polished: degrade=85, origSize=21567, status=webp_bigger
content-length: 17685
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:19 GMT
server: cloudflare
etag: "1905f2d-543f-4d89a284be4d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXeYthQloMrm4AiOfiVmW8dRYajPvJNmAaXE%2FgTtt0R8JpX00ljj8zCTi%2FH%2FvXCLT8Vg7KcOw9OtE78Uy4SK8CYZQn9oHeUjeXS%2FRlnJGPlUtMB1QbqUDFxVs%2BXcAPI0qR4QsaKm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2be7c28897a-SIN

GET
H2 200 posterphoto293952.jpg
photos.hancinema.net/photos/ 15 KB
15 KB 110ms
109ms Image
image/jpeg 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto293952.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d87401c3256d2c5f9b0caa68d9ca130c5cb52660cfbe44ec9dac2e5261e4b796

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2084
cf-polished: degrade=85, origSize=18169, status=webp_bigger
content-length: 15209
cf-bgj: imgq:85,h2pri
last-modified: Sat, 23 Mar 2013 16:35:19 GMT
server: cloudflare
etag: "1905f24-46f9-4d89a284c0bb2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXBFtCXDQFaY4kQXJK%2FwVV5wt8DSGmsqFMhDTwaOBgeiwUbDizZWTIBPYkv7xPgjY9jH3CizdP%2FTbf7Cz6TNfvpE%2F3zrQ%2Bu9VLUJcqUuRf7WH1Q5Q1lYtVfduR2QEqQ%2B28wYX0%2BN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2be7c29897a-SIN

GET
H2 200 posterphoto13927.jpg
photos.hancinema.net/photos/ 6 KB
6 KB 99ms
98ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto13927.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4aa33b6e9b51ae1255f933abf5c6349e2f7008665c09b7c96dd5160ee8bcbef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=8213
content-disposition: inline; filename="posterphoto13927.webp"
content-length: 5722
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2006 13:51:50 GMT
server: cloudflare
etag: "18c2bb5-2015-40def3edf2980"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMSAJTjNRe9TY1xrOqRQBM4n%2BF%2Flw38G0nazTresqpXK%2B9hEjv%2FYPpsdI8FFAUPoSYWORU7AMxGyMyObIhuFuZnJPIs7%2FaH%2FJ8H7ipkux%2BgMWe43v3Ooyhca7rLnMjU9xj1iE5CT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2bfcd0e897a-SIN

GET
H2 200 posterphoto13926.jpg
photos.hancinema.net/photos/ 6 KB
7 KB 102ms
101ms Image
image/webp 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://photos.hancinema.net/photos/posterphoto13926.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efd5724223b8cb84079e0229ddfb95fbb1d9db3c0a5725d9434144434919769

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5572
cf-polished: qual=85, origFmt=jpeg, origSize=8647
content-disposition: inline; filename="posterphoto13926.webp"
content-length: 6614
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2006 13:51:50 GMT
server: cloudflare
etag: "18c2baa-21c7-40def3edf2980"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0sZIF767GDBMzzIfx0CtpYk1i2M11pK1NWpTf9tm1vF1PMfpZkL4lVRlop1mIglctwmrsyTh4nhJPq4KvjmjmnZquf11L2qyV3ZZxWUM4P2Y%2BpHPezTAbADwMekm9X0ihJcuV4e"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2c02d55897a-SIN

GET
H2 200 korean_dvd_vcd_box.7071.jpg
images.hancinema.net/images/ 3 KB
4 KB 104ms
100ms Image
image/jpeg 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.hancinema.net/images/korean_dvd_vcd_box.7071.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80d2575e982cdf26641fa066ef74aded5c163840ad1aef30f17cabe9f835d6d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4592
cf-polished: degrade=85, origSize=3868, status=webp_bigger
content-length: 3403
cf-bgj: imgq:85,h2pri
last-modified: Thu, 19 Apr 2007 20:25:40 GMT
server: cloudflare
etag: "13e0f76-f1c-42e7d01a19900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIGhZCUlmToSJjK1mznhRpOoYeoPmjo3O86%2BJIEMTkE78SfTAJiLWQmayTpouOmlxwe6zrK7z7oFLjBfU1LnyhKMg9BW6wcatpKtVJo267jM7spt3q1Wkbm1e%2BciaVY8oqne%2FEJu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2c02d57897a-SIN

GET
H2 200 korean_dvd_vcd_box.5376.jpg
images.hancinema.net/images/ 3 KB
4 KB 104ms
100ms Image
image/jpeg 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.hancinema.net/images/korean_dvd_vcd_box.5376.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b987213b417d19010682d9adc61a1a86214e283346ecf3e63b2684b62ad07fef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4592
cf-polished: origSize=3305, status=webp_bigger
content-length: 3209
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Mar 2006 10:49:59 GMT
server: cloudflare
etag: "13e0e33-ce9-40decb48683c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FC4vVz7l%2FS6bFq49308l7kdI1igxZ9xW6FpWeBTLamztNvI9spgsbGYpHossA%2Fn19HJ3z0VGhSmYWEpbEaH1iZm9AoTGlVKtkvZ5qNrOwxrTDO0MN7cjcnTs3tVHdyv2Aa%2F59nX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7fded2c02d56897a-SIN

GET
H2 200 code.min.js Show response
media.bidgx.com/js/ 37 KB
15 KB 883ms
109ms Script
application/javascript 104.21.12.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.bidgx.com/js/code.min.js
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fe2f8d2db40cd602e142da42ff4f47621bd905cafbe66ea15b4fbb523e84c4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 149758
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 25 Aug 2023 08:32:22 GMT
server: cloudflare
etag: W/"64e86716-932d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Njm3y1BFVoH254G3TNWGl1W26a803B0T1xYSetPBXqbx%2FwK%2FRCbnX4cpAuY7k7AHZw2Y033z614jr%2F3%2FfYbSM7yrq81DYuCOuhmrYwAtFjz4rStwJEAyT7Ud65D5v2vWRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 7fded2c5a9934709-SIN
expires: Wed, 30 Aug 2023 01:29:03 GMT

GET
H2 200 tag212.js Show response
d1tbj6eaenapdy.cloudfront.net/site102/ 29 KB
10 KB 688ms
98ms Script
application/javascript 13.33.45.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tbj6eaenapdy.cloudfront.net/site102/tag212.js
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.45.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-45-231.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 280503830b0fab5d1a73359cfb1fc40fb8e6cb7cb20e1b6e437711e0ca060661

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hPX_cd6.u1trPeBsLUOFflcyuv0CdBBQ
content-encoding: gzip
via: 1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 18:21:31 GMT
last-modified: Thu, 20 Apr 2023 10:04:34 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 24727
x-amz-server-side-encryption: AES256
etag: W/"cf1aff64f1ece95d9d4f87f35d8b00f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XVXG7jREYn9iU1_VvI_M368b-ca1zy5pcDUkJb1kLLF_GGGwt-C2Ng==

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 698ms
140ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6909691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXUpwwI8zHPyNIs8QA9CmFh01ZG3U3grsw7NBXfZGSenTgxXCjRPHU74iCuvyJly0MhzPd0PslI3qsq%2F8nRwVAQjADz2%2BhGLv3z4lA5Ll%2B0ZM4fWGz8d97qpgJxJWPstko4MV4RQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b64a394012-SIN
expires: Sat, 17 Aug 2024 19:04:58 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 554ms
98ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1130083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6968
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-1b38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqir%2B4BH5GkEkwUvs%2FIivfdvEZ7wKUMwghrW3entzh4qJyHcZu3I0%2BzBGDajGbUtobQN%2FXdVAKWGqR7xppTrNpL0mkVar9Ep9Dw4g9XS%2FIy2tLf4O9ryBgQF4ixewF4yWksY%2FT9K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b64a3d4012-SIN
expires: Sat, 17 Aug 2024 19:04:58 GMT

GET
H2 200 jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 12 KB
3 KB 556ms
101ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1451715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2696
last-modified: Thu, 22 Jun 2023 11:01:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649429f8-a88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTJrOMaOBr62VxD5ANCa2hoyxdugOMYnd2175XYjLdknaO9%2FWPAcGHH6JOHOUi0P89HEZEe7RZ8u7haDVY9gSlNxW2o5tL%2BVAPeSctVg9aGJ%2Fq1%2B14qg9EFNDL%2B205%2BsJDiu1j07"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b64a404012-SIN
expires: Sat, 17 Aug 2024 19:04:58 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 67 KB
19 KB 557ms
102ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1038842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19245
last-modified: Thu, 22 Jun 2023 11:01:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649429f8-4b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMC3vIgRbcRdBWNNbTd4d7mMQbng%2FXCfFTlqAeBJdfpei96fZVcEcrqw2xBM7xj80yavSWKCFnczu8e%2Bm57U5tgxCi%2Fa15rnY32tJ16apbow7AHySgyPHq3N5UiAImd7d9%2FWgPRr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b64a3e4012-SIN
expires: Sat, 17 Aug 2024 19:04:58 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 248 KB
56 KB 94ms
93ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4482605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57137
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3dee5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqw1bwb0QV4wMf27zhrEsnyrKWi6SJsKf%2FZ3xmMVcMJgOXe25c7GeW1elCfs1hmfP5hgXYp25FOt6AT4Jq86whAClTfmvyoo%2BpwfvH3SFfYCqYGSwvSbXpcuHdhZQh%2BGg0Zq%2F1CJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b8ebde4012-SIN
expires: Sat, 17 Aug 2024 19:04:59 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 31 KB
7 KB 93ms
93ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2759858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6732
last-modified: Thu, 22 Jun 2023 11:06:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1f-1a4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxpnTCoD8PqO89IOUgoozlbKJCEiN1ipSdolJZZM0qMGdXFoi1Vi4srbpys1mzDE2zL2%2FB%2BAxDS5lfUW%2BnIFugrUmRTasSc0Xl93SqsgAwaAom4OOrxVy2JG3NRx5OaOH8QUtgTb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2b9ecbe4012-SIN
expires: Sat, 17 Aug 2024 19:04:59 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 717ms
149ms Script
text/javascript 104.16.57.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fded2c5ab4a48e8-SIN

GET
H2 200 aqbuwknn85y7fsfs85fr68jfrd8xfw6fcfc6l8jyj8sd3fafrn3fc8sfwfafcf1fs85fr68jfrdfs1yfsfrdyf8j6fcfc6l8jfw1yfofal38j8snfbfafri858hf8if5ftft84aftfefz84a868x8ofefefe Show response
07c225f3.online/fl1efsl/ 146 KB
54 KB 657ms
100ms Script
text/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://07c225f3.online/fl1efsl/aqbuwknn85y7fsfs85fr68jfrd8xfw6fcfc6l8jyj8sd3fafrn3fc8sfwfafcf1fs85fr68jfrdfs1yfsfrdyf8j6fcfc6l8jfw1yfofal38j8snfbfafri858hf8if5ftft84aftfefz84a868x8ofefefe

Requested by

Host: 07c225f3.online
URL: https://07c225f3.online/loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a924b62a51069fe0f5280301cf9cb4a61e8a6c182d66a3958418b149b99ad4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3tMmjygJdRuuRo7snO0%2FYLwddrLwisBrVuSra8eAPJaFklLvXKIhRqzDh4cIa9hXmsY8mCWnzC5SrljgBRIgoeAsesZM6mfl7zy6Pa6MWt45xQlssLKqtkgJR2ZL8sdhyh0n9ZqbaSH6XmilJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
x-as-version: v5.1.232
timing-allow-origin: *
cf-ray: 7fded2b1afb1896b-SIN

GET
H2 200 anlocvakaka3qal11qsnags9acsna3s9ay3dqara6arda0s9aytsnagta5agparansnak1ak3a614q1a6a3akar4q Show response
07c225f3.online/fl1efsl/ 103 KB
31 KB 101ms
101ms Script
text/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://07c225f3.online/fl1efsl/anlocvakaka3qal11qsnags9acsna3s9ay3dqara6arda0s9aytsnagta5agparansnak1ak3a614q1a6a3akar4q

Requested by

Host: 07c225f3.online
URL: https://07c225f3.online/loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71886a269122b5e7665e7851baca15b83e040963f309433476e62aa04e67b1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 767
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SxxHYQa%2BVu0oX02lORGQRqRnBLNPZADNNvO5jPFUV7qaJPyLYbKonFJ%2FZmwyDYEwQWtASYVbvpf7LtK%2FJWTnftT%2B016PoDfkH6%2FTktPn%2FU%2FN%2Bi1ZCx5%2FrQHoc2AbZNsFVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, stale-while-revalidate=3600
x-as-version: v5.1.232
timing-allow-origin: *
cf-ray: 7fded2ae28de4024-SIN

GET
H2 200 anlocvakaka3qal11qak3aka5agard3aytsnara5a01da5qak1a3ts9a6a5anara4a5anar4q Show response
07c225f3.online/fl1efsl/ 105 KB
36 KB 121ms
121ms Script
application/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/anlocvakaka3qal11qak3aka5agard3aytsnara5a01da5qak1a3ts9a6a5anara4a5anar4q
Requested by: Host: 07c225f3.online
URL: https://07c225f3.online/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9373c497bb49c2d030a37ea23346d2c6d1801b07efd321cf917daf945a566e6f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
x-amz-version-id: _9zvOWQ.KZL86f6hAolqgErzY6vYCUYD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45874
x-amz-request-id: S4R75HS0K5ZA1YKQ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oFIlNu02Bjhha2bxF/lwf2/4gHXttzmCrAwQmE+ExWeivNERJm2I3X5A3ogOzQIwHeuTSGIk2nA=
last-modified: Mon, 28 Aug 2023 00:05:36 GMT
server: cloudflare
etag: W/"64449db772cc71fad074f49d4c0ee90d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nv2vJsUcsj5tN0mvODJoUwLc5o1jhnuQI18guhepttoGUA%2Ffn8TVBXKmOLWP5Lvgupl4WetGhfAK8NnIccEJdTgyRlW4FSFvJ1BOBSKe9DYYDRpo9foLLOuXsoYP%2BaBcS2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=64059
x-as-version: v5.1.232
cf-ray: 7fded2ae28e04024-SIN

GET
H2 200 css.css
www.hancinema.net/ 33 KB
7 KB 93ms
93ms Stylesheet
text/css 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hancinema.net/css.css
Requested by: Host: 07c225f3.online
URL: https://07c225f3.online/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0420a8b60e2665a21a57c5c59f8fd8ac86e659b9785b4ab912dddf509500e03

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/korean_jerome.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 23 Jan 2023 01:40:08 GMT
server: cloudflare
age: 606
cf-polished: status=cannot_optimize
etag: W/"16f93c9-8421-5f2e47aaa4e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC85Ay5UcX%2Fi2RHg4JNoQzOodJZn%2F1efbvhlEE%2FuK3Pm2qIZZ0leSn27F6rGODnBop9xbh6AqSkuRPi8H1Va2v6gVOW3gGsPh8qESAfovwg2GSXL0qEyygWuocsAYR5THFkg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 7fded2ae2f07897a-SIN

GET
H2 200 script.min.js Show response
07c225f3.online/ 1 MB
368 KB 731ms
179ms XHR
application/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://07c225f3.online/script.min.js

Requested by

Host: 07c225f3.online
URL: https://07c225f3.online/loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3830bc6fe41f172ae4f65829d0c9758709e83c11403be620ddc1cbe4d1796c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1360
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"300ae95d11b58918738c0b06b3c70537"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwvwaUJ2eTcQFQ3G40LmOl%2FKy8Cjh1q99uGkuTlYM1CRySiGuKCyLbNzPWxFGdWlrWrp2kVjJbUYg%2FJeLdRWgr0xPgu2sLBMiBaGXkDwqTZil0ORSR2i6RLpW1V2JAqHLgQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400, must-revalidate
access-control-allow-credentials: true
cf-ray: 7fded2b1afb2896b-SIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 98ms
98ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7FMFX3JNYC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-81279-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7be03afa789da1063f30a4239c60a68b93e7dd278163c8f6c8ad5aab2dc4b0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 19:05:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 663ms
105ms Script
text/javascript 74.125.130.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-81279-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 17:33:57 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5464
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 19:33:57 GMT

GET
H2 200 v2mbeU5zJGJjtgNYOJt7DifKywDey9yi_8u6KgwTAa0CFnM79y5dkNgw Show response
thomastorch.com/ 614 KB
105 KB 879ms
157ms Script
text/javascript 34.149.46.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://thomastorch.com/v2mbeU5zJGJjtgNYOJt7DifKywDey9yi_8u6KgwTAa0CFnM79y5dkNgw

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.46.149.34.bc.googleusercontent.com

Software

Resource Hash

f09a2c536aa47c480cd3c0c8dc4c0958401b127864aaac47888c12bb5181c1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Mon, 28 Aug 2023 19:05:01 GMT
x-datacenter: gce-asia-east1
etag: "1060eb76bb6e3527d372dc67a67453af700078713217b249acb40bdfe48ea731"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-asia-east1-spot-0scq
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 975004442
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
43 KB 161ms
161ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L28S2Z

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

95b49487ac1fd02aa24f37fbc041b68f9feb31a1021b29f76e875afc46da9b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43775
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 19:05:00 GMT

GET
H2 200 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kukikbhw9k3kqka9klc33oooo Show response
07c225f3.online/fl1efsl/ 58 B
413 B 94ms
93ms XHR
image/bmp 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kukikbhw9k3kqka9klc33oooo
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa17a30f6ec6d08cd44f4567a44e4b0916ca968a7b2d0a7bb9cdb9a34b461825

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45176
alt-svc: h3=":443"; ma=86400
content-length: 58
last-modified: Mon, 28 Aug 2023 06:32:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/bmp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXYVQFdiDt1Nk%2FeTZIF1eiBkLJ0WDoIHLEotHbMWQ0rB4OtnkpbMHRcBzyYeranxNnSo5RylzGZ1pzuPshce7uDmuf7pJaXiOQQ6Se5bHdS551j2kS3%2BVvPPYSYSH52nBdg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-as-version: v5.1.232
accept-ranges: bytes
cf-ray: 7fded2b45a66896b-SIN

GET
H2 200 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d Show response
07c225f3.online/fl1efsl/ Frame 4867 189 B
509 B 106ms
105ms Document
text/html 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1f1d8c79eb9391003293f7c49eab4fdd4141f3bc48cdeecec7b63db12df3d7e

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 45890
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 7fded2b45f014024-SIN
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 19:04:58 GMT
last-modified: Mon, 28 Aug 2023 06:20:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EW5d3sIR%2FMur9MsBs%2ByPFQXWwyJBc9ZAXvQyDUydfj%2B%2FHOTvVbsXMLyS6L3jUrwtThfVoLBFA4nGHqNfn9yc6q1tXLwVxFgBw%2FdUP7WCicsr3MwYyioE5e%2FP66xjDClvAlg9j%2BOmDX15IIGEHU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-as-version: v5.1.232

GET
H2 200 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kukzkak43kitk3kqbk4kevceeeknbhwh5kwkih5k3kbhwknh5k3v Show response
07c225f3.online/fl1efsl/ 9 KB
2 KB 224ms
224ms XHR
text/plain 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kukzkak43kitk3kqbk4kevceeeknbhwh5kwkih5k3kbhwknh5k3v
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b63357a0b483e9f9e0decd22640811e5468ae55b5cf2573dd0ba77eae78c53

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 14:38:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQgNkBI0cRx0OXW%2F%2BLGDBDgNN5W%2BGVs7fK%2BOkKhSoN4FYEcmrXywfAW0HJ01Dwv%2BSh7htpnJiCFTPqB4cC%2B%2BzqjrUa6UUL44IrZ5qdJS487SITMEskUcjZNR%2FxDylxAjbOE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain;charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
x-as-version: v5.1.232
cf-ray: 7fded2b46a70896b-SIN

GET
H2 200 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kukikbhw9k3kqka9klc33oooo
07c225f3.online/fl1efsl/ 58 B
163 B 94ms
94ms Image
image/bmp 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kukikbhw9k3kqka9klc33oooo
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa17a30f6ec6d08cd44f4567a44e4b0916ca968a7b2d0a7bb9cdb9a34b461825

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45178
alt-svc: h3=":443"; ma=86400
content-length: 58
last-modified: Mon, 28 Aug 2023 06:32:02 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/bmp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXYVQFdiDt1Nk%2FeTZIF1eiBkLJ0WDoIHLEotHbMWQ0rB4OtnkpbMHRcBzyYeranxNnSo5RylzGZ1pzuPshce7uDmuf7pJaXiOQQ6Se5bHdS551j2kS3%2BVvPPYSYSH52nBdg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-as-version: v5.1.232
accept-ranges: bytes
cf-ray: 7fded2c3186a896b-SIN

GET
H2 200 auyykiv8v8s251oov0sq6wwvqvps9sj4s1vnas1qos1q24v8asov8qouvjo56vias2v8vzs2so5564dqspvxsovjqsxqqd Show response
07c225f3.online/fl1efsl/ Frame 4867 510 B
630 B 94ms
94ms Script
text/javascript 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/auyykiv8v8s251oov0sq6wwvqvps9sj4s1vnas1qos1q24v8asov8qouvjo56vias2v8vzs2so5564dqspvxsovjqsxqqd
Requested by: Host: 07c225f3.online
URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a62be19df2cf32def097123d0d9d3a76414de00bcdafd44d339fdc42c075b86

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45890
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 06:20:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BrjEpguBViFUPlSvXYMoC%2Bg9Jy0rI8%2BcY9SP1oRVCMd8%2BTVYm18zpKsJXWpC0uqHKOjflsLLjyDMfWPbAg3pI9lDbawBswluAV1x1yGHsktv2fQhSs1xIzVLhFDXBL1%2BU7obld8WP85voE5kwI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-as-version: v5.1.232
cf-ray: 7fded2b50f9b4024-SIN

GET
H2 200 akynbnbnynyn55ynkkamntyuyuymry5ys3znwyzzyekzyei3nyyzycnyyeky9nok9nbnmyon5yc55nt3dyepjycnoyennyeyed Show response
07c225f3.online/fl1efsl/ Frame 4867 8 B
515 B 93ms
93ms XHR
text/plain 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/akynbnbnynyn55ynkkamntyuyuymry5ys3znwyzzyekzyei3nyyzycnyyeky9nok9nbnmyon5yc55nt3dyepjycnoyennyeyed
Requested by: Host: 07c225f3.online
URL: https://07c225f3.online/fl1efsl/auyykiv8v8s251oov0sq6wwvqvps9sj4s1vnas1qos1q24v8asov8qouvjo56vias2v8vzs2so5564dqspvxsovjqsxqqd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1898891380de5ef04eec7dc1ae250634b713b563611359ba581dca74601148dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45889
alt-svc: h3=":443"; ma=86400
content-length: 8
last-modified: Mon, 28 Aug 2023 06:20:09 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61sa5rPL86W9pmaInQ8O6P49v0g8gq1pN9uKQujTmECxGT%2FNiRtU2VAh%2FJQwHkZ9nCdZjWwQQlYMrfuMdTNybCGCzNVO6os9ZxF04GZr5hIfa9Q7cCMu5UBDoqi2uB7ry0DdVrmj5RjIXFU9e9Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
access-control-allow-credentials: true
x-as-version: v5.1.232
accept-ranges: bytes
cf-ray: 7fded2b5b83f4024-SIN

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 686ms
119ms XHR
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

34df8fd6fcabd7c7b45dd71a2a4cb5c9d9710a3c45845082e671899fac4beca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51249
x-xss-protection: 0
server: cafe
etag: 3252280238692208446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:04:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 764ms
199ms XHR
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

a8a35aa3bfde75686fa6a8faa8306e304adcff94378bb1694183dc643696ade6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51253
x-xss-protection: 0
server: cafe
etag: 6521162980189620410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:04:59 GMT

GET
H2 200 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d Show response
07c225f3.online/fl1efsl/ Frame AD25 96 B
367 B 102ms
102ms Document
text/html 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Requested by: Host: 07c225f3.online
URL: https://07c225f3.online/fl1efsl/auyykiv8v8s251oov0sq6wwvqvps9sj4s1vnas1qos1q24v8asov8qouvjo56vias2v8vzs2so5564dqspvxsovjqsxqqd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db5edcee3ffe9b8f2e7794abb193d95e7c3d23d81e0cb254d4a4df2f5d7577d

Request headers

Referer: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuh5k39k4vkihwvk3kuk9hkkuki3kahwkbk3kqkzhwkekekwk4dk3ck7hwhkk3ik3k3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
age: 45889
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 7fded2b658af4024-SIN
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 19:04:58 GMT
last-modified: Mon, 28 Aug 2023 06:20:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOOHlBRE0IV9KluOLMRU4BORYOC8M54HQRmM%2FP4pkRlo3tgi4oxyqplxvrXh147Di8tfuZEHH57jKxz1oVnrXOJs33lvP9VYEHsiF1EAA76Q%2FZ7oIaknOnN2Rl3wYxjvkWmwSOoPN75oLb8SAxo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-as-version: v5.1.232

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/hancinema/atf/ Frame CC6F 60 KB
14 KB 838ms
276ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21168621f9feb8aa0183452abecfe5a3ea534fd97c6a1a2e2e769fd3950c7012

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14351
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:53 GMT
server: cloudflare
x-reuse-index: 181
etag: 7521474443974983852
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7fded2bc7a548988-SIN
expires: Mon, 28 Aug 2023 20:04:59 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/hancinema/us/ Frame F129 60 KB
14 KB 845ms
316ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c75c9372eaa898e55e87e6aa7f1ea3dee8b4511c9091525cd0a7c01ba86683a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400
content-length: 14348
x-function: 151
last-modified: Wed, 26 Jul 2023 06:51:53 GMT
server: cloudflare
x-reuse-index: 1010
etag: 4846876572915642527
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7fded2bc7a598988-SIN
expires: Mon, 28 Aug 2023 20:04:59 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 691ms
128ms XHR
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:04:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-17ba9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 29 Aug 2023 19:04:59 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame CC6F 678 B
766 B 271ms
269ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9469385ba7159e16172cccfb120c734437539a90af09895d8ca9df51ceb5dd1d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 783
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7fded2be7c248988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 333
expires: Sun, 26 Nov 2023 19:05:00 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame F129 677 B
683 B 276ms
276ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.9&th=6095664336
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 589f552ac7e9bf941f8bccd42ce8414593d4e4ea760a0f89cef604b7c9279b37

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Wed, 26 Jul 2023 06:51:38 GMT
server: cloudflare
x-reuse-index: 580
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7fded2be7c2b8988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 328
expires: Sun, 26 Nov 2023 19:05:00 GMT

POST
H2 204 aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuhwh5hwthjvkikwkekqk1k1kidchfk3hw3iaok72k3hfhzk52i3k7i2hfa3hk2dhbmk7klk7aihkdk7k7pbk4kevceeeknbhwh5kwkih5k3kbhwknh5k3v Show response
07c225f3.online/fl1efsl/ 0
385 B 138ms
138ms XHR
text/plain 172.67.69.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://07c225f3.online/fl1efsl/aehorbvvkzkehakukuohbkwhzhzm3aknk4h5tkih5k3kuhwh5hwthjvkikwkekqk1k1kidchfk3hw3iaok72k3hfhzk52i3k7i2hfa3hk2dhbmk7klk7aihkdk7k7pbk4kevceeeknbhwh5kwkih5k3kbhwknh5k3v
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9vcsfVG3tfB6sAMrJ8IEwKzSzZ9mFOLrqXkiR1QB%2B%2FErt8kSIsCYppqNduWm0BkqATTbQ%2BUkfzyxD%2BUN4PUCPdiQCjTh7NGyil%2Fj4h7kSFI7V1CzM%2BbjObpntgbDml56E8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-as-version: v5.1.232
cf-ray: 7fded2beed45896b-SIN
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame CC6F 4 KB
3 KB 309ms
309ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=3442312882&loaderVer=0.1&site=hancinema&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250&busted=1&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&f=0&p=9417464&tKey=agmneMmEZbQ2bQ4WrjHW6302tvgSIf6P1&a=1&adContainerId=richmedia_2&rnd=9423377
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2aa515f0a1503a8717a4c606d235ba23d076933a640afedfa0dd1cc866546fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 343
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7fded2c02d728988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 2242
expires: 0

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame F129 10 KB
5 KB 282ms
282ms Script
application/x-javascript 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=6095664336&tagKey=3442312882&loaderVer=0.1&site=hancinema&adSpace=us&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250,300x600,160x600&busted=1&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&f=0&p=9417464&tKey=aDmneMVPU1QqnSPVQqQWfxWEbDSIffpW&a=3&adContainerId=richmedia_4&rnd=9419814
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8522a35c012ac1a2ea61c8daaeca62e7a74fe3dafc5579a3f9f9e11c6d602e6f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 101
server: cloudflare
x-reuse-index: 1940
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 7fded2c03d958988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 4949
expires: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F129 146 KB
50 KB 104ms
103ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1612871806153672

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

76c41bd89e80dfb6b96f94e85f2446bc8695df6ee4f362f3381deaedc5891c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50902
x-xss-protection: 0
server: cafe
etag: 18212042228699794087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:00 GMT

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 7C87 307 B
342 B 285ms
285ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=alm1h3WrbX5bEnUaMrVEMcSTZbZdRsjIQFAvStMdWGv54beunW6r0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYg0q6qRrYATb3STdrWnFQsQFrq1Evq5afh4E3RmaMD1rF8TtbXnPvZapsrwotfA2qrl2Win3AnZcmFUKYVvQYsF2XG7nnEvU5Un2TrjGUPYYQab1QVZbnPW3MYH7mWPQM2sZbYXbMZcUPqs2PrbQPBD4Hnq0tUZdmt2o36BY3snZdTVJjmDEjpUaxpdE8n6qtOmr2sBa3npidtBmcodZawtmYYqRYHORiwwGyAD0dKrJ&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b705d08242a724ecba6d3872b0779768210efc9c3ec4eabd003cbc317b54f381

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c20f078988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 352

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame E78B 273 B
376 B 285ms
285ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aBm0xQTtQ5orJmRFjtYEUr3T7f5aUXnTFIXFJ8UW7Xm67CmsrmmHYG2Tvg3t6N56nEnbMZa0GMX1s320GvunEjW3FUQWrfZcUP3TQqb2PsZbtStfN1djtW6Yp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2FamWEbnWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUA7nRqvREZaDtPT4OQMWtP2BwdMfpYsV6n&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1eefe36d53421b72b697e65f0d8325fb8575d97a2a82f6d8219550005a4a85

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c20f0e8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 1062

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 5AB1 277 B
342 B 282ms
282ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aDm1xYUAv2REMYPGUoSdByYtnnWPUx3svUYbQIT6mw4mFhQPfA4WMm1HrLndIo5AJ15cr8Vc3lUsbeRPFxUtQTUbj32UIuUaQvWaJ8PEBZdQVjZbRFimPt3iWcbT2FmmnWiOYauN4WnZdQsrF5AnJpHEpVWY9YUY6XFJe0qqtPbQZbUFBXTtMWobJqRbvtXaFs5aUe5Ef0oabAXF7dUHnTmmYZamcvsmHQE2qne5dZar56jJmbbE0Gf01cYp0svnVnAQyPaUmFmVtrA1Tp2Rr9AWsRa15Ae2nbaQvd2ZbwAehXDmBPUOgcB&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483ff5b258b3fe931aa2259f6dec60fde27ff50f3c64eaf2044078baf2fd393b

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c20f0f8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 1423

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 7FEB 257 B
306 B 284ms
284ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aFmXLtUqrnTTQbQqrHRsYLRreoStU6Uc355rymmteOXT6m3WnFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY0nFjxRFJNXqFn4EUk2ar0mqfCYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTPaU1QcMrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3BmATWuQPZb3d3NvlU0PZc&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33da58720b15c6c4a39434c3ff98963ba13012e754388d6dab79371f069a70f5

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c20f108988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 895

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 0D95 379 B
376 B 281ms
281ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aHm0xQRUjs1E3t3EBe2qj1oTJF1bZbaTHFXnmrKnVMwod7K2qYh5tAn4PZbZbnrrEXc7XYs34XGjppE7T3UFUVUbHWPnYQq3QSsnMPHUu0dvoT6Yu2cvX0FnDTAin2P39QPbK3H3oXdUAnW2x4PvW4VnbVcBbVVZbiSAUvUtFWWrbP3r2pUqYvWqn6PqvHRsQIPFurSdfaUcMW5rTrmdupXEXN3HMDSGZbB5ArZcmtatTtFaYrfk1UY9XaeXRUJZbomu2toe4VrPZdm6Za1prXEuQqEunYvXPqjMsJRuXGDIO&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec3a8bc4f4faa7a812e228036a700fbd11e86ee010b138d094626f7b6a3b103

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c21f158988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 610

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 2D3A 300 B
350 B 278ms
278ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aJmX9qScUrStZbO1WZbpW63w4srWYbFIT6Tw56Q9Pm7K2tFy1dUKpdiM4mrR5svgTGBlWsbgPPQmWt3WUrMY3rInWaMqWaMlSEMFRcQZdQbupPH3dVVrR5r2xmWqq0quu3WMZdPVbB2A3HoWXrUdfbYFr71UQh1TEpSrYGUFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMEXU37WtbPnm3ZdnGjsotYE2aUj5tIp4mFZdpbYZdXcMUXsFVXGvnpTbx3bF2n6IBsFA3sEa7nCqN3EJZcWgJXTr&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be944362de3e9a05e94be75bf426e2ec426bc84871f17c1bdac19bc429c030b5

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c21f168988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 1609

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 48B8 262 B
301 B 282ms
282ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aLm0pPSTYZbQVJZbPFqoSWQbUV3S5rimntZaOYEqu2tvZdQcMZd5A3ZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ4mbFoPFbpXqry3Efa5T75nEMC1rFbTHBQmAUBncjsmtYL5qZbj3t6m4AJGnrvLXVfTYcnU0cvwpTjQ2FMQVrZbZcUPn1QE35QcQtStZbr1dvoT6vp3VB1YFMATmPt2PU9R6ZbH4H3y0HQZdmHaw3PnR4sYdTsvjVsJjS6QmTWYTUUB45b2uUqjvVbjaSTA6sCiZctnjYPAuDmSmnRsyA4vmWj7&mediaDataID=5578346&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ace7d57101d2e69415d07b539322b7484ab5aad04d17f348cf4290205af414

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c21f178988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 2973

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 2C75 240 B
297 B 280ms
280ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=anmYSwRr6nPHvdWVM22rToodItXTXn3d3ZdPsfH46UHoHPOUdF70bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrtYTQr5EFf5TjRoEBIXFUaTWMRoAvImVfmpdUJ3qZbg5t6r4m7GmbrJ0sM0YVF51sBOmqbQ5UZbTWrBAVPn5PTb1ScUMQdUNYtZbuWPvM3VQWYrZbJTAis5mF6RPbC3dvn0WZbZanWiO4AYU3sUdUVraUsBfRmQMTtF3WrMP5bA3WEjvnnm6mQ6ZarVPNtmYUroYHxDXZaRsyAO9MDho&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8961bb89d0e46e6b321d5f0ee959d7fb73077377c050602d5289378f2eca4128

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c21f188988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 115

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame D9C4 445 B
404 B 281ms
280ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=apm09ToTbA1rZb9UWJQn6UIpGUvpdMG2qr72Hir5PbGnUjHYsMP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbqQdBy1dfrWPjp4cMUYbZbZcU6im2Pn9QmFE2tnO0dBLpdZav4PYY4cMdVV3jWVMhS6MyTHYRWrrX2UisVaMoVEJbSTYFSGQJRrZavSdQcUGUP5b6nmWqpYT6x4WMHPsBC4mFLoWenUtJd0bQ9XbbgXqIsRF3CTFBSTtJWorZb4PbrNN7ypNQqjua6JQBekM7eLnG66WFI7WSYQ0D6ivHQ0WSwARX&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/us/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2915fc3f640cf6b52323f2b2cadb3e6eca1e898e0b39cac3b1b85794290b497

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c21f1c8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 184

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CC6F 146 KB
50 KB 126ms
125ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1612871806153672

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

db3334123804e21acaa74f2e62a0578a77a738efc967bb430be41e1b0b9b35f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50926
x-xss-protection: 0
server: cafe
etag: 10193584073619920030
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:00 GMT

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 933D 322 B
339 B 304ms
302ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aBm01STtQ5orJpPUZbpXTJr3Tjf4qn1nEFIXFJ8UW7XmAYZbncQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvunEjW3FUPVrjZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2r6mVTQmWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUAKt82rTmm4T8a0NBE4wFIyynEwyd7p5iw14W&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf65b7ff4571bdc31f13c635efd9b7a2d5ad7e7af7de848927a82e32e1e3ef3

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c24f3a8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 76

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame A51A 199 B
260 B 308ms
306ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aDm01SUAv2REMXSs3mSdYyYtJqTmQM2cvUYbQIT6mw4PMaPAZbA4WMm1HrLndIo5AJ15cr8Vc3lUsbeRPFxUtQTUbj23UEuUaQvWaJ8PEBZdQVjLPrqrSH3iWcbT2FmmnWiOYauN4WnZdQsrF5AnJpHEpVWY9YUY6XFJe0qqtPbQZbUFBXTtMWnrbsQFJyXaFs5aUe5Ef0oabAXF7dUHnTmmYZamcvsmHQE2qne5dZar56jJmbbE0Gf01cYp0svnVnAQyPaUmFmxoTX2nnyXUQ2YsoTWNca6qrA1PF3kMgeUY2&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0046bd3ba12f2dec4b7ebac487eb57c8341c169dfe7fe110c37669d5450b7c

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c24f3c8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 923

GET
H2 200 p.media Show response
s.tribalfusion.com/ Frame 3CE3 211 B
267 B 308ms
307ms Document
text/html 104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aFm0SRUqrnTTQaPqJZcSVFLRrZasPWYaVc355rymmteOXqXO2HUFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY1mFFxRFJNXqFn4EUk2anPnTfGYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTQar4PcUrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3CoBqoO8MEMQ67rSXiTDfxr8nW0JSZbdE&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/hancinema/atf/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b01af2d4531c8b2eb7892f4b967938f53ff091303ea12dc1ea616cf8ac631df

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fded2c24f3e8988-SIN
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 19:05:00 GMT
expires: 0
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-function: 102
x-reuse-index: 760

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 92ms
91ms Ping
text/plain 74.125.130.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7FMFX3JNYC&gtm=45je38n0&_p=784031315&cid=710989253.1693249501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1693249500&sct=1&seg=0&dl=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&dt=Jerome%20(%EC%A0%9C%EB%A1%AC)%20%40%20HanCinema&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FMFX3JNYC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 92ms
90ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D18Y2PQ82H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L28S2Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

bb096fbaf493383bc342fc4e0956c2f91eb92673f8a5424efe62340fe16e1adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88986
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 19:05:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 2D3A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b22&u=18072662105505648232&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105505648232

0
338 B

1224ms
300ms

Image
text/plain

35.164.29.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105505648232
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aJmX9qScUrStZbO1WZbpW63w4srWYbFIT6Tw56Q9Pm7K2tFy1dUKpdiM4mrR5svgTGBlWsbgPPQmWt3WUrMY3rInWaMqWaMlSEMFRcQZdQbupPH3dVVrR5r2xmWqq0quu3WMZdPVbB2A3HoWXrUdfbYFr71UQh1TEpSrYGUFBYTtQWmbQmRUBNXaJt4Tff5E7XmaMEXU37WtbPnm3ZdnGjsotYE2aUj5tIp4mFZdpbYZdXcMUXsFVXGvnpTbx3bF2n6IBsFA3sEa7nCqN3EJZcWgJXTr&mediaDataID=6807466&mediaName=frame.html
Protocol: H2
Server: 35.164.29.234 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-29-234.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n003-pdx-prod.krxd.net
date: Mon, 28 Aug 2023 19:05:02 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1693249502
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:00 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 378
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662105505648232
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c3e8e98988-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET partner
sync.search.spotxchange.com/ Frame 5AB1 0
0

GET
H2

200

dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 7C87
Redirect Chain

https://a.tribalfusion.com/i.match?p=b24&u=18072662105505648232&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105505648232

0
122 B

585ms
183ms

Image
text/plain

103.195.32.131
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105505648232

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=alm1h3WrbX5bEnUaMrVEMcSTZbZdRsjIQFAvStMdWGv54beunW6r0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYg0q6qRrYATb3STdrWnFQsQFrq1Evq5afh4E3RmaMD1rF8TtbXnPvZapsrwotfA2qrl2Win3AnZcmFUKYVvQYsF2XG7nnEvU5Un2TrjGUPYYQab1QVZbnPW3MYH7mWPQM2sZbYXbMZcUPqs2PrbQPBD4Hnq0tUZdmt2o36BY3snZdTVJjmDEjpUaxpdE8n6qtOmr2sBa3npidtBmcodZawtmYYqRYHORiwwGyAD0dKrJ&mediaDataID=8039566&mediaName=frame.html

Protocol

Server

103.195.32.131 , Singapore, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-01-pub-prod-sg1.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-h876q
date: Mon, 28 Aug 2023 19:05:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 3415
content-type: text/html
location: https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662105505648232
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c4091f8988-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0D95
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252...
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=7f30aed9-2deb-407e-96b2-c306f66b06cb
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662105505648232

43 B
163 B

137ms
137ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662105505648232
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aHm0xQRUjs1E3t3EBe2qj1oTJF1bZbaTHFXnmrKnVMwod7K2qYh5tAn4PZbZbnrrEXc7XYs34XGjppE7T3UFUVUbHWPnYQq3QSsnMPHUu0dvoT6Yu2cvX0FnDTAin2P39QPbK3H3oXdUAnW2x4PvW4VnbVcBbVVZbiSAUvUtFWWrbP3r2pUqYvWqn6PqvHRsQIPFurSdfaUcMW5rTrmdupXEXN3HMDSGZbB5ArZcmtatTtFaYrfk1UY9XaeXRUJZbomu2toe4VrPZdm6Za1prXEuQqEunYvXPqjMsJRuXGDIO&mediaDataID=6546596&mediaName=frame.html
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 380
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662105505648232
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c6ebbf8988-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame E78B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662105505648232&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662105505648232&C=1
https://a.tribalfusion.com/i.match?p=b20&u=ZOzv3ZySjNqoNMARhv4k2AAA

43 B
521 B

300ms
300ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b20&u=ZOzv3ZySjNqoNMARhv4k2AAA
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aBm0xQTtQ5orJmRFjtYEUr3T7f5aUXnTFIXFJ8UW7Xm67CmsrmmHYG2Tvg3t6N56nEnbMZa0GMX1s320GvunEjW3FUQWrfZcUP3TQqb2PsZbtStfN1djtW6Yp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2FamWEbnWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUA7nRqvREZaDtPT4OQMWtP2BwdMfpYsV6n&mediaDataID=6530936&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c74bf98988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtopKnIg92yhoYJQ5RB6oHhpx6DbB0QLu38Z%2BE7bSzTUwwcePlJOzgIdOykMBbi31A4ED2NC6b%2B8bBiGT3c2DYy1uOmhVyUI%2B0Vk9nGpZbabZADM5XFr%2Fxl0nJiZ7Oa6Dnl1BJG86C0X2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://a.tribalfusion.com/i.match?p=b20&u=ZOzv3ZySjNqoNMARhv4k2AAA
cache-control: no-cache
cf-ray: 7fded2c699924937-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

i.match
a.tribalfusion.com/ Frame 7FEB
Redirect Chain

https://tags.bluekai.com/site/4229?id=18072662105505648232&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

43 B
572 B

284ms
284ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aFmXLtUqrnTTQbQqrHRsYLRreoStU6Uc355rymmteOXT6m3WnFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY0nFjxRFJNXqFn4EUk2ar0mqfCYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTPaU1QcMrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3BmATWuQPZb3d3NvlU0PZc&mediaDataID=2713736&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2cc68728988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date: Mon, 28 Aug 2023 19:05:02 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

i.match
a.tribalfusion.com/ Frame 2C75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662105505648232
https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm=&google_sc=&google_ula=2786954&google_hm=18072662105505648232&google_tc=
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENi2RfZgAJM6spdMfneiVOg&google_cver=1&google_ula=2786954,0

43 B
512 B

332ms
332ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENi2RfZgAJM6spdMfneiVOg&google_cver=1&google_ula=2786954,0
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=anmYSwRr6nPHvdWVM22rToodItXTXn3d3ZdPsfH46UHoHPOUdF70bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrtYTQr5EFf5TjRoEBIXFUaTWMRoAvImVfmpdUJ3qZbg5t6r4m7GmbrJ0sM0YVF51sBOmqbQ5UZbTWrBAVPn5PTb1ScUMQdUNYtZbuWPvM3VQWYrZbJTAis5mF6RPbC3dvn0WZbZanWiO4AYU3sUdUVraUsBfRmQMTtF3WrMP5bA3WEjvnnm6mQ6ZarVPNtmYUroYHxDXZaRsyAO9MDho&mediaDataID=4056396&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c71bda8988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESENi2RfZgAJM6spdMfneiVOg&google_cver=1&google_ula=2786954,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame 48B8
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
https://a.tribalfusion.com/i.match?p=b13&u=39129202267706666332832405549621127348

43 B
497 B

332ms
332ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b13&u=39129202267706666332832405549621127348
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aLm0pPSTYZbQVJZbPFqoSWQbUV3S5rimntZaOYEqu2tvZdQcMZd5A3ZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ4mbFoPFbpXqry3Efa5T75nEMC1rFbTHBQmAUBncjsmtYL5qZbj3t6m4AJGnrvLXVfTYcnU0cvwpTjQ2FMQVrZbZcUPn1QE35QcQtStZbr1dvoT6vp3VB1YFMATmPt2PU9R6ZbH4H3y0HQZdmHaw3PnR4sYdTsvjVsJjS6QmTWYTUUB45b2uUqjvVbjaSTA6sCiZctnjYPAuDmSmnRsyA4vmWj7&mediaDataID=5578346&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c97d898988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-apse-2-v047-083336519.edge-apse.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: D7Z0hsA4RtQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://a.tribalfusion.com/i.match?p=b13&u=39129202267706666332832405549621127348
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

i.match
a.tribalfusion.com/ Frame D9C4
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621055...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621055...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662105505648232&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
https://a.tribalfusion.com/i.match?p=b11&u=BDBDAC35-3AE9-4A14-AC7C-7E83BCEAD555

43 B
578 B

296ms
296ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b11&u=BDBDAC35-3AE9-4A14-AC7C-7E83BCEAD555
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=apm09ToTbA1rZb9UWJQn6UIpGUvpdMG2qr72Hir5PbGnUjHYsMP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbqQdBy1dfrWPjp4cMUYbZbZcU6im2Pn9QmFE2tnO0dBLpdZav4PYY4cMdVV3jWVMhS6MyTHYRWrrX2UisVaMoVEJbSTYFSGQJRrZavSdQcUGUP5b6nmWqpYT6x4WMHPsBC4mFLoWenUtJd0bQ9XbbgXqIsRF3CTFBSTtJWorZb4PbrNN7ypNQqjua6JQBekM7eLnG66WFI7WSYQ0D6ivHQ0WSwARX&mediaDataID=6719746&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2cbaf818988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b11&u=BDBDAC35-3AE9-4A14-AC7C-7E83BCEAD555
date: Mon, 28 Aug 2023 19:05:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 933D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b10&u=18072662105505648232&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105505648232&expires=180

42 B
767 B

775ms
125ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105505648232&expires=180
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aBm01STtQ5orJpPUZbpXTJr3Tjf4qn1nEFIXFJ8UW7XmAYZbncQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvunEjW3FUPVrjZcUP3TQqb2PsZbtStFv1WZboVmYp2GB40U3IUAqw5A3bRPfK2dZbs1dvZcmHAM36JQ4G3aUsYcWsMePP3oUtFVWrJP2r6mVTQmWqJbQaBJRsYKRF6nStU8WVfS4rPsnHip0qPN3WYGSVJH4P3IptXyVWQh0brLYbY9MBZbop6eEpUAKt82rTmm4T8a0NBE4wFIyynEwyd7p5iw14W&mediaDataID=5436426&mediaName=frame.html
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 379
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662105505648232&expires=180
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c4496a8988-SIN
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

i.match
a.tribalfusion.com/ Frame A51A
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662105505648232
https://a.tribalfusion.com/i.match?p=b23&u=231843304622010685521

43 B
522 B

274ms
274ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b23&u=231843304622010685521
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aDm01SUAv2REMXSs3mSdYyYtJqTmQM2cvUYbQIT6mw4PMaPAZbA4WMm1HrLndIo5AJ15cr8Vc3lUsbeRPFxUtQTUbj23UEuUaQvWaJ8PEBZdQVjLPrqrSH3iWcbT2FmmnWiOYauN4WnZdQsrF5AnJpHEpVWY9YUY6XFJe0qqtPbQZbUFBXTtMWnrbsQFJyXaFs5aUe5Ef0oabAXF7dUHnTmmYZamcvsmHQE2qne5dZar56jJmbbE0Gf01cYp0svnVnAQyPaUmFmxoTX2nnyXUQ2YsoTWNca6qrA1PF3kMgeUY2&mediaDataID=7665496&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2cabe968988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://a.tribalfusion.com/i.match?p=b23&u=231843304622010685521
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

i.match
a.tribalfusion.com/ Frame 3CE3
Redirect Chain

https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662105505648232&_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662105505648232&_origin=1&redir=true&verify=true
https://a.tribalfusion.com/i.match?p=b17&u=y-V6wlQidE2uifulYw227U47V9l1lDslA-~A

43 B
510 B

290ms
290ms

Image
image/gif

104.18.25.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b17&u=y-V6wlQidE2uifulYw227U47V9l1lDslA-~A
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aFm0SRUqrnTTQaPqJZcSVFLRrZasPWYaVc355rymmteOXqXO2HUFSGFD56MZaodZayTtYfXrnc1UZb7XqitRbJEUFU0VdY1mFFxRFJNXqFn4EUk2anPnTfGYUffUtMSoAvKmsvwpWvE5qY73Hmt4mBImUvL0G7RXVrX1VfwnEvT5U32VUnFUAUTQar4PcUrPWUO1HvqWAjx4GY3YbvZbTm6s46MbQAbG4Wro1dMJpt6v5AUV4cjgVcJjUc7HR6FooCyRqm2Yxb3CoBqoO8MEMQ67rSXiTDfxr8nW0JSZbdE&mediaDataID=6347136&mediaName=frame.html
Protocol: H2
Server: 104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s.tribalfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fded2c9fdff8988-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://a.tribalfusion.com/i.match?p=b17&u=y-V6wlQidE2uifulYw227U47V9l1lDslA-~A
date: Mon, 28 Aug 2023 19:05:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/ Frame F129 391 KB
131 KB 891ms
311ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1612871806153672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ba621dde6a67a133777c61faf26817eda04dcaa0df941c65a4934f173408a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134441
x-xss-protection: 0
server: cafe
etag: 3818387634982141560
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 8C46 10 KB
5 KB 810ms
194ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1612871806153672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 6485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 17:16:56 GMT
etag: 9878862242593084568
expires: Mon, 11 Sep 2023 17:16:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/ Frame CC6F 391 KB
132 KB 678ms
194ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1612871806153672

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

d542b5141355b413486546677dda2a8f316910635c396273dbb04320d9919b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134466
x-xss-protection: 0
server: cafe
etag: 14133340127254598089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:01 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
246 B 669ms
100ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-D18Y2PQ82H&gtm=45je38n0&_p=784031315&_gaz=1&cid=710989253.1693249501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693249500&sct=1&seg=0&dl=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&dt=Jerome%20(%EC%A0%9C%EB%A1%AC)%20%40%20HanCinema&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D18Y2PQ82H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 670ms
96ms Ping
text/plain 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D18Y2PQ82H&cid=710989253.1693249501&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D18Y2PQ82H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 782ms
101ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D18Y2PQ82H&cid=710989253.1693249501&gtm=45je38n0&aip=1&z=893109015

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4E28 103 KB
29 KB 859ms
177ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d1tbj6eaenapdy.cloudfront.net
URL: https://d1tbj6eaenapdy.cloudfront.net/site102/tag212.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

2e54723c30900bfaf3f9c50b2e7f8da379727eb432b1c49267da5f452d4518b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29655
x-xss-protection: 0
server: cafe
etag: 685 / 19597 / m202308230101 / config-hash: 14738816488110199320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C546 103 KB
29 KB 780ms
101ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d1tbj6eaenapdy.cloudfront.net
URL: https://d1tbj6eaenapdy.cloudfront.net/site102/tag212.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

582c6653f5263143eab94a12364b7aad99387190137c5c9a358e14b8693093b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29659
x-xss-protection: 0
server: cafe
etag: 853 / 19597 / m202308230101 / config-hash: 14738816488110199320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C714 103 KB
29 KB 709ms
140ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d1tbj6eaenapdy.cloudfront.net
URL: https://d1tbj6eaenapdy.cloudfront.net/site102/tag212.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

60d0bc8578fcce8cb083b395e5c04cabac4a23a065c0c676c941b1804b420bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29659
x-xss-protection: 0
server: cafe
etag: 379 / 19597 / m202308230101 / config-hash: 14738816488110199320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 103ms
102ms XHR
text/plain 74.125.130.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=784031315&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ul=en-us&de=windows-1252&dt=Jerome%20(%EC%A0%9C%EB%A1%AC)%20%40%20HanCinema&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=651248647&gjid=111544573&cid=710989253.1693249501&tid=UA-81279-1&_gid=1582855792.1693249501&_r=1&gtm=457e38n0&jsscut=1&z=1775448227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 4BFB 268 B
275 B 95ms
94ms Document
text/html 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-5L28S2Z

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2

200

invisible.js Show response
www.hancinema.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame E204
Redirect Chain

https://www.hancinema.net/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.hancinema.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

7 KB
4 KB

189ms
189ms

Script
application/javascript

104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hancinema.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Server

104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aba31060c8f08b631177211a991057542945d5c5ea9fcdafbd6db93ecb7a4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fyzx2JyRzyQYDxzwCiw2HwrqQE%2BbM16agNZD7Bk8LiJcO2ABjlpqz1Qt4j986AqAzZXRXk6FAZUPEedZdsIBDvGCP0OcfmSjCzH3OFKwpNu9ejXg%2BY4griuenNgRrZhy%2Fp5x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fded2c82b27897a-SIN

Redirect headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtmnH5UhKAah866IzyxbRgjKB6njGO50QUCXNp3r8WTeiThVDfwT2vtYM3q4vzaF2k6GeBKt%2BKvA8iS0rB5zFIV%2BX%2B%2FNEvajrFPGt%2FsxsL2CjGDcBvWyWKQuIOYfFCJ75J2n"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=hgW0lg.fjv2lwYHUKP1P0iP2aWEojFN.QoaWwOqLqek-1693249501-0-AbDi6HVKMlJr1gSQUC-Hke0QlX4wHbbYiYgG0MfjGAe6JV9FpmA6UPzDZVNiHjCwoiZ7WLBe4ebaypexTotk2gfxFBC10RFi6PljlnOAtyutpKozXR5A8HeXu4ZYuyeFBizC76m8X1FQeWLQuQ_rmxvsYAIGm-lOXl4mslYC9JBy3s5EPonMJcXR8mSw_Z-7DA"}],"group":"cf-csp-endpoint","max_age":86400}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=hgW0lg.fjv2lwYHUKP1P0iP2aWEojFN.QoaWwOqLqek-1693249501-0-AbDi6HVKMlJr1gSQUC-Hke0QlX4wHbbYiYgG0MfjGAe6JV9FpmA6UPzDZVNiHjCwoiZ7WLBe4ebaypexTotk2gfxFBC10RFi6PljlnOAtyutpKozXR5A8HeXu4ZYuyeFBizC76m8X1FQeWLQuQ_rmxvsYAIGm-lOXl4mslYC9JBy3s5EPonMJcXR8mSw_Z-7DA; report-to cf-csp-endpoint
cf-ray: 7fded2c77a72897a-SIN

GET
H2 200 rotor Show response
srv.bidgx.com/ 3 KB
2 KB 613ms
426ms Script
application/javascript 104.21.12.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.bidgx.com/rotor?data=JG1zbwUHFilyc3h6fGE%2FaWw3aVkiJjc2F2p1aHd%2FYwYVJzUuG19RLywrJC8hJmM6LzZxAxA5KDdXOFoSL1w0Wz41bCldRxYocnJsPCF6fHImfzFfewcUY0ZkBXt8CnQAamVyaBNRQHxpNjgrLyxwBxoADQRhYgYKcBN%2BAQJ0En4RBHMPZ3B1cxZ2Bw91AXk%3D_SPBY570AOBJJLGMTJBT1VRGE2Y4ME9F4&ver=4.5.3&zones=%5B%7B%22id%22%3A%22101585%22%2C%22el%22%3A%22_h61m0%22%7D%5D&__cb=0.4290310115581757
Requested by: Host: media.bidgx.com
URL: https://media.bidgx.com/js/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6eea5eaa2225cf5ad055b0cd5c926f9a854658c6cc599b0ad94e994d32cfec

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3IqF0i2NpuV4qQVeYjQYNDoM9N0UBZlnchxgjk1PkDhGtyvwu8JQrlAZ8pvTy5D0TdlwY%2Ft8KvHigtrCFQIsrtBYdr7aOJ%2BbXl64MhgnB7Nk0TC6gmA4GIlzz5uS6PZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, max-age=0
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 7fded2cc0dbe4709-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 27 May 1979 00:00:00 GMT

GET
H2 200 64e5aec07d0d0b5eba08f643 Show response
feed.avplayer.com/backend/api/video/ 1 KB
721 B 1039ms
273ms XHR
application/json 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/api/video/64e5aec07d0d0b5eba08f643?AV_TAGID=64c0f4b686f27acac302e485&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&AV_TEMPID=64c0f366de8084e234054bc8&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7
Requested by: Host: tg1.ergadx.com
URL: https://tg1.ergadx.com/api/adserver/spt?AV_TAGID=64c0f4b686f27acac302e485&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 765ac42ed26a548fbdd88bb79e41d99e80d172868e8c38298da51a385ad5ed5d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
vary: origin
x-hw: 1693249502.dop224.la3.t,1693249502.cds233.la3.hn,1693249502.cds214.la3.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hancinema.net
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 508

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/8.3/v/ 808 KB
209 KB 954ms
320ms Script
text/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by: Host: tg1.ergadx.com
URL: https://tg1.ergadx.com/api/adserver/spt?AV_TAGID=64c0f4b686f27acac302e485&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 24095533dbae557b1bd3382e30fc3757cca99461f6e750d91b53e97dd71acd70

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
last-modified: Wed, 23 Aug 2023 07:39:44 GMT
etag: "1692776384"
x-hw: 1693249502.dop215.la3.t,1693249502.cds066.la3.hn,1693249502.cds108.la3.c
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 213742

GET
H2 200 track
servt.ergadx.com/ 0
98 B 2132ms
357ms Image
text/plain 34.233.157.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.ergadx.com/track?pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&cb=1693249501319&r=www.hancinema.net&stagid=64c0f4b686f27acac302e485&stplid=64c0f366de8084e234054bc8&d35=&d65=&d66=8&d74=&e=playerLoaded&cvid=64e5aec07d0d0b5eba08f643&str=autostart
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-157-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 1412ms
347ms Image
image/gif 18.65.39.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=kdalk_728x90_
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 10:51:51 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 14285593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: fY75-uO5nswKEuVcVvyklnoX3SKVnUoaq2OJABQ6MfM2isx0Jr8mrw==

POST
H2 200 7fded2a5e8bb897a Show response
www.hancinema.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E204 0
461 B 140ms
139ms XHR
text/plain 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hancinema.net/cdn-cgi/challenge-platform/h/b/jsd/r/7fded2a5e8bb897a
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Aug 2023 19:05:01 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7fded2c9fc42897a-SIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEQgenROMpaj98YKqAV0he5y67%2BtL1u0hz56Ng02kiZvj1a2rnDJx0lApKWRbEwLT738PS6XS1%2BaQCemXmDyWnRHrm6YcOmfKE%2FFLDKnJjicFtifdat7VluRHNaacwA6hprf"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame CC6F 393 B
603 B 664ms
93ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hancinema.net&callback=_gfp_s_&client=ca-pub-1612871806153672

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

b8a04614f4eea63702eda0f32c2daa703bbc09dbe76afbe9bc79fe3a5feda6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8526 0
46 B 146ms
145ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&adk=1812271804&adf=3279755396&lmt=1693220701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500904&bpp=2&bdt=1922&idt=877&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&nras=1&correlator=3089863421112&frm=23&ife=1&pv=2&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.w1zfynngq6cs&fsb=1&dtd=906

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 029C 36 KB
15 KB 245ms
244ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

8f03124699cb7701850f88f1a2d4e7f4f5f58ecd1d313be2a2c66bd7bd0e03fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15639
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F129 393 B
323 B 333ms
96ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hancinema.net&callback=_gfp_s_&client=ca-pub-1612871806153672

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

6dff92f7837110686c19c7a127d195b497c6830d072d1b4e9549bf2f69266400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3366 0
53 B 131ms
130ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&adk=1812271804&adf=3279755399&lmt=1693220701&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500856&bpp=3&bdt=1842&idt=981&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fsapi=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.l2shr394n809&fsb=1&dtd=998

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D879 39 KB
17 KB 345ms
345ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

672b9f9bf95f07b238cfb2fbeeca2ccbf1e655358f0857d04c221bb431189af4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16840
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ Frame C546 404 KB
127 KB 90ms
89ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21574
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:05:28 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ Frame C714 404 KB
127 KB 139ms
138ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21574
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:05:28 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ Frame 4E28 404 KB
127 KB 89ms
89ms Script
text/javascript 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21574
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:05:28 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 029C 3 KB
1 KB 735ms
133ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:42 GMT

GET
H2 200 afr.php Show response
ads.as.criteo.com/delivery/r/ Frame C70E 189 KB
55 KB 746ms
157ms Document
text/html 182.161.73.148
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.as.criteo.com/delivery/r/afr.php?z=ZOzv3QANif4Bc-aVAA-1YGsCr1x_0BpUqB0Rew&u=%7CngRw8dZsUFvceNQQSdY2Nw2HZnZkQOTN5%2BzeHzVVEsc%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_JvYfZLm_vJzvOLJ12UxSe2Ddx4D--4qfoMW8seDx63X0TjnsRB_uaIPAuyzLw5Z0jkn8cXkFe0BKdYB0A7Wzi1_MIuwlF8EHmUciiveymfanX81ohGIA9HBtiJM1Xrc5ZTV9uEMzLcp6cAZs0MRi6zKIQ2x7yzXT3yMYjTsQDyvvLf7UbFf92KvpOvVOr5HEa0FDcIikx-l3Or3FyU4wm5S_WhyAYUQWll8SMj4AMd_mj2r9QFtsZmkX8767VcDVCJstQAdlfsyItUjNh6d47B5Ny2PE0pwF61USzLLerZlmqhHjtub3ft2mln7I2cj9B-L2vtSrpPRNvYcChDg8_Re7-0Vu7Tcpaenmc88wOXvj6lHlPbieHJiiOtC5HfPUKwvQ3UTJ5Gq2xUYOuj-cNsEmK97nNWcA4CDjT1UWjUgfF243RS5Wb8cQ1pOw0_gaJVMkGNCmTd-wdt1ZHICogdP6F3-iY5eaHOmHI3WcRuj5BengxSqz6uARW_nSDxX7W9EXFs29Vv34Bh6rCchJx65o4WlropYWF7jMU65rPbTITztvpv0RgepX-_7g5qo3Gp4Fc7PL9OQbzoSAsrvfyFeoMevsNyaYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFawo3e_sZP6TNpXNz7sP4Oq-uAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTYxMjg3MTgwNjE1MzY3MsgBCagDAcgDAqoEygFP0ByvZxBcXO9Xuhfclr75XP0NXzTEkD9oF9g-Y9GC_BaPM99jQgsOLpB4gbVfneAJp-Yh6a7tYn_U6atKjvuvWeCNl_wtT-hXGLqeMyO4y6cldiJ733WHckMxA4CNwskvahEfY3LFoM4pnS3QTjB6VXY0YFblN70nQ_OFcKOTJ3pEuNTG5FDNTEGUP3ErI0bVWBhjJgKQLDHtKRAwl9x8fuuiUKAi6Kp9JP8guX0vfccTqpCD6SHN_ocMMZbtGttNkjDoWB8S4lv3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DJAKntNRC8Fsu1NgWRoW5N0P4bA%26client%3Dca-pub-1612871806153672%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4ecbf684dc450c457e3d56fdfe96ab3e508b9e451827bafa9f3aca0b02e7f2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:02 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=ZadLCy09psNcs6qmjD1JE9Rs1jxO-EZI6xntN33WCoQVsdPhO8NUnO2TIsa2W3FqkiIutTHku5jjTKTxR5TiP66HUYYNxYU_u9sz-OZNBpoKWtkHVkxDPF-UnNtsXxhBOic--pRC9K6OvD2-kX5fw53rli6ViZ6o38b5NTyQZITnCTzXOC23_wVk7u6oiKZ1Tqada-Td8FX4qilKbFsRecSVhONGrc97VmujjKy5q1sFrF-HgXZeGxgVvFey0X1WS8UpCQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 60243832
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F7BC 1 KB
758 B 90ms
89ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 32902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:56:40 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 09:56:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 029C 20 KB
8 KB 662ms
95ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 029C 0
0 759ms
145ms Image
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXCR8fx8Fn4AEEAOhNnWo-KRmBx_fpNHpv_O87cingY7R1vnREWuyhDAvNk2abIR4PPKIoCCm4NkD-emfz6LgLXXwfaQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.200.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 029C 181 KB
57 KB 710ms
92ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F7BC 35 B
464 B 679ms
92ms Image
image/gif 103.229.10.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHWUSRw2TckDuazqfaWPXuU&google_cver=1&google_push=AXcoOmRqWw4XXn5XIBZBdsbHrfLxIZfdv9vXB5yF019IUqyWPX1GDxPIEjCX3Ly-aLTxQahbG_aGPwjvzBpl-wLYvzatkYDH1Yjqkg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7BC
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_cver=1&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTH...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=3ee2ef31bf722538&is_secure=true&networkId=14000&version=1&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_cver=1&google_push=AXcoOmTwruOs...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALdYBSEfqdiwN-P91HAAAAAAA&expiration=1693335903&google_cver=1&is_secure=true&google_gid=CAESEADQjynqq45iaax4BiMCd...

170 B
188 B

103ms
103ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALdYBSEfqdiwN-P91HAAAAAAA&expiration=1693335903&google_cver=1&is_secure=true&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTHL_yHeyu-l7pVpXBF8zMgfuQckpy48s7g_iejmhAW2-QNRuxo

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:03 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALdYBSEfqdiwN-P91HAAAAAAA&expiration=1693335903&google_cver=1&is_secure=true&google_gid=CAESEADQjynqq45iaax4BiMCdKM&google_push=AXcoOmTwruOsbmzIdgDLnSTxYeMjCBOV_3BMwtPwmZKLFinqZbS3vTHL_yHeyu-l7pVpXBF8zMgfuQckpy48s7g_iejmhAW2-QNRuxo
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7BC
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHDrNDDnQe-kKlaVbF6jYlo&google_cver=1&google_push=AXcoOmSiIICrtFs70U2smp3E_JFpW5auTBRB1nUM-PK5hWexFNLFQWZWTRMM5TqAwup-Mq1jx_hCNpqwC_U3wqt9-z...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEHDrNDDnQe-kKlaVbF6jYlo&google_cver=1&google_push=AXcoOmSiIICrtFs70U2smp3E_JFpW5auTBRB1nUM-PK5hWexFNLFQWZWTRMM5TqAwup-Mq1jx_hCNpqwC_U3wqt9-z...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ2NTRjZTMtNTI2MS00ODZhLThiYTQtMjQxODM0YjRhY2Ex&google_push&gdpr=0&gdpr_consent=&ttd_tdid=54654ce3-5261-486a-8ba4-241834b4aca1

170 B
188 B

102ms
101ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ2NTRjZTMtNTI2MS00ODZhLThiYTQtMjQxODM0YjRhY2Ex&google_push&gdpr=0&gdpr_consent=&ttd_tdid=54654ce3-5261-486a-8ba4-241834b4aca1

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NTQ2NTRjZTMtNTI2MS00ODZhLThiYTQtMjQxODM0YjRhY2Ex&google_push&gdpr=0&gdpr_consent=&ttd_tdid=54654ce3-5261-486a-8ba4-241834b4aca1
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7BC
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_gid=CAESEHL0NigqIke4q0Wae4II94M&goo...
https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_gid=CAESEHL0NigqIke4q0Wae4I...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_hm=AZ2J66rNS4D1ks8AD7M...

170 B
188 B

110ms
109ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_hm=AZ2J66rNS4D1ks8AD7MO3B27FMA

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
via: 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmRsPGk19gbPkSRAM2o0_MzeCayzH9tYfg0rfF1o7Fq4koQqCoPdA0OGXuJ7P9qb-97e9s5VBj8Nzle5LQyLWnEDPoGvYl-zFf8&google_hm=AZ2J66rNS4D1ks8AD7MO3B27FMA
cache-control: no-cache
content-length: 0
x-amz-cf-id: 0HYq1XOvqrNNwrHJ4Nw6XtBnFiRY0eodUKJBUvsQQOkYxzeZBiHyfA==
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7BC
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEJZppIBhd6LB-kxWZAFM4EM&google_cver=1&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-Kfzp13d2riXEQOPYYjU
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-K...

170 B
188 B

112ms
111ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-Kfzp13d2riXEQOPYYjU

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 19:05:02 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmTXDRJX4kCZ-QEkKDiPQWRRmPhkp09-5US7TSyEyWKT-xHnVtQTYU3UpPpiQ8hkxqCSy1suIBatiIo-Kfzp13d2riXEQOPYYjU
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F7BC
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOOsPP0u0BcLXyp5FVDfK9M&google_cver=1&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOOsPP0u0BcLXyp5FVDfK9M&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM&google_hm=d0F0Y2FvV3ljNGxKR...

170 B
188 B

106ms
106ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM&google_hm=d0F0Y2FvV3ljNGxKRWVkWVZaUXg=

Requested by

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 19:05:03 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmQDgD6bBiNueo1YOcpUMifYrIF4p_GNR5D_CgSApWcMtKuNw04O48KVBV6BDQ7v6xHD8ip-ObRZIRjqo56bHQy-O1LU46vrifM&google_hm=d0F0Y2FvV3ljNGxKRWVkWVZaUXg=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame F7BC 0
161 B 728ms
187ms Image
application/xml 133.186.161.88
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEDjp_YRTSs7sS5FBLhn-TFg&google_cver=1&google_push=AXcoOmSDp_xpnSW63jANiq9Df7atKzTR3b93JyHSrJUOJ0WszrRMx-t3fm9aW0LJ4nS-2lTGHobXpnUm60JFUbmUrKghUIszJKxUCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 19:05:02 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F7BC 0
12 B 95ms
93ms Image
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KE4M6nB--r9QhKQuiteV2_WcOAXcXuBQhP4Gxa612VWpZ725w4_AygqxNLoQFZvBfEt9Yv

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D879 16 KB
7 KB 606ms
91ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:21:30 GMT

GET
H2 200 viewability-pixel.js Show response
widgets.outbrain.com/viewability-pixel/ Frame D879 4 KB
2 KB 1389ms
342ms Script
application/x-javascript 23.207.181.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.73 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-73.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 276f700e2cd3e069a4af10464b68427f8458afe18ecaafa439feebed73e694a4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
content-length: 1594
last-modified: Sun, 19 Mar 2023 14:00:25 GMT
server: AkamaiNetStorage
etag: "6034584f4c7bdc7d4b084aca0075b456:1679234948.793118"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Mon, 28 Aug 2023 23:05:03 GMT

GET
H/1.1 200
OK /
b1t-sindc1.zemanta.com/t/imp/impression/3446YXJ3CDAG2DOYXTBNKILDYFGINASRXIWQXAKWOOASSDBETYUFLDOQ2UF5UMIG6WARGMRK6E22IRY6WMSC5S6J2DKEZFOYYFQV3ET2YFEYU537SP63SW5XGEWMESGIVBJWNLDZDI4TWBAIX56NNXVTSZ6HO... Frame D879 26 B
151 B 360ms
89ms Image
image/gif 23.108.101.161
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-sindc1.zemanta.com/t/imp/impression/3446YXJ3CDAG2DOYXTBNKILDYFGINASRXIWQXAKWOOASSDBETYUFLDOQ2UF5UMIG6WARGMRK6E22IRY6WMSC5S6J2DKEZFOYYFQV3ET2YFEYU537SP63SW5XGEWMESGIVBJWNLDZDI4TWBAIX56NNXVTSZ6HOVWAHYFITV2WSIQBP7YSAZW2FUS7DYIDSUBPQE6OPR5UQUMPDG7T6O6PO7773FOFMQ55AB6CH6FPG3AS2JQKI6JZMKJIUVUXEMLJYNXUTZDTLT5LQ7QPJD5BIJFQRAWYK6MMPXVQF2MFP4GNKCAY4E2DARDSBR7GK5WPXH3F5HD2EF2JB5ISYBNG5BCB6TJ6MABEROXCGIT7UGAOC6QO6JTQ/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.101.161 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 19:05:03 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame D879 3 KB
1 KB 89ms
88ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame D879 20 KB
8 KB 555ms
96ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:40:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 14:40:42 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D879 0
0 311ms
310ms Image
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR21zyD3W45fC2bMsRKCYRGZehozu4vW2FAoD71_0WjwNH82M09NqU9wwyznHrhVXSHQm5LlUv4kd3wT4smZViHI3iuZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.200.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f147.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D879 181 KB
57 KB 679ms
169ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 19:05:02 GMT

GET
H2 204 wtf.js Show response
track.bidgx.com/ 0
346 B 440ms
434ms Script
application/javascript 104.21.12.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://track.bidgx.com/wtf.js?counters=%5B%7B%22aid%22%3A212045%2C%22zid%22%3A101585%7D%5D&uid=359b0c92e893f5eeb3334221cab58dd7bed5cafc&page=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&lang=en-US&w=1600&h=1200&_t=1693249682&_h=0dfe079a8b2d966e632c2e8393468b5a61eb0f6b&r=774149
Requested by: Host: media.bidgx.com
URL: https://media.bidgx.com/js/code.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.12.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py5ns%2FGnlcH52jCQEiH7SsWI8e8NkIxg%2FVNvtGVkkh%2B%2BpO5BOtpYOjqsX27AHPN1dmGcvzXoSk2dAEMvOaA%2BNScAtgtv25Xvex0x5wlYH2RQtlFYWa1IK2lznsWb9qssbPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, max-age=0
x-robots-tag: noindex, nofollow, noarchive, noimageindex
cf-ray: 7fded2cee8464709-SIN
alt-svc: h3=":443"; ma=86400
expires: Sun, 27 May 1979 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame C546 732 B
896 B 660ms
87ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 28 Aug 2023 19:05:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 27879
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-qpg1260-QPG
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame C546 43 KB
13 KB 485ms
132ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 29 Aug 2023 19:05:03 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ Frame C546 40 KB
9 KB 446ms
100ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 354629
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7fded2d4cc044d75-SIN
expires: Thu, 31 Aug 2023 19:05:03 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame C546 38 KB
12 KB 637ms
343ms Script
text/javascript 13.224.249.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-77.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:55:14 GMT
content-encoding: gzip
via: 1.1 2e4ea5ed710a1104b183ead6b210a514.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 11390
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: B-stsMZ6mr-nWp7HdH93VuKQzF2LKf1CboEJObz8HjkjTIcKVBSelA==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame C546 1 KB
1 KB 699ms
403ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 45b90817d66efbfcd43126783341150f
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame C546 119 KB
26 KB 662ms
100ms Script
text/javascript 172.67.38.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: 1MSRNF4DXK6YA2S6
age: 2588
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7fded2d6cb409fb3-SIN
x-amz-id-2: oM49Yxp3FVge93jsR62BO6ngNaSV6/0BC11jXlJNWSXg7s73RuDYYPA83uT/Ml/g056/rHCQBRY=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame C546 2 KB
2 KB 861ms
127ms Script
text/javascript 13.33.92.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.92.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-92-130.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 28 Aug 2023 01:21:21 GMT
Via: 1.1 3c5649f7d49e8f5b916e18a72b919074.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN2-P2
Age: 63824
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: K1dPmVUDNeWfRNfPcEE5M3rY-W2b0blr1RajIdaRI_23NL-o9MpA6w==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C546 772 B
469 B 527ms
527ms Fetch
text/plain 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2155977126573263&correlator=2247816368473655&eid=31077365%2C31077190&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=21759686865%2CYIT_hancinema.net%2Chancinema_multirichie_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600&ifi=1&didk=1360043964&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693249502540&lmt=1693220702&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=wr9z0uybsy0c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ref=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&top=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=710989253.1693249501&ga_sid=1693249503&ga_hid=790567978&ga_fc=true&dlt=1693249501141&idt=1371&cust_params=yit_screensize%3D1601-1600%26yit_sitewidth%3D1001-1100%26yit_sitewidthleft%3D161-300%26yit_type%3DSR%26yit_autorefresh%3D0&adks=3596830294&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

062eb567176b265a0cb766716c933098ba1a566da93947afafe527c8f4cb035c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C546 15 KB
12 KB 131ms
131ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

74fccd7da630db4f39a9ee870bbaf55cc0276cb657b4049dcf9854e7c731a78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11832
x-xss-protection: 0

GET
H2 200 container.html Show response
3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB2E 6 KB
3 KB 674ms
94ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Tue, 27 Aug 2024 19:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 l.js Show response
media-aso1.com/ Frame C3B4 2 KB
2 KB 731ms
161ms Script
application/javascript 104.21.5.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-aso1.com/l.js?cid=hancinema-net

Requested by

Host: media.bidgx.com
URL: https://media.bidgx.com/js/code.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.5.40 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26e204c16e4d7379f8d694d22ed5d6eddab3fe7b33d0d24731b78e1fcd01a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"6a8667bb43fe0911e1daaff75f68a856"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyxNyUzqho1hOjNX5HEaZtAaX2b24fgq%2BkW7zoyVwzqOpeGRcUdeanII0h9VN6KyTGpHCGqz6%2BUYIxVyYTT5SHkNMKBuUoQW0quwS6Vkx%2Bi79SMZEfSwJUUPSoaG4sQgFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7fded2d8db3aa07d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C714 772 B
685 B 282ms
282ms Fetch
text/plain 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=891415033002244&correlator=1657785499627908&eid=31076404%2C31077417%2C31068367%2C31076407&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=21759686865%2CYIT_hancinema.net%2Chancinema_multirichie_970x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=1&didk=1360043962&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693249502582&lmt=1693220702&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=my5rkq9b4rwo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ref=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&top=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=710989253.1693249501&ga_sid=1693249503&ga_hid=129836087&ga_fc=true&dlt=1693249501147&idt=1422&cust_params=yit_screensize%3D1601-1600%26yit_sitewidth%3D1001-1100%26yit_sitewidthleft%3D161-300%26yit_type%3DFD%26yit_autorefresh%3D0&adks=2009580377&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

04ceb6d398a87f1a6201d894dddcf6099b9a74c77a95ee6976868d24c81b44eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C714 15 KB
12 KB 137ms
136ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

7ff05800b962b374d5094fb35200220debe6c105705270c7ed14d58baf8c5b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11857
x-xss-protection: 0

GET
H2 200 container.html Show response
21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37B1 6 KB
3 KB 674ms
94ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Tue, 27 Aug 2024 19:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4E28 772 B
471 B 470ms
469ms Fetch
text/plain 74.125.200.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3964274432023159&correlator=2561010445581913&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fif&iu_parts=21759686865%2CYIT_hancinema.net%2Chancinema_multirichie_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600&ifi=1&didk=1360043967&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693249502619&lmt=1693220702&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=lb7yorr6mulv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ref=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&top=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=710989253.1693249501&ga_sid=1693249503&ga_hid=1294277013&ga_fc=true&dlt=1693249501134&idt=1476&cust_params=yit_screensize%3D1601-1600%26yit_sitewidth%3D1001-1100%26yit_sitewidthleft%3D161-300%26yit_type%3DSL%26yit_autorefresh%3D0&adks=4210964483&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f156.1e100.net

Software

cafe /

Resource Hash

91feb75cd8c5088a6815c12c416ea61d267a3c72738407728a966b78578e72bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E28 15 KB
12 KB 101ms
101ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

45c9166c62ee100f189be98bc7c15fc325bb26757fa0ebd2c4de64d19d25db49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11785
x-xss-protection: 0

GET
H2 200 container.html Show response
96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F81C 6 KB
3 KB 675ms
97ms Document
text/html 74.125.68.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Tue, 27 Aug 2024 19:05:03 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C546 17 KB
7 KB 90ms
89ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:05:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C714 17 KB
6 KB 90ms
90ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:05:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E28 17 KB
6 KB 96ms
96ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:05:03 GMT

GET
DATA 200
OK truncated
/ Frame 029C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee034adb7803ec6620aa02bb71507c85e7148277c970a72d21eb995ab80710f4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame D879 49 KB
20 KB 113ms
112ms Script
text/javascript 142.251.12.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f157.1e100.net

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 00:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 00:19:14 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C70E 2 KB
1 KB 689ms
96ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZOzv3QANif4Bc-aVAA-1YGsCr1x_0BpUqB0Rew&u=%7CngRw8dZsUFvceNQQSdY2Nw2HZnZkQOTN5%2BzeHzVVEsc%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqfOSxiZ3nhhcqMBhL_lZw9usTLVfAM6d9LVwHBW84iV_JvYfZLm_vJzvOLJ12UxSe2Ddx4D--4qfoMW8seDx63X0TjnsRB_uaIPAuyzLw5Z0jkn8cXkFe0BKdYB0A7Wzi1_MIuwlF8EHmUciiveymfanX81ohGIA9HBtiJM1Xrc5ZTV9uEMzLcp6cAZs0MRi6zKIQ2x7yzXT3yMYjTsQDyvvLf7UbFf92KvpOvVOr5HEa0FDcIikx-l3Or3FyU4wm5S_WhyAYUQWll8SMj4AMd_mj2r9QFtsZmkX8767VcDVCJstQAdlfsyItUjNh6d47B5Ny2PE0pwF61USzLLerZlmqhHjtub3ft2mln7I2cj9B-L2vtSrpPRNvYcChDg8_Re7-0Vu7Tcpaenmc88wOXvj6lHlPbieHJiiOtC5HfPUKwvQ3UTJ5Gq2xUYOuj-cNsEmK97nNWcA4CDjT1UWjUgfF243RS5Wb8cQ1pOw0_gaJVMkGNCmTd-wdt1ZHICogdP6F3-iY5eaHOmHI3WcRuj5BengxSqz6uARW_nSDxX7W9EXFs29Vv34Bh6rCchJx65o4WlropYWF7jMU65rPbTITztvpv0RgepX-_7g5qo3Gp4Fc7PL9OQbzoSAsrvfyFeoMevsNyaYA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFawo3e_sZP6TNpXNz7sP4Oq-uAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTYxMjg3MTgwNjE1MzY3MsgBCagDAcgDAqoEygFP0ByvZxBcXO9Xuhfclr75XP0NXzTEkD9oF9g-Y9GC_BaPM99jQgsOLpB4gbVfneAJp-Yh6a7tYn_U6atKjvuvWeCNl_wtT-hXGLqeMyO4y6cldiJ733WHckMxA4CNwskvahEfY3LFoM4pnS3QTjB6VXY0YFblN70nQ_OFcKOTJ3pEuNTG5FDNTEGUP3ErI0bVWBhjJgKQLDHtKRAwl9x8fuuiUKAi6Kp9JP8guX0vfccTqpCD6SHN_ocMMZbtGttNkjDoWB8S4lv3gAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1DJAKntNRC8Fsu1NgWRoW5N0P4bA%26client%3Dca-pub-1612871806153672%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C70E 2 KB
1 KB 687ms
95ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C70E 308 B
636 B 686ms
95ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C70E 293 B
622 B 685ms
94ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 lg.php
cat.sg1.as.criteo.com/delivery/ Frame C70E 43 B
348 B 361ms
92ms Image
image/gif 182.161.73.132
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=RoswwBJgvb91rUhnwltejZc_SrB0umcClH7_Ph-I8ZDcOCszZEuLWa-XashH-7QMiD9VTMUM5EJiadOXNg6pJ4Joke98YWME3W5oz_Txdck2SsbccI3lUaPxOdF4GHJ5-MEVj-Gu_g4fmCiNP6Ogft4_Y-0HWBKpLwrUKM5QDX4Vt-OJL5guRYPk8i8MDGfCoM3Wr7HiW6wQ0RAe3g2ITNUf4C88PqLwhaS4bKBG1gEY9M9Ysk2Kz-ywx5SKwaU9-wW-KWM47srlm64g3sp15GYWbOEfRcfocUEMEFt6mRcrYXoxQ4smAMGc2geG3yzRvNThh2NTXkBsxBPejgiYO6O7hgnR1oaDpiJKPHHn8oCRvIf_7Po23NEF_pQI530caJSmg1mW2-wFkUxD1FPr_tgs6QeNLlsET4w2pU_TSlExLZilIAMd8-valsp-ZkU8poyOAHO-o6WuoxhdWeRmcI-1xdugY1A4GnDIvk5A8i1BTVoU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1597293
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C70E 12 KB
5 KB 667ms
106ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 928503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eydPJc6rP3jCu6YOM8yqbRv%2FVR37Mkw0uw281rKTfjWVz1yPLPDvLsVun7N8kdzrHprkautOfbVKPPo95%2BKLMniwqbmgVVBK%2BoZIT2s6jM7uuTtVjAHdm7SreuByoOMKlXkW98zS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2d8de0b892c-SIN
expires: Sat, 17 Aug 2024 19:05:04 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C70E 12 KB
6 KB 92ms
91ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 23 KB
23 KB 702ms
136ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?h=496&m=0&partner=26310&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F26310%2F230116%2F007c9cafe47143aa97957c61ae548de8_logo_n_square.png&v=3&w=558&s=-4Eiuvce87WXKNG4HuV0Gzh2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

93f9b3c83d86e805ad1505f77be90db2b1b8b3e3af33f5449187df590f9fd17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 23201
expires: Mon, 29 Jul 2024 15:56:01 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 70 KB
70 KB 781ms
215ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp1-ofp.static.pub%2Ffes%2Fcms%2F2023%2F03%2F17%2F9c48ljxkgflplgj8ujllcnzv4sq37x414513.png&v=3&w=800&s=XEAv1l_V0w8Q6XAKnY3Qahwh&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

896f0ce8118ac2d5a6aafff694dcd6859831048e22e02142fae6cc748769d348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2463320
content-length: 71246
expires: Sun, 24 Sep 2023 09:38:35 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 92 KB
92 KB 782ms
216ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp3-ofp.static.pub%2Ffes%2Fcms%2F2023%2F02%2F27%2F8m4fridb3kgg7n5vu2bvxr1h63886z936488.png&v=3&w=800&s=_cebRPlBzv8dv0bxWLV0p8SX&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

de1eeee6af100d6697355dc3bf1ce1b487f7ac8d54979a6ff693556ea5344ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2591973
content-length: 94340
expires: Wed, 30 Aug 2023 11:50:28 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 63 KB
63 KB 782ms
216ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp3-ofp.static.pub%2Ffes%2Fcms%2F2023%2F03%2F22%2F89ysiytad790zwftdkn4jiy5711q4r343282.png&v=3&w=800&s=IQnd-_-EReTqo_vXi-RAfi8e&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e207af9aedb0ff54e16a2bb01cb7d7f59c9d7ef3ccfddf15bb4551b24bad2924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2370469
content-length: 64631
expires: Fri, 01 Sep 2023 23:50:05 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 63 KB
64 KB 786ms
220ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp4-ofp.static.pub%2Ffes%2Fcms%2F2023%2F04%2F07%2Flet7txl98ajgmoeg4vl8wmlf8v2ro8811771.png&v=3&w=800&s=MyAOJ1ytv30pp5RXROCF2CAO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4573a6fb34aa140988dfb125320680a5aebb7ecccd26a4dc2b9480e7392391d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2385370
content-length: 64996
expires: Sun, 17 Sep 2023 18:52:34 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 62 KB
63 KB 702ms
136ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp2-ofp.static.pub%2Ffes%2Fcms%2F2023%2F04%2F05%2Fw0tcj8z4uucju3a26629yu5avfjzy5086363.png&v=3&w=800&s=JuYy2ABcRUlGq4_O0JXC-4yd&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5be793063e14bfdf36adf0c1c5ee6f02cfd5db1163292ad3774986abe382981a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2147487
content-length: 63824
expires: Sat, 16 Sep 2023 11:08:49 GMT

GET
H2 200 img
imageproxy.as.criteo.net/img/ Frame C70E 62 KB
62 KB 167ms
167ms Image
image/png 182.161.73.159
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.as.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=26310&q=80&r=0&u=https%3A%2F%2Fp3-ofp.static.pub%2Ffes%2Fcms%2F2023%2F05%2F11%2F8jorlcqdb382u1ck8qacvt4nyuvflg327159.png&v=3&w=800&s=xCwgRtIT5C8ZXyFAlqRvV9xN&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.159 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ec5b6111eab9c335799ca1d7d77049e3d1b6437a6cdc9c0250bd0f49e6c458e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2360314
content-length: 62984
expires: Fri, 22 Sep 2023 22:38:37 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame C70E 0
127 B 706ms
90ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.as.criteo.net/all?cppv=3&cpp=ZadLCy09psNcs6qmjD1JE9Rs1jxO-EZI6xntN33WCoQVsdPhO8NUnO2TIsa2W3FqkiIutTHku5jjTKTxR5TiP66HUYYNxYU_u9sz-OZNBpoKWtkHVkxDPF-UnNtsXxhBOic--pRC9K6OvD2-kX5fw53rli6ViZ6o38b5NTyQZITnCTzXOC23_wVk7u6oiKZ1Tqada-Td8FX4qilKbFsRecSVhONGrc97VmujjKy5q1sFrF-HgXZeGxgVvFey0X1WS8UpCQ&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C70E 2 KB
1 KB 85ms
85ms Image
image/svg+xml 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:03 GMT

GET
H2 200 B27913447.364764829;dc_ver=96.284;sz=300x250;u_sd=1;gdpr=0;dc_adk=2022478510;ord=2b5hl8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiHIE3e_sZOuSOOH3z7sPwdGsgAXXrJyCbsrq_L... Show response
ad.doubleclick.net/ddm/adj/N7861.1889146ZEMANTA.COM0/ Frame D879 77 KB
33 KB 459ms
127ms Script
text/javascript 172.217.194.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7861.1889146ZEMANTA.COM0/B27913447.364764829;dc_ver=96.284;sz=300x250;u_sd=1;gdpr=0;dc_adk=2022478510;ord=2b5hl8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiHIE3e_sZOuSOOH3z7sPwdGsgAXXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTE2MTI4NzE4MDYxNTM2NzLIAQmoAwHIAwKqBMoBT9BRHWA_YKRbLyKbP__BoIVN7vM5tFFQm6ltK-JCAbKjLVmvvH33kwRBHTSpy-fMQ5wlFxDibHZbYv6JajLRStjQ4qNFSG_8su69HZMIJSPVUf1gTkyGzjfWp77ZEoQflQUx6fnkM1eUZTm-iKdKAYXgzpjk85T9MocqZcv-EOq05AAk43LxSM92X_lssbC9IbaGLvwhfpRY2nJDINg2uId_hAGkL2LObxHRJuvgIaD6DinvpryFeNQCDS4Gex84B-aOsNfr_6CZQYAGrcH1iqGlipaAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZsUnY8QrtnlUo21enovzDNZcwAw%26client%3Dca-pub-1612871806153672%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F48748450%252F136962005%252FDPS5F53VPGZIBXUMIP7ELIDUCW374LOORLHC4W2MTEZULALKMHR4NXVSI7CJZMUP4KZ4EQ6CRI65MQNMJXEUHOA573HAYBROLXR33KUAUJMPZ7OXZMKUZ5S3HNOQ6LUUZ4NNCSNNJAPK5HY36IVKYAJW7PMVMOXZ275YZKCUCLXOW44KZFKWX3MSTDKIYHUNSOTRFKNBKM3FECXC7BYJSMF6EW27EJ4WRAQVYHXNELK6NBFACKSGP77OK57JDYYVVNTLU6JYDNJXRCLRJM3ULOH7BGTMAHE7L35WVEVLTVVNAFIR5LDM76MHW5VRIKN4PS4OCF6RQ5AP3RSWXBGY7CTOH4MVZF4ERI4VOQUQK4YINIWTOSVCMIMR4XP2LOYJSHYWRZB2TSXP5PEZDLALBZMUTDFHC4XDDND6IXT6LTT365KSOZPNBTCVJR7RNTB6XZ5FDX5EBWOODIB25VYYF2JEFLICEWGS7VJRHRO2LY34CTYJU56QKI6VLENZWCSSZAV73SWCJHIGSC2GU7KSDQTZU3F5PEBYAGWT73ZA5ZM2TQD3CAM4OC4T5DHHXVKDGS6X2ZNT5UATZPIJPNECA32B7M%252F%253Frurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.hancinema.net$2,https%3A%2F%2Fwww.hancinema.net%2F$0;xdt=1;crlt=Y9wtorUC5g;gcsr=m;stc=1;chaa=1;sttr=226;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f149.1e100.net

Software

cafe /

Resource Hash

3a62faf9406941e227e05706202e4e3fce76b76d5b938052e76d34d961242760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame C46C 476 KB
128 KB 1017ms
214ms Script
text/javascript 184.51.97.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.51.97.203 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-97-203.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt5JW5y34gs6l6_bfNhhiAV3wM9Y3Pjun-PjGw2651DrDM92leO2dyQj5IQR5yIwGDlorBnYJ-BZdOf3Ooz4YnN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 130379
last-modified: Wed, 23 Aug 2023 20:53:33 GMT
server: UploadServer
etag: "25aee45ea3338112064b801c98043832"
vary: Accept-Encoding
x-goog-generation: 1692824013316426
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 130379
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:15:05 GMT

GET
H2 200 large-poster.jpg
content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/ 18 KB
19 KB 277ms
267ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/large-poster.jpg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 40528c9642eb83cac6c8c83d5712388fcdefdce0a8e23545010bc68082c56b51

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
x-guploader-uploadid: ADPycdup2ONHHSHuIKKltXdlORvIDUVxdGmhNzOMhRkcFeYKqSnyMg3J6OZYOnEAfMhDDmSOoD4esBdxgCcQAVxdoWiOP140blkI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18936
last-modified: Wed, 23 Aug 2023 07:01:32 GMT
server: UploadServer
etag: "1eecf141794d15c8f744ea7c1dd9e4f3"
x-goog-generation: 1692774092502186
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=ZU1I3Q==, md5=HuzxQXlNFcj3ROp8Hdnk8w==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1693249503.dop215.la3.t,1693249503.cds066.la3.hn,1693249503.cds230.la3.c
x-goog-stored-content-length: 18936
accept-ranges: bytes

GET
H2 200 31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 34 KB
35 KB 275ms
275ms Font
application/octet-stream 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer: https://www.hancinema.net/
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
content-encoding: gzip
last-modified: Wed, 23 Aug 2023 07:39:44 GMT
etag: "1692776384"
x-hw: 1693249503.dop224.la3.t,1693249503.cds233.la3.hn,1693249503.cds103.la3.c
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 35197

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1104607/70775984/ Frame D879 249 KB
75 KB 593ms
89ms Script
application/javascript 52.74.107.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1104607/70775984/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7861.1889146ZEMANTA.COM0/B27913447.364764829;dc_ver=96.284;sz=300x250;u_sd=1;gdpr=0;dc_adk=2022478510;ord=2b5hl8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiHIE3e_sZOuSOOH3z7sPwdGsgAXXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTE2MTI4NzE4MDYxNTM2NzLIAQmoAwHIAwKqBMoBT9BRHWA_YKRbLyKbP__BoIVN7vM5tFFQm6ltK-JCAbKjLVmvvH33kwRBHTSpy-fMQ5wlFxDibHZbYv6JajLRStjQ4qNFSG_8su69HZMIJSPVUf1gTkyGzjfWp77ZEoQflQUx6fnkM1eUZTm-iKdKAYXgzpjk85T9MocqZcv-EOq05AAk43LxSM92X_lssbC9IbaGLvwhfpRY2nJDINg2uId_hAGkL2LObxHRJuvgIaD6DinvpryFeNQCDS4Gex84B-aOsNfr_6CZQYAGrcH1iqGlipaAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZsUnY8QrtnlUo21enovzDNZcwAw%26client%3Dca-pub-1612871806153672%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F48748450%252F136962005%252FDPS5F53VPGZIBXUMIP7ELIDUCW374LOORLHC4W2MTEZULALKMHR4NXVSI7CJZMUP4KZ4EQ6CRI65MQNMJXEUHOA573HAYBROLXR33KUAUJMPZ7OXZMKUZ5S3HNOQ6LUUZ4NNCSNNJAPK5HY36IVKYAJW7PMVMOXZ275YZKCUCLXOW44KZFKWX3MSTDKIYHUNSOTRFKNBKM3FECXC7BYJSMF6EW27EJ4WRAQVYHXNELK6NBFACKSGP77OK57JDYYVVNTLU6JYDNJXRCLRJM3ULOH7BGTMAHE7L35WVEVLTVVNAFIR5LDM76MHW5VRIKN4PS4OCF6RQ5AP3RSWXBGY7CTOH4MVZF4ERI4VOQUQK4YINIWTOSVCMIMR4XP2LOYJSHYWRZB2TSXP5PEZDLALBZMUTDFHC4XDDND6IXT6LTT365KSOZPNBTCVJR7RNTB6XZ5FDX5EBWOODIB25VYYF2JEFLICEWGS7VJRHRO2LY34CTYJU56QKI6VLENZWCSSZAV73SWCJHIGSC2GU7KSDQTZU3F5PEBYAGWT73ZA5ZM2TQD3CAM4OC4T5DHHXVKDGS6X2ZNT5UATZPIJPNECA32B7M%252F%253Frurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.hancinema.net$2,https%3A%2F%2Fwww.hancinema.net%2F$0;xdt=1;crlt=Y9wtorUC5g;gcsr=m;stc=1;chaa=1;sttr=226;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.107.222 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-107-222.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 5e518f81520f6d97ce0f874d72e84cb8e0dff8d7f62c6287a8f3566d404e113b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/ Frame D879 11 KB
4 KB 90ms
90ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230824/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7861.1889146ZEMANTA.COM0/B27913447.364764829;dc_ver=96.284;sz=300x250;u_sd=1;gdpr=0;dc_adk=2022478510;ord=2b5hl8;click0=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCiHIE3e_sZOuSOOH3z7sPwdGsgAXXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTE2MTI4NzE4MDYxNTM2NzLIAQmoAwHIAwKqBMoBT9BRHWA_YKRbLyKbP__BoIVN7vM5tFFQm6ltK-JCAbKjLVmvvH33kwRBHTSpy-fMQ5wlFxDibHZbYv6JajLRStjQ4qNFSG_8su69HZMIJSPVUf1gTkyGzjfWp77ZEoQflQUx6fnkM1eUZTm-iKdKAYXgzpjk85T9MocqZcv-EOq05AAk43LxSM92X_lssbC9IbaGLvwhfpRY2nJDINg2uId_hAGkL2LObxHRJuvgIaD6DinvpryFeNQCDS4Gex84B-aOsNfr_6CZQYAGrcH1iqGlipaAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3ZsUnY8QrtnlUo21enovzDNZcwAw%26client%3Dca-pub-1612871806153672%26adurl%3Dhttps%253A%252F%252Fr1-usc1.zemanta.com%252Frp2%252Fb1_googleadx_display%252F48748450%252F136962005%252FDPS5F53VPGZIBXUMIP7ELIDUCW374LOORLHC4W2MTEZULALKMHR4NXVSI7CJZMUP4KZ4EQ6CRI65MQNMJXEUHOA573HAYBROLXR33KUAUJMPZ7OXZMKUZ5S3HNOQ6LUUZ4NNCSNNJAPK5HY36IVKYAJW7PMVMOXZ275YZKCUCLXOW44KZFKWX3MSTDKIYHUNSOTRFKNBKM3FECXC7BYJSMF6EW27EJ4WRAQVYHXNELK6NBFACKSGP77OK57JDYYVVNTLU6JYDNJXRCLRJM3ULOH7BGTMAHE7L35WVEVLTVVNAFIR5LDM76MHW5VRIKN4PS4OCF6RQ5AP3RSWXBGY7CTOH4MVZF4ERI4VOQUQK4YINIWTOSVCMIMR4XP2LOYJSHYWRZB2TSXP5PEZDLALBZMUTDFHC4XDDND6IXT6LTT365KSOZPNBTCVJR7RNTB6XZ5FDX5EBWOODIB25VYYF2JEFLICEWGS7VJRHRO2LY34CTYJU56QKI6VLENZWCSSZAV73SWCJHIGSC2GU7KSDQTZU3F5PEBYAGWT73ZA5ZM2TQD3CAM4OC4T5DHHXVKDGS6X2ZNT5UATZPIJPNECA32B7M%252F%253Frurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=2,https%3A%2F%2Fwww.hancinema.net$2,https%3A%2F%2Fwww.hancinema.net%2F$0;xdt=1;crlt=Y9wtorUC5g;gcsr=m;stc=1;chaa=1;sttr=226;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 15:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13758
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 15:15:45 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D879 0
0 368ms
100ms Fetch
image/gif 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHJmtjzNVpofSBZhy8hZRosTG4mckz7-RV0VxPoxzjj4ufsPL8CbkFMuPVMINUaeHrOJbsRxDgJRm7Jz7orXs4wt94CNtZPqY98rXcT104r68rcSTCQjy8yF_8Jh9iMQO8fTv1QSYH28SU2otAcZqjIbv8MYAuZeh6KIhxFN_b&sai=AMfl-YRrZpLdoowiwwEavZq9qkNsolKDiJGwBHp06rtZbrH177i65O2ObntilPwIADQZst1TSRdBLp1anGIvy6g1VkOAXBHxTDQQfZxdFQ&sig=Cg0ArKJSzAa5iRLHmUtkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230824.74864&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 19:05:04 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D879 41 KB
14 KB 91ms
90ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 02:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2024 02:01:44 GMT

GET
H2 200 11947317356597182447
s0.2mdn.net/simgad/ Frame D879 45 KB
46 KB 706ms
96ms Image
image/jpeg 142.251.12.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11947317356597182447

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f148.1e100.net

Software

sffe /

Resource Hash

68be479f1cba81bc0ccc3e4d0c6cb6f8304477dc4001f34164c914f4c51e5b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:41:17 GMT
x-content-type-options: nosniff
age: 372227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46275
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 09:57:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 11:41:17 GMT

GET
H2 206 video.mp4
content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/ 35 KB
0 272ms
272ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/video.mp4?AV_TAGID=64c0f4b686f27acac302e485&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&AV_TEMPID=64c0f366de8084e234054bc8&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7&videoId=64e5aec07d0d0b5eba08f643
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.hancinema.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
x-guploader-uploadid: ADPycdt7vGPvgGy72yD5Bl8sjBBIJfXo2VLmbAKXcKMS_tZT1tuPt-NIyY2nO3v1jPP6Jst8Rh0G2M1Z-_7vK87mh5VXfw
x-goog-storage-class: STANDARD
Content-Range: bytes 0-3173348/3173349
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 3173349
last-modified: Wed, 23 Aug 2023 07:01:31 GMT
server: UploadServer
etag: "3c6682d863fe81792cc659ea63066cfb"
x-goog-generation: 1692774091066661
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cfB6Cw==, md5=PGaC2GP+gXksxlnqYwZs+w==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1693249504.dop215.la3.t,1693249504.cds066.la3.hn,1693249504.cds229.la3.c
x-goog-stored-content-length: 3173349
accept-ranges: bytes

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80B1 1 KB
682 B 87ms
87ms Document
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 32903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:56:40 GMT
etag: 48472445140208031
expires: Tue, 29 Aug 2023 09:56:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 207D 15 KB
6 KB 652ms
89ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hancinema.net

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 253325
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59EE 13 KB
5 KB 96ms
94ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:03:33 GMT
expires: Tue, 27 Aug 2024 19:03:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA35 829 B
1 KB 104ms
103ms Document
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

GSE /

Resource Hash

d1496c578acf2957689e6a013bb348b694db5800b239df669a69991818aa7934

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9qDSsTg8_N0vwTjX8Gwn_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-9qDSsTg8_N0vwTjX8Gwn_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Mon, 28 Aug 2023 19:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D537 13 KB
5 KB 94ms
92ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:03:33 GMT
expires: Tue, 27 Aug 2024 19:03:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4058 829 B
762 B 101ms
100ms Document
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

GSE /

Resource Hash

48a2e5f70af6a73de341cfd25dc65063a1a8e4cd4318f47f6508301ac94bb6f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yUPlzQrFC3mgLkhJaMHvjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-yUPlzQrFC3mgLkhJaMHvjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Mon, 28 Aug 2023 19:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame D879 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4385bc5c90046cd05af1db5d45331f0244aed9804b1b591731b9d5d06990785

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B78 13 KB
5 KB 90ms
88ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 90
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:03:33 GMT
expires: Tue, 27 Aug 2024 19:03:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 13B9 829 B
763 B 93ms
92ms Document
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

GSE /

Resource Hash

cd43b92589069ef69b2abc27681da90acc9d6ee4aaf2522234114eebdb333723

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ShSo_hTSPtjztSrX42ibaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-ShSo_hTSPtjztSrX42ibaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:03 GMT
expires: Mon, 28 Aug 2023 19:05:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame C546 235 B
694 B 448ms
174ms XHR
application/json 52.74.240.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.240.101 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-240-101.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0e32a95bc5bad6d8cad0a23ae958505f2145078bd938e14920310f78d9bd8a40

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache
x-server: 10.42.7.94
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 39D7 22 KB
8 KB 89ms
88ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 532596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:08:27 GMT
expires: Wed, 21 Aug 2024 15:08:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80B1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGH-JLEbOX4wy9fy3lRE2yw&google_push=AXcoOmRjMo18OtvafrwjS2JnThd5vx3szgbBRGFxgOzAOMSwGmcOTbqpf5...

170 B
188 B

98ms
97ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGH-JLEbOX4wy9fy3lRE2yw&google_push=AXcoOmRjMo18OtvafrwjS2JnThd5vx3szgbBRGFxgOzAOMSwGmcOTbqpf5mlDHTUps3hKnGngBLxsgsgYOYz6oJpU6i5WHsfzLspiyIPgO-_sxbcu-IVFj1tBIxSjTLga50tBskST-AXpiYJkZotD8IbxCqaag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-qpg1275-QPG
pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1693249504.246073,VS0,VE241
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGH-JLEbOX4wy9fy3lRE2yw&google_push=AXcoOmRjMo18OtvafrwjS2JnThd5vx3szgbBRGFxgOzAOMSwGmcOTbqpf5mlDHTUps3hKnGngBLxsgsgYOYz6oJpU6i5WHsfzLspiyIPgO-_sxbcu-IVFj1tBIxSjTLga50tBskST-AXpiYJkZotD8IbxCqaag
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80B1
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEJZppIBhd6LB-kxWZAFM4EM&google_cver=1&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYpHYcSOryOcFsQPO7-oAEs...
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYp...

170 B
188 B

113ms
113ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYpHYcSOryOcFsQPO7-oAEsqEQl07HL9OimMBNhVOlHwYGk3ZVnZ40l6aGff_OP8xwVME8nr2J

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 28 Aug 2023 19:05:03 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=LW1hT3Z4bTFCVXVma2w1VjN1X3NaQQ%3D%3D&google_push=AXcoOmQReYv72b5llRLBb-Hf3qH-2m4Dw-TLuBof5ZgxfG0cdQdgRXY2UevYwPMPXdGUkbzdfUY7nmjLK4CYpHYcSOryOcFsQPO7-oAEsqEQl07HL9OimMBNhVOlHwYGk3ZVnZ40l6aGff_OP8xwVME8nr2J
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 299

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80B1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiew...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczl...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=6cc8ad22-7b4e-419c-992b-afbd3d10b073
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=6cc8ad22-7b4e-419c-992b-afbd3d10b073
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=22a4e9b0-790c-4247-943d-324e775b6d30&user_group=1&ssp=google&bsw_param=6cc8ad22-7b4e-419c-992b-afbd3d10b073
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sB...

170 B
188 B

166ms
165ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sBhpItroN2SJ98HHhq8rEIj22w&google_hm=bMitIntOQZyZK6-9PRCwcw==

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmT7pWRwm0tPcOfAxZNAUCtFcK2fex24dMY16a-nJrsTQXbAc1iv4X0yEl2Unakst7i0I_lWdGXqIjvczlpAIiewtN9zgePypVFLdE3m2H8HpRfDTM4-Zcny6ixqLrh0sBhpItroN2SJ98HHhq8rEIj22w&google_hm=bMitIntOQZyZK6-9PRCwcw==
Date: Mon, 28 Aug 2023 19:05:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80B1
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTn...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMlijfrmTaTKfwbZu_UAZKk&google_cver=1&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluI...

170 B
188 B

97ms
96ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluIGV9zyXaHOvRidQSONZFACb6-hWH1rvWaA&google_hm=bMitIntOQZyZK6-9PRCwcw==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRw8G5J5qP0lN7lyKf3PtfIJp3bfwfCKLpD5G_5KEI0Rp_jDd1LGntrqzFRT1mpKLZTC_uD1SkfEI2V8KJTnd5rNrLfrUx5IHlkQ2zeMhyQqC1h_wro3gluIGV9zyXaHOvRidQSONZFACb6-hWH1rvWaA&google_hm=bMitIntOQZyZK6-9PRCwcw==
Date: Mon, 28 Aug 2023 19:05:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 80B1 42 B
233 B 1136ms
362ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEID3jgaoGmiXBaLDAti_cd0&google_cver=1&google_push=AXcoOmTEMnR-Za3hHyQPnTXsOuBcJO-rMO3iYTfljen-HGWwM-b8ysHWsV6DtwlJB4s44oMWo5Wv8CLD1wJuSsK9E0zOr8aNXVjt7oH9rbVOMq5A9ovB6j0aar0GZrXZI4j1Jj99O5I6cwNpCxPk2AHURaQd2w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 19:05:04 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 80B1 35 B
623 B 1054ms
195ms Image
image/gif 183.79.219.252
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEJL1MUl3tMnhtKe1cVSpC00&google_cver=1&google_push=AXcoOmQLdjq-hBzxN0DhIYsDJNgKju8na99zPhbf65u4kPtY-I9iH_z5SkshysRc1AftE12NHpSWe9R6R56DSeN9w4RnMYCMMezfqefV4VhOmanKohqcBT7Q1N7rNw2lrokTiLafJv_RG-dpwDKL2w1e9vvaSyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80B1
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEFnDgO_a5jwK8OuYNd9iujE&google_cver=1&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoe...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoeqa4BrI784vT5LbLsUIyZxfedgE7c...

170 B
188 B

107ms
106ms

Image
image/png

74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoeqa4BrI784vT5LbLsUIyZxfedgE7cAg_98obgFL1V8ODxjGBvh2qj1dASBcpIg&google_hm=a6873b07c48a7df2469b5f5974af3675

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmR4ImvzLSFkGN9YVRlxVNqjtK1YqtLU14bxbDJ20Aw2B7J19zFy5JYINT84cJkTfpMiXT8gv_gChvbP_swAa-nfWGRoeqa4BrI784vT5LbLsUIyZxfedgE7cAg_98obgFL1V8ODxjGBvh2qj1dASBcpIg&google_hm=a6873b07c48a7df2469b5f5974af3675
date: Mon, 28 Aug 2023 19:05:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 80B1 0
12 B 105ms
104ms Image
text/html 74.125.68.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ka7XIjfBVB0EMitFvJWMl20ZQuUWMobg5t82lQgePMlmNYXEWgu1l0ZJwLBCWIPyxZQCvjVlk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ Frame C546 0
326 B 1009ms
413ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.hancinema.net
date: Mon, 28 Aug 2023 19:05:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 029C 42 B
174 B 93ms
92ms Fetch
image/gif 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslPZ0M3WOKHCQ5orCL1rIzI7bbDE33V0M8ZE2AScUOOoeZ4Gb-il5KscqnkxC-tbZSASZmgn-N-D3BEZX9y2hi3woIN8PD9qRYbQc&sig=Cg0ArKJSzElz_cpACOLPEAE&id=lidar2&mcvt=1024&p=0,0,250,970&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1151663206&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693249501826&rpt=1114&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 59EE 37 KB
15 KB 94ms
93ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA35 0
0 131ms
131ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308230101&jk=2155977126573263&rc=
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4058 0
0 125ms
125ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308230101&jk=891415033002244&rc=
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 13B9 0
0 120ms
120ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308230101&jk=3964274432023159&rc=
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame D537 37 KB
14 KB 118ms
118ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 39D7 37 KB
14 KB 145ms
144ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B78 37 KB
14 KB 110ms
109ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

POST
H2 200 all
csm.as.criteo.net/ Frame C70E 0
128 B 143ms
89ms Ping
text/plain 182.161.73.142
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.as.criteo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 19:05:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame C70E 682 B
665 B 99ms
98ms Stylesheet
text/css 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:04 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame C70E 682 B
665 B 98ms
98ms Stylesheet
text/css 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.as.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:04 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 59EE 0
40 B 88ms
88ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8faLMg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 hancinema-net.json Show response
cid.media-aso1.com/ Frame C3B4 738 B
991 B 1009ms
178ms Fetch
application/json 172.67.132.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cid.media-aso1.com/hancinema-net.json

Requested by

Host: media-aso1.com
URL: https://media-aso1.com/l.js?cid=hancinema-net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.132.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a4147ee2eca90797757f6525f25a6757e7a93444051acad72ecb2a4d52dd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"349a0b053e03ff2521a3922c7d4d37e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcoU8VrkmGNswQOKun%2FQSbFghRny8I3X%2BhqFXUHBITa%2BPCVekacY%2BDZI9JWNCPZu84qwyj0GWXIQ8R%2Fs%2Bk2DDE6z2AH3n4BPwa2XK3Lygi5eOc7c83map7DLY6qoC5zjIDXcoEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7fded2df996d4a6b-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame D537 0
38 B 95ms
95ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?U-MoLQ
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 7B78 0
38 B 92ms
92ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vUeq4w
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame C70E 23 KB
23 KB 132ms
132ms Font
application/octet-stream 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:04 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame C70E 23 KB
23 KB 88ms
88ms Font
application/octet-stream 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.as.criteo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 22 Aug 2024 19:05:04 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame D879
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1104607/70775984/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsa...
https://static.adsafeprotected.com/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=

1 KB
1 KB

478ms
477ms

Script
application/javascript

18.65.39.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Server: 18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop: AMS1-P1
age: 14522
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 6gNDaLl_FAOGZkHx1Wl80HvYb-ZeJWOp3VcunI8juPha3JztyUVNLA==

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
server: nginx
x-server-name: app03.sg.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=gcc_3-_sZOr8Gq-BjMwP8o-ggA0&cbFunctionName=goog_wrapCb_3-_sZOr8Gq-BjMwP8o-ggA0&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame FA56 91 KB
23 KB 373ms
373ms Script
application/javascript 18.65.39.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 13:56:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 d6029710111dc7ad6216b4063753d630.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 13151345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PGzQElTZfIoOx6vW8yRRTGsmh7NWkWxzz2R_GUu_4AWT7211dOsnCQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D879 43 B
215 B 1830ms
447ms Image
image/gif 3.224.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104607&asId=f6f13464-6490-00dc-722a-153a5b3eb07e&tv=%7Bc:mE4JEu,pingTime:-3,time:67,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:26%7D,%7Bpiv:0,vs:o,r:l,t:66%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:67,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOfYmqH+111%7C121%7C122%7C123%7C124%7C1251%7C1252%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c*.1104607-70775984%7C13c1%7C13c21%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b,idMap:13c*,rmeas:1,rend:1,renddet:IMG.qs,siq:27%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:06 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D879 43 B
215 B 1988ms
610ms Image
image/gif 3.224.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104607&asId=f6f13464-6490-00dc-722a-153a5b3eb07e&tv=%7Bc:mE4JEx,pingTime:-6,time:70,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:70,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4~0%5D,as:%5B4~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOfYmqH+111%7C121%7C122%7C123%7C124%7C1251%7C1252%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c*.1104607-70775984%7C13c1%7C13c21%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b,idMap:13c*,rmeas:1,rend:1,renddet:IMG.qs,siq:27%7D&tpiLookup=ao:www.hancinema.net*%2Cwww.hancinema.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:06 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 207D 436 B
559 B 93ms
93ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hancinema.net&sn=ChromeSyncframe&so=0&topUrl=www.hancinema.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hancinema.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

d63ab1c0fe7ceaabe4078bee9882922f975c30a94f372788432bc0abea324632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hancinema.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1585093
expires: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D879 0
0 93ms
92ms Fetch
image/gif 74.125.130.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHJmtjzNVpofSBZhy8hZRosTG4mckz7-RV0VxPoxzjj4ufsPL8CbkFMuPVMINUaeHrOJbsRxDgJRm7Jz7orXs4wt94CNtZPqY98rXcT104r68rcSTCQjy8yF_8Jh9iMQO8fTv1QSYH28SU2otAcZqjIbv8MYAuZeh6KIhxFN_b&sai=AMfl-YRrZpLdoowiwwEavZq9qkNsolKDiJGwBHp06rtZbrH177i65O2ObntilPwIADQZst1TSRdBLp1anGIvy6g1VkOAXBHxTDQQfZxdFQ&sig=Cg0ArKJSzAa5iRLHmUtkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=824&vt=11&dtpt=822&dett=2&cstd=0&cisv=r20230824.74864&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 28 Aug 2023 19:05:04 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D879 0
131 B 104ms
103ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cjdu53e_sZOuSOOH3z7sPwdGsgAXXrJyCbsrq_Lz9EMCNtwEQASAAYL8FggEXY2EtcHViLTE2MTI4NzE4MDYxNTM2NzLIAQmoAwHIAwKqBMcBT9BRHWA_YKRbLyKbP__BoIVN7vM5tFFQm6ltK-JCAbKjLVmvvH33kwRBHTSpy-fMQ5wlFxDibHZbYv6JajLRStjQ4qNFSG_8su69HZMIJSPVUf1gTkyGzjfWp77ZEoQflQUx6fnkM1eUZTm-iKdKAYXgzpjk85T9MocqZcv-EOq05AAk43LxSM92X_lssbC9IbaGLvwhfpRY2nJDINg2uIc9hiA2kqwVCe4KGhlfCWFtRwnlIrWrYDHmqgbH5tIRK_4xWxSNAIAGrcH1iqGlipaAAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTYxMjg3MTgwNjE1MzY3MhgA&sigh=hfE6pf_s2NY&uach_m=[UACH]&cid=CAQSKQBpAlJWUQLh9V5h4VsDPoxd7EPklTa0w4qVwT-ESjiCe6pyHsSe5Cl5GAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-sindc1.zemanta.com/bidder/win/googleadx_display/ca4f91d1-45d5-11ee-8d25-93ec13021fe7/ZOzv3QAOCWsBc_vhAAsowd-qpovDJu__9Susqw/MJXLYR6XQCEX5ZTX272MZ3TO4YGRE37XPPOI6QZPIHED6EMMGOSXIX4D6KAVGLW6LRAJPN... Frame D879 0
99 B 382ms
105ms Image
text/plain 23.108.101.161
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-sindc1.zemanta.com/bidder/win/googleadx_display/ca4f91d1-45d5-11ee-8d25-93ec13021fe7/ZOzv3QAOCWsBc_vhAAsowd-qpovDJu__9Susqw/MJXLYR6XQCEX5ZTX272MZ3TO4YGRE37XPPOI6QZPIHED6EMMGOSXIX4D6KAVGLW6LRAJPNHG6EWA43X7CWY3TQA6IIMJ3NY4YJN6BIEPUIIKTQ6E6M3LQFOPXX7VLUY3BOHLW7ZGUO44FGIOB7PMJDWSRVB66GOVYKQ3ZQEFDASHZGRZSTIFSORSCG43WYXCHUZIF7BOWAWWJENUYQYVPDHLDN2UIXOL7T4U4B3HDXQV5AHP4TKUOW7UID35BIDDZGQAHQBYMDJGN4SEQQLATINOQBJLHXJOCVSAGN3UEGDPEX3LAUYI2VDKQISAFYD73YOKLCBA4EMYQHPQDF7FKE6TVVZKCQOEN3NB6A2FUNTFUZS7AJBFKCXFAJH6Q7VZSHMGERZYHL7NWLE5MXVH4UNOPJO7LNI4J2ZFI7ZGHNL5ON4Y4ZHTNHWRLBLTFGWSTMPNCWY23IDLDVW7PK56ER3I5XSK33NDEPJ7PPWQ3IXVJALYEMDA/?&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.108.101.161 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 28 Aug 2023 19:05:05 GMT
Content-Length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D879 43 B
215 B 1718ms
448ms Image
image/gif 3.224.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104607&asId=f6f13464-6490-00dc-722a-153a5b3eb07e&tv=%7Bc:mE4JEV,pingTime:-2,time:94,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:1877,mdZ:2554,beA:2616,beZ:2617,mfA:2620,cmA:2621,inA:2621,inZ:2625,prA:2625,prZ:2638,si:2643,poA:2644,poZ:2665,cmZ:2666,mfZ:2666,loA:2686,loZ:2688,ltA:2711,ltZ:2711%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:26%7D,%7Bpiv:0,vs:o,r:l,t:66%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:95,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOfYmqH+111%7C121%7C122%7C123%7C124%7C1251%7C1252%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c*.1104607-70775984%7C13c1%7C13c21%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b,idMap:13c*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:27,sinceFw:66,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:06 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 029C 0
56 B 98ms
98ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6GD93e_sZP6TNpXNz7sP4Oq-uAS91O6wXPCvxL59wI23ARABIABgvwWCARdjYS1wdWItMTYxMjg3MTgwNjE1MzY3MsgBCagDAcgDAqoExwFP0ByvZxBcXO9Xuhfclr75XP0NXzTEkD9oF9g-Y9GC_BaPM99jQgsOLpB4gbVfneAJp-Yh6a7tYn_U6atKjvuvWeCNl_wtT-hXGLqeMyO4y6cldiJ733WHckMxA4CNwskvahEfY3LFoM4pnS3QTjB6VXY0YFblN70nQ_OFcKOTJ3pEuNTG5FDNTEGUP3ErI0bVWBhjJgKQLDHtKRAwl9x8fqmgcTKjIwcT3lJdCK0AyD9ZvZp24A_VbiDEHiMfpcVhirMG7XHogAbMpNGmtd2g4uQBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xNjEyODcxODA2MTUzNjcyGAA&sigh=naxrxrmGSkM&uach_m=[UACH]&cid=CAQSKQBpAlJWmOHOA21siD3VTb1ARnHzKMJVdczBVzASPDR-7xdR6H6Aa8jMGAE&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.jp2.as.criteo.com/google/auction/ Frame 029C 0
126 B 1247ms
170ms Image
text/plain 182.161.74.19
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kNu5FvezWcoH-gHgvNldAgAAANeDdn8UoCJ_EN3v7GQU4ZJo5qmzy8_IAAASAAAKCkFRVUJEUUVCRFE&wp=ZOzv3QANif4Bc-aVAA-1YGsCr1x_0BpUqB0Rew&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 145183
server: Kestrel
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 39D7 0
119 B 93ms
93ms Image
image/gif 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BamZc3-_sZOr8Gq-BjMwP8o-ggA0AAAAAOAHgBAI&bg=!6eql6qXNAAYkVgHwBFY7ADQBe5WfOHWPETSgpqljT0uPrYJnqpzZp4Fi3FWPGE1uw6RRdraZ6z9MNrlIFHL6Ckbsoo_BAgAAAU5SAAAABmgBB5kC_eAuxdWYv6SbwUm9Cd-r8I-E4Fi5zMI72dzyynbU6uEL6_env0GMLq_WtgXdYgqAJxz5CXELQuaCej7wj0bN6pxFD4-P_-V67alqCgKaYi-aWj81vKhz-3yY77BExSRYex7-Kbw7pRf3hs6BwLZELpGn86UWFoXCi5leY8M9HuBJL-CyRtCAuISAqya5hoaDh5GkFXw7mi5B0iKRF6xnTwLx_OyfMQBcwKz-kwu2uwbwii67QSm1QaMjiaFZS3DiGZeaiTg4h8ZkY2xQtTTNnl1g2NA26-avitU3Nn1jHX6Iuq03XMZpTO75HNo4taepyZpT3hNed7cQQCA8YathuckdT7jIL0kFUliK0hCMZDKfgI1R5lEDL4rxa0YKjDYGARmNvq1Nj2sgD9ek85xkul-FrNlsjoLcVodCemCqvWLwy3J-x5WHYneTWwbCQFLVQeA8ZMuMeATbJ72s8gXNyTrpWwsap0tvi4D6CvYCC_1pfaBMM0rLIJc9iHcK_9UsiPaAKODDkGIxY0RtA2lIJ1UuGWAdqnfclWoZgv7yX54cVUVqgFTW6y6wGr8jvAoBfSKpusW1_ujDWfYQY68Vw4ZJdeYqrwsVf1IWO6C_6QZTrEPCUpLLuW1n_2CHTcHl9-LoMKUi4ADAH1uZiOY8pRhB5q_WbgOTusCI4I3aC-qG6QiXJc-ejMjpaPYD0ZKNm9awQgiOzVb5s6i6wJ3pmJVhDlabNelkOwZcLFvfP_xjbmnOKJBIYAf048f-Nc6NHAgcM2AuF_0mNWfFZtxAQ995nnBcH230GOCP4G_UaJs6ElLJ__B70XRNSAV_zQOhgTExhzsbHN77tR2DwcZpr_s0_S-s3ZwnFzI0Z2UTQ93Z3TmqlrbPWA-PtgDi5eWWUhFX4Qrm0naQsL43MRBIt360m3mpm6ZgZatVqDoVECih6pdqx1HdsvfNUMGAzc4wGJpUu8x2xqntxrePRhmeICBjHNL-BOy3UEOqugkgyDypy_Ly8FAQO_-fwhJ6cg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 video.mp4
content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/ 27 KB
27 KB 1654ms
1653ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/video.mp4?AV_TAGID=64c0f4b686f27acac302e485&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&AV_TEMPID=64c0f366de8084e234054bc8&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7&videoId=64e5aec07d0d0b5eba08f643
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 0be863bb6e247b125306c6f0e6c73d19310aa48189c8c61f3d6cefafcde5a3a1

Request headers

Referer: https://www.hancinema.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=3145728-

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
x-guploader-uploadid: ADPycdt7vGPvgGy72yD5Bl8sjBBIJfXo2VLmbAKXcKMS_tZT1tuPt-NIyY2nO3v1jPP6Jst8Rh0G2M1Z-_7vK87mh5VXfw
x-goog-storage-class: STANDARD
Content-Range: bytes 3145728-3173348/3173349
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 27621
last-modified: Wed, 23 Aug 2023 07:01:31 GMT
server: UploadServer
etag: "3c6682d863fe81792cc659ea63066cfb"
x-goog-generation: 1692774091066661
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cfB6Cw==, md5=PGaC2GP+gXksxlnqYwZs+w==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1693249505.dop215.la3.t,1693249505.cds066.la3.hn,1693249505.cds229.la3.c
x-goog-stored-content-length: 3173349
accept-ranges: bytes

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C546 0
0 111ms
110ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308230101&jk=2155977126573263&bg=!kpGlkd7NAAYkVgHwBFY7ADQBe5WfOF310q28Nh-kHwrCcGSfVmuGgyZODJUGLCuNpN5UyCiSwKagZVRdRQURDq1jpQFLAgAAAP5SAAAABmgBB5kCzV5QOU9hc47oXJNeVWVYSc4b-40KTNfiCV7vUCHsXY7WnFd8K2NlacCDxHySF1WOxV3B__68CmIqrwUPCpUIvq_kKsfxyKA9NZUBeoxmWNrWil2hDd73JndRrk__t0Di91UW39HKBk-9N-3b2m1Okh9-gySL_Vyxk-0FvYcbJs5LNVnaTc0l-daLYT2isokXAHJ9hdX9ZEpg95qhgjemLD0brZABxniwZpyMueMreV0Bvbg7Ss2lEmW4-mlIQ3zOA5J9JdvR3IS_gLXYD7qxlMLqzC-Cg5F_JW7zRh3eWQFSYHToYBT5QvEMa-hJfOi4Frpvc8bf3eMPgD0k7-bAUDSQ7qyzISYDkQ5Sz4fj26WlUas5sC7cQa2LgRjB_ohzZqoSaKyg33f39yBXLt1Vzq0zivaxp9qiUtuIs3enJRPWeIS2hmw03ohl3ejbamjIoNGilp6uF6SodVfcN48Kk-AuKk-n2YH_qs5ZTRkkewQZl5HU7csTAe9MWiask7vMGEBVUCHz7umgvxEvUP5_gL2qgkMnbVxT-IE7tOfhuT0z9GUkn65ZFmP1Hg0TX8uZ403WstpK4XMz5oJnxj8sa7G22pdZi-kp42Huy38GvLerPhCnndaq5ATXICvLTCCecH5-b6vVxGPh6Rb0Lo6EOhUXtvpZuPyXBu_-owb7iIPc9r7dsM_EZGyQhLI3BN5B0-DObRNcTk-4PLyIyS1NDoLGvFmFuBbP4Nwzq01BJcRhvVfRwIx-Pe-mLdF8X9Bzlf8jODahKRZ1q1FOt0u9tQvDJ6_IFaxWIV4PauMsqqy8up_Z1Bw7MPcDBDdBTSEqY1025uWJdSj7cL-FeMqxtb5z5UmglNs0rLBzbDUluVFGqT4f1mY0Rqz8qSj0_rGxHv54KLGlb64Ib6pRLm9e8Q6N3gUuQGDE6Bag8Rwo6q7ub_InotUwQGjdOBuzZg
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C714 0
0 110ms
110ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308230101&jk=891415033002244&bg=!qKulq-TNAAYkVgHwBFY7ADQBe5WfONT4kKYKqTCLKwr0AWoawEqW138xn9FKUH4DplFtVkIOxckOGC2aqreE9cLHTPKDAgAAAPhSAAAACGgBBwoAYLlutFF1AlnNKjDEzY0BqbV56TyOS-LnS-P505D8oJnhenjb-uy8BcACJNEe_ZSN1oF7FpYhIbpSmbmJTaWWYQ-q3zGZ2meslgSZyp49nptsLgOTOlcH6T-MDv3D98Yv8JkC3lVoHAJ5W96McMTS4srhCOPmGZ54Qt77YyjuD0btn6y5ORu-82hvGU_vee0WD1BFtvcdMUrUTALEXB_8ID2ZoLEVO8of5wfrfGzBwuIaejKWKEpr3LEJLxzErJuvNcRFmfDxuU7FuBmASCvCpWdjnCNvarjquZ_c73EkNl-JlJKcLw-GiwPD-zC23NfDqVmuUyefJkd-xA7PF75P_K242tCI0_qGG-MP_DBic-VUy6ew8deQa6zA66c0Ec2B0Tj6xsDVdWyp_h1EFt7o3Qdlba4Jy1PAOSTkplHdU3zblrIyKgDmB1-Q4mBDKTXMC6dJI7eSyrsHVwjqIUAadjrjPiBFO5y03pieOP1JLEW_lpiB-18tMJmKkWIWQOMl9PnZ87vOnwgv_KO31mNer1xlwAZ_r5emjfLSK58nwW6ZDwgug6RYPzULG9-k2e6oYFZG1XQ2wwjr3ajngcTunx1Y8IqpoziX2Ekt65GadCfuli5I26IT-F_EwznPAW_hQtwqyNC9zZMq5m5CnG8Kdh7OfK4iUmlhp6eKtIEzj59bhkL-japCoc68yGfusbD2ph3DvFkeFlq3Z_dWVYWUh5nzLu6OM6PJmg3WyZA_SSC8h7fAyMQrbwilqcgjaVH4dUJDvztkD8WnoKhkCngsnoL6A4NDzfX0_hpXmZ2_e7Mb6CuPe3JvOEb2p-4N7-NITgnCIG6w0t5QmdJMY8C7HEuo1bY0RSXsDbzdjvg649IOm9nPmYfyijiDBdzsCt4Uflj7LKL98UnHQDmxAtZgI6nXyFMKq_pRz1b2in7W_l8jZ9uPBz_NnyEmJkNmHvF-RcYMJA2zgjOx_ABZ7I3_6IbTP7kdAGYBf3YwftUguX9pCCCwCymxit2GRgsWibCM7QkzePEDet1DJcMi_vVphvZtSRzWZAOgwkXiJbLnPl6zc_ezQ65MN4b9J0IJOeN7JuKsvFpt9Hg5vXolLCwQir91
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E28 0
0 144ms
143ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308230101&jk=3964274432023159&bg=!XF-lXxDNAAYkVgHwBFY7ADQBe5WfOM8Y86Dx0LEqQie8twNpfXiKx245bU9UuPFL09AqrlAbg4_bX1y7YTxNmuO2nvvEAgAAAVpSAAAAB2gBB5kCydV6PTjv1rGK3GxcoCN32DJdQrUDnbVxkNHE7zv0HFzaz31IhxvlFQFtNiF2rY5pEcVKlOXoxClt0tHWkLXxiGEfz715cuYqziHv50Rk1Vr2bExDVgntQWZdk9U0GVX9mZsj0AfsOc855wAQDDRAhE-aBhEbvfyj0JyiiymMkhi4pO7OGgGvEX1LBTvW2UiePaG9gi7wuHwYz3ms6eXmavpN39rmSfl5EIiEndeKdaEFEIfXSwE25mgp5vitPoutfDEXdWzGLnJ81EaS-vq3G5nGzDnz0CXMW4rdHbMdPXDIKlCOuGYOnUC019l7xIGhTce1SqgjsbRnsDilUEItx0YNGFN2lF5ou5yIS0q7n0T4MOb-go3Ra1bbazzUa3rQxKV4obbJyCQbUWI5GJuTO96QXIDDitUzk93iVprp6VS2jaajCA35tJMN_EFsLlhNnQtStLVrYlLmMQJ3GTeUWIsukZlaxXxrlTC5qkMQjntDQTzY3ChTRBSQ6pW0OlgZPjRtPKONdEQ2oD2elzCIdNr9miO5W6_vNzcwQWrmjHbEBkuTfyxCYdvuK1FTLFcNGg6ixn2-8R81an7X1bI2OIuHhcHIr-m3KNV3HO-8jM53aiPobEmgjFh_GRMtI4AoDqkjWW4kDTynmezH3omrIlGn8bqwPgwJnRvu_B5fttiXPFj6gord0DeMRw3IImOObP6FV_UeY3wZvJSbMIfLHWUNAKZ8gDVEMnFq63y9iqe8vJLMQ_4QKx6XACWYof6tMNPqQH31V9HyCM7OAmqWA0QjCndfr8oEilSgucvrAfFcephbOaB-xahROwrRPUJPbelzGcNiQ7wUoSj9-ICjvy4KYrX2Ys_ZqczyLjv2nlmPHvRJQ5opoPMOLNaOkm_BC6IIo2MWEA156d7BIKexjOVYSSobb4XqPsOO0J4T1c6QmdsaH4UOwqA4
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D879 43 B
216 B 1246ms
446ms Image
image/gif 3.224.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104607&asId=f6f13464-6490-00dc-722a-153a5b3eb07e&tv=%7Bc:mE4JNT,time:650,type:e,im:%7Bimprf:%7Bttecl:1364,ecd:596,tsecr:2%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:650,n:66,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~1,0~0%5D,as:%5B60~300.250%5D%7D%7D,%7Bsl:o,t:66,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:38,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0,544~30%5D,as:%5B584~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOfYmqH+111%7C121%7C122%7C123%7C124%7C1251%7C1252%7C131%7C132%7C133%7C134%7C135%7C136%7C137%7C138%7C139%7C13a%7C13b%7C13c*.1104607-70775984%7C13c1%7C13c21%7C14%7C151%7C1521%7C153%7C161%7C162%7C163%7C171%7C172%7C173%7C18%7C19%7C1a%7C1b,idMap:13c*,rmeas:1,rend:1,renddet:IMG.qs,siq:27,sis:625%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:06 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D879 43 B
215 B 1156ms
449ms Image
image/gif 3.224.245.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1104607&asId=f6f13464-6490-00dc-722a-153a5b3eb07e&tv=%7Bc:mE4JPl,pingTime:-10,time:740,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xMTAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693249505218%7C%7C1ee86c22c1dde4fef63436f49244b4bf%7C%7Cf3b2a520b07e1265656cdb121718396d%7C%7Cd132a740984923bcc647dfa700b1d0e4%7C%7Ca2ece63566b532f3b785f3511a10fe25%7C%7Ce69bd593839e60d777a93d5d33167409%7C%7C6748f9f7b0b4380a64e44f0ca38f9d3b%7C%7Ce8c9ae781c50ce22204c3352107ecc4a%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1776509735&adk=701384798&adf=3075933881&pi=t.ma~as.1776509735&w=300&fwrn=3&lmt=1693220701&format=300x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500859&bpp=1&bdt=1845&idt=998&shv=r20230823&mjsv=m202308220101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=413432646&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=287&ady=989&biw=1600&bih=1200&isw=300&ish=250&ifk=3845404606&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077328%2C44795910%2C31076995%2C44796700&oid=2&pvsid=454518118224158&tmod=1742144339&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.4mbj52zgbz5p&fsb=1&dtd=1002
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.245.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-245-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:06 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sa.js Show response
media-aso1.com/ Frame C3B4 65 KB
23 KB 137ms
137ms Script
application/javascript 104.21.5.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://media-aso1.com/sa.js?cid=hancinema-net&checksum=11693249505329

Requested by

Host: media-aso1.com
URL: https://media-aso1.com/l.js?cid=hancinema-net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.5.40 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c67098b3e177d58b24bf24bb12037703d9779ebc0570f016d3f6f8e5c4247959

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"5f52cb3715bbf1fb0b83b0681eb0c4d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrDxFsKwmPSmmD5pe2OQ5IhxnARX4CZ2%2BA7s9neWd3Sj6CkyJq3H4h%2FWM8DWkH1jBxc3EUn7DhEcQs%2BAJhnBnN40Trj0yCWIzAvzF9mz7nr%2Bf8EJPqWZ9sYSar9vTX5Qyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7fded2e09937a07d-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 hancinema-net.json Show response
cid.media-aso1.com/ Frame C3B4 738 B
701 B 132ms
132ms Fetch
application/json 172.67.132.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cid.media-aso1.com/hancinema-net.json

Requested by

Host: media-aso1.com
URL: https://media-aso1.com/sa.js?cid=hancinema-net&checksum=11693249505329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.132.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4a4147ee2eca90797757f6525f25a6757e7a93444051acad72ecb2a4d52dd80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: DYNAMIC
etag: W/"349a0b053e03ff2521a3922c7d4d37e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAGHo0Egibq4YQkS1POO2Dv3Vw7MCwgmgWr7zkP3W%2FWKzQh5cCmhWkb1NgKWhQJ1u0VmnQofzJUFdFjWil5fUzey%2B7gJAIDJPr1hM3xqFk9WeJp5v4JeBgbQ2h0bpLGW7YxVKGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7fded2e1bb034a6b-SIN
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.ergadx.com/api/adserver/tag/ 14 KB
3 KB 1743ms
491ms XHR
application/json 18.232.200.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.ergadx.com/api/adserver/tag/?AV_TAGID=64c0f4b686f27acac302e485&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7&AV_DURATION=31&AV_VIDEOURL=https%3A%2F%2Fcontent1.avplayer.com%2F5fd9c7d93f2f4c6ef13a1ec7%2Fvideos%2F64e5aec07d0d0b5eba08f643%2F64e5aec43c145db8960e8ff3%2Fvideo.mp4%3FAV_TAGID&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&AV_TEMPID=64c0f366de8084e234054bc8&videoId=64e5aec07d0d0b5eba08f643&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&AV_CHANNELID=64c0ec6d5297a8b0b9057f15&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=servt.ergadx.com&pce=1&npx=1&AV_DETDOMAIN=www.hancinema.net&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=64c0f4b686f27acac302e485&AV_TEMPLATE=64c0f366de8084e234054bc8&AV_GPID=/5fd9c7d93f2f4c6ef13a1ec7/64c0f4b686f27acac302e485/www.hancinema.net&d36=6.2.121&responsive=1&sver=4&avtoken=505635&omv=1.0.1&AV_D66=8.3.17&clsid=c33dc043-c91f-4923-819e-369cf734629d&rando=70&AV_WIDTH=320&AV_HEIGHT=480&AV_DNT=0&cb=1693249505638&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.232.200.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-232-200-223.compute-1.amazonaws.com
Software: /
Resource Hash: b4fd0a95c3940c95f47c4b5a0d270118845fc08083bc7e0255bed3e6cec5f18a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:07 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://www.hancinema.net
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Thu, 17 Aug 2023 05:18:27 GMT

GET
H2 200 track
servt.ergadx.com/ 0
97 B 340ms
340ms Image
text/plain 34.233.157.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.ergadx.com/track?r=www.hancinema.net&sn=&ic=0&tgt=0&app=&wi=320&he=480&test=&d36=6.2.121&apppkg=&fv=1&proto=https&d66=8.3.17&clsid=c33dc043-c91f-4923-819e-369cf734629d&rando=70&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&stagid=64c0f4b686f27acac302e485&stplid=64c0f366de8084e234054bc8&e=inventory&vi=100&cb=1693249505637
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-157-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 logtail.js Show response
cdnjs.cloudflare.com/ajax/libs/logtail-browser/0.3.0/dist/umd/ Frame C3B4 12 KB
4 KB 99ms
99ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/logtail-browser/0.3.0/dist/umd/logtail.js

Requested by

Host: media-aso1.com
URL: https://media-aso1.com/sa.js?cid=hancinema-net&checksum=11693249505329

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981ec7d904ff8121067903404a3f1254cd933472d1bacf3a4b748c238a80a8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.hancinema.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6058438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3962
last-modified: Mon, 27 Feb 2023 22:34:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63fd2fec-f7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oGGJW3wo%2BJ9tMqz%2BjsxCQTxzq5OdnBFG%2F00H6Y9BLfQnpIxKny7MG8FL873skPDXXVhjwwnum3kSeBDfFWnuRoCqZT5sAp%2Bin%2FZU9ABaWXeM2erB2ZhNh2V%2FmRP1D0UaeRfVtdw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fded2e2ad0d4012-SIN
expires: Sat, 17 Aug 2024 19:05:05 GMT

GET
H2 200 prebid8.3.0v1.js
lib.media-aso1.com/ Frame 0B02 11 KB
0 912ms
151ms Script
application/javascript 172.67.132.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.media-aso1.com/prebid8.3.0v1.js

Requested by

Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.132.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:06 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: EXPIRED
etag: W/"8336b285365e59e889960a748db7bbf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2%2F6xgwm%2F%2FUk07UNlaAng0COMOAgRlFlUy76uWUpAKhn%2BAocr9vWRYhmGJPTpiKH0uaAPagJ8H%2FsSpaqSor3BXgRTpgbj37xab5mSP0agC3nt%2BfBqW5PNwJP2W9PfzmNp7G2ZZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7fded2e77acd18a8-SIN
alt-svc: h3=":443"; ma=86400

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 9062 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 5E10 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 741A 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame F439 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 4E76 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame A115 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 0221 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 6D57 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame AA3D 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 1E61 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame A2A5 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame F076 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 22E1 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 2626 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 15C7 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 0E81 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame CCF6 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 422E 0
0

GET prebid8.3.0v1.js
lib.media-aso1.com/ Frame 4E07 0
0

OPTIONS
H2 200 /
in.logtail.com/ Frame 0
0 1086ms
275ms Preflight 135.181.123.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://in.logtail.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.123.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.123.181.135.clients.your-server.de
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.hancinema.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: accept-encoding, content-type, x-logtail-token, accept, authorization
access-control-allow-methods: POST
access-control-allow-origin: https://www.hancinema.net
access-control-max-age: 3600
content-length: 0
date: Mon, 28 Aug 2023 19:05:06 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H2 202 / Show response
in.logtail.com/ Frame C3B4 0
146 B 2289ms
2289ms XHR
text/plain 135.181.123.227
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://in.logtail.com/
Requested by: Host: media-aso1.com
URL: https://media-aso1.com/sa.js?cid=hancinema-net&checksum=11693249505329
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 135.181.123.227 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.227.123.181.135.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
authorization: Bearer aDbz3iynWDwEZAyQKq68CaPP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://www.hancinema.net
date: Mon, 28 Aug 2023 19:05:08 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CC6F 15 KB
12 KB 96ms
95ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

7a451a2020cc0d35b07f985182ee8086172fb6edb2404b2e3302cf22bf5789df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11709
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CC6F 17 KB
6 KB 90ms
90ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308230101/show_ads_impl_fy2021.js?bust=31077388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:05:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F129 15 KB
12 KB 129ms
128ms XHR
application/json 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

cafe /

Resource Hash

1f7d640a8b0bd536beeb63eb6ddb50d918315f176eb08fed4dbb0b6e789f1412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0

POST
H2 200 3fdd00af3e30dbdc694fafaab657eed8e21af8e4628c0e96e4cb Show response
thomastorch.com/send/ 284 B
790 B 1679ms
476ms Fetch
application/json 34.149.46.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://thomastorch.com/send/3fdd00af3e30dbdc694fafaab657eed8e21af8e4628c0e96e4cb

Requested by

Host: thomastorch.com
URL: https://thomastorch.com/v2mbeU5zJGJjtgNYOJt7DifKywDey9yi_8u6KgwTAa0CFnM79y5dkNgw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.46.149.34.bc.googleusercontent.com

Software

Resource Hash

9076dc4f5110cc40afaebff968b7740deddc5060e9b33a783ace21888cb4c614

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Mon, 28 Aug 2023 19:05:08 GMT
via: 1.1 google
x-buildnumber: 975004442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hancinema.net
x-hostname: fen-hoothoot-asia-east1-spot-0scq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Mon, 28 Aug 2023 19:05:06 GMT

GET
H2 206 video.mp4
content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/ 1 MB
0 267ms
266ms Media
video/mp4 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avplayer.com/5fd9c7d93f2f4c6ef13a1ec7/videos/64e5aec07d0d0b5eba08f643/64e5aec43c145db8960e8ff3/video.mp4?AV_TAGID=64c0f4b686f27acac302e485&pid=5fd9c7d93f2f4c6ef13a1ec7&cid=64c0ec6d5297a8b0b9057f15&AV_TEMPID=64c0f366de8084e234054bc8&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7&videoId=64e5aec07d0d0b5eba08f643
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.hancinema.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=32768-

Response headers

date: Mon, 28 Aug 2023 19:05:07 GMT
x-guploader-uploadid: ADPycdt7vGPvgGy72yD5Bl8sjBBIJfXo2VLmbAKXcKMS_tZT1tuPt-NIyY2nO3v1jPP6Jst8Rh0G2M1Z-_7vK87mh5VXfw
x-goog-storage-class: STANDARD
Content-Range: bytes 32768-3173348/3173349
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Content-Length: 3140581
last-modified: Wed, 23 Aug 2023 07:01:31 GMT
server: UploadServer
etag: "3c6682d863fe81792cc659ea63066cfb"
x-goog-generation: 1692774091066661
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=cfB6Cw==, md5=PGaC2GP+gXksxlnqYwZs+w==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1693249507.dop215.la3.t,1693249507.cds066.la3.hn,1693249507.cds229.la3.c
x-goog-stored-content-length: 3173349
accept-ranges: bytes

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F129 17 KB
6 KB 172ms
172ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308220101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 28 Aug 2023 19:05:07 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE53 13 KB
5 KB 91ms
91ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:03:33 GMT
expires: Tue, 27 Aug 2024 19:03:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 79BD 829 B
786 B 95ms
94ms Document
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

GSE /

Resource Hash

b4da667d037dda2a415af7b9b9f758cf5b58520944c0c22dddfc79bb0a157c35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_sueSIgc1eMhoMexRv2QyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-_sueSIgc1eMhoMexRv2QyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:07 GMT
expires: Mon, 28 Aug 2023 19:05:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 79BD 0
0 92ms
92ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=2118434397584407&rc=
Requested by: Host: www.hancinema.net
URL: https://www.hancinema.net/korean_jerome.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame EE53 37 KB
14 KB 98ms
98ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

POST
H2 204 rum Show response
www.hancinema.net/cdn-cgi/ 0
191 B 151ms
150ms XHR
text/plain 104.26.0.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hancinema.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.0.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hancinema.net/korean_jerome.php
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Mon, 28 Aug 2023 19:05:07 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.hancinema.net
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fded2ec58fd897a-SIN

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame EE53 0
38 B 163ms
163ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oxge3g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6D10 248 KB
61 KB 758ms
334ms Script
application/javascript 52.84.228.19

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.19 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 18:19:48 GMT
content-encoding: gzip
via: 1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront), 1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:53 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN2-C1
age: 2722
x-amz-server-side-encryption: AES256
etag: W/"761fb227b5d9333f86d2e976465cc3f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: oTH26bzAdHtNi8DTLDXrs0SZiDxmEUr9VScuUO3anOUGWy-QBZqUHg==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 156 B
673 B 1233ms
282ms Fetch
text/xml 142.251.175.155

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/21928950349,22648924653/hancinema.net_desktop_0.50&description_url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&tfcd=0&npa=0&sz=1x1%7C320x180%7C320x240%7C400x225%7C640x360&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&vpos=preroll&correlator=378953986151153395&cbb=3249507388

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ 156 B
186 B 1285ms
334ms Fetch
text/xml 142.251.175.155

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/21928950349,22648924653/hancinema.net_desktop_0.40&description_url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&tfcd=0&npa=0&sz=1x1%7C320x180%7C320x240%7C400x225%7C640x360&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&vpos=preroll&correlator=378953986151153396&cbb=3249507388

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.155 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.ergadx.com/ 0
97 B 369ms
368ms Image
text/plain 34.233.157.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.ergadx.com/track?d=Chrome&cou=SG&cos=Windows&r=www.hancinema.net&rs=www.hancinema.net&sid=71200&t=1693249507&cip=128.106.95.57&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=320&he=480&app=&AV_PUBLISHERID=5fd9c7d93f2f4c6ef13a1ec7&test=&d64=979f14448422bcee43f2ada0166d803c&d63=979f14448422bcee43f2ada0166d803c&aafaid=&proto=https&uid=1693249507085-990156603239-001211-001-003987&cha=0.7&stagid=64c0f4b686f27acac302e485&stplid=64c0f366de8084e234054bc8&d35=&d36=6.2.121&cb=37895398615&d39=&d65=&d66=8.3.17&d74=&d56=&apppkg=&d9=0000&d37=realtime&pt=2&d66=8.3.17&d74=&stagid=64c0f4b686f27acac302e485&stplid=64c0f366de8084e234054bc8&cvid=64e5aec07d0d0b5eba08f643&cpid=&str=autostart&cmssynd=%255B%255D&AV_WIDTH=320&AV_HEIGHT=480&nid=5fd9c7d93f2f4c6ef13a1ec7&ncid=64c0ec6d5297a8b0b9057f15&e=request&cb=1693249507390&asid=64d3228fbd1622a5d5061074%2C64d322919e947d34df0777d5%2C64dc89e4387b8d20ce0aec04%2C64ca0150cbf69ab37e0fc048%2C60e56e3149f08b0da30e20b8%2C60e56e8a6b523e78c751652c%2C60e72a1639691f793e202b65%2C60e72c357a1ebc08c851d4e6%2C64d32250d2aa3cc3e103057a%2C60e4a817bfae182cb2020b94&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-157-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:08 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 121F 13 KB
5 KB 420ms
418ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 94
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:03:33 GMT
expires: Tue, 27 Aug 2024 19:03:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 12E6 829 B
769 B 419ms
419ms Document
text/html 74.125.200.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f147.1e100.net

Software

GSE /

Resource Hash

4f466a21eed9c971c5b2d8b563cde989515c4fec0a48959ef781c115e9945bc4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_ToWGUQXXrAIYYPUIE1jDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hancinema.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-_ToWGUQXXrAIYYPUIE1jDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 19:05:07 GMT
expires: Mon, 28 Aug 2023 19:05:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 104ms
103ms Ping
text/plain 74.125.130.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7FMFX3JNYC&gtm=45je38n0&_p=784031315&cid=710989253.1693249501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1693249500&sct=1&seg=0&dl=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&dt=Jerome%20(%EC%A0%9C%EB%A1%AC)%20%40%20HanCinema&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FMFX3JNYC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 19:05:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hancinema.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC6F 0
0 104ms
104ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=2118434397584407&bg=!Z2SlZCvNAAYkVgHwBFY7ADQBe5WfOIiDeAqytu-4axgnb_7mElTLM9EQZ-9REavT900bFz33Psqfuy4KLu497beLLeARAgAAAFBSAAAABmgBBwoAXvysl6jTutzfbzuNiarNY-3U1JsfgJcRUe8PSRjvQrGyMr9airTpe1hfuyT6vEnITpn1hKX1bGxmjvlne7L3_VOtcLD2h90fK7WDfeLStU7F3QeTQDB9iPDhimr-I5WZAsv1_MIapq6vuZGZ6R9QfzLP6nZYsRMuYkodQi_yyLfUAmPBv8dtxJfHi4U8gFTWLEggcFB-HijGoZmO2AhEj69T3A4pjJhoJyEQmzgKSreGpYUu9xyU1btZ_jEdv7lmXMnJ7AQKmA9GvfdfjUOx-LsKrfe2raC3oGJO7q9R5GwDhNltYP7wzV8pph6XJEO1gGOKCKbdYLig7cA-2-Adu5k08X7AX87Zh7vipCSDyhQuGeLaHpaAOYUdw--zmvGPiVNsxpxsKuqn6rxMFPkRkOLT0c3JakQvNOM7HP_PPcDNx63VS0dAkPbG0g1BkCKFbOhoOSbgM5_InfyDhElHIC9wMZXIu2yrPeglHyJfTpZBEpWOWbPFtPPpCNizAbaoR2tPeCyEyHwBgXAhtQla2o0AhciduAxyWhxoeEUbCItMTUdvqTbwuqg5fPfMMD2f1Z8hxMRp3NWKPdtG2CoSDutplmvNFRx-CmqHo8pnk8BJSW3GnU7v2naBHJ3vqOM1tVNkSHhfu0jeSBF1ujiWR-cO-rtcgpy1pUuvQNq21vLSPuY2IxeptF84zur4_n5kQ7K0Z_9_iKLcw35t2ABIO9PJCspY7DcdXHd4d4BDBigYmYqahMEcchfBlg-kFe0MbWqgdAJ6quR1zpFuYqRM62W05IEPOyfqA8Mk3h2GKRKltzeRhEf4oRI-QARZ4oqYdYUjlULE9-DnHt4ZQSznIim3XnIAZ4m0Q_gyOv8Wu8rDGj74G161Gxin5PBur3SoefjKfDhcY7Ql_uHz_Anl8y6T6P-X039GtQSyhA-V6VK2ndCYpKzYDqZeik1mEiOTXRhAniJ41MeZN8IUDdY3ax91xvz7uN3olmIqgOJwqq7HbuJdhDcB_KLiI0p9i_h_cPlK0dU9UpLOUJpT3fQTBbmvmmU72aCEBJdQtntxUilMBB_mwGpBs2DnFPrW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 12E6 0
0 194ms
194ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=454518118224158&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js Show response
pagead2.googlesyndication.com/bg/ Frame 121F 37 KB
14 KB 256ms
256ms Script
text/javascript 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f154.1e100.net

Software

sffe /

Resource Hash

d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 19:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 429061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14706
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 19:54:07 GMT

POST
H2 200 75cd32372d3b181041f36f7c23351f61f8cee7df7b2badfa7da4 Show response
thomastorch.com/ 7 KB
2 KB 163ms
163ms Fetch
application/json 34.149.46.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://thomastorch.com/75cd32372d3b181041f36f7c23351f61f8cee7df7b2badfa7da4

Requested by

Host: thomastorch.com
URL: https://thomastorch.com/v2mbeU5zJGJjtgNYOJt7DifKywDey9yi_8u6KgwTAa0CFnM79y5dkNgw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.46.224 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

224.46.149.34.bc.googleusercontent.com

Software

Resource Hash

561850fd99429425ab1ff4ffbac47360e470389f6762497c5cd19b81297eff16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Mon, 28 Aug 2023 19:05:08 GMT
x-buildnumber: 975004442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1488
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hancinema.net
x-hostname: fen-hoothoot-asia-east1-spot-0scq
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 121F 0
38 B 137ms
137ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2etwmA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F129 0
0 127ms
127ms Image
text/html 142.251.10.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=454518118224158&bg=!kpGlkd7NAAYkVgHwBFY7ADQBe5WfOGJml78FgC0Hh4ezUuGDKfJsstgafNMPp-10qCdz7uAP2n74nCe7gfNQRYmZyZ4kAgAAAF1SAAAABWgBB5kC5uRi6vwgBMURrKNiamhwmXaFYVKU_3nHP0LYkFLj7Y-1yk_tzxiUM7XdCcLeRuqnKury17fFykPk-L1xqT64HYOI3UmQ0xnP0pCy5NRGO-9_vxWI4A7eFfpUHhRoVoTBHdcvez3p-iw7fim19ZRezS9MCh8A8bqVqb7ILhGTrhJ3r5nS8ZF-Pr4vP8wmp3pNKibPj9GndqeZvmFsXmjQl0ivxH-dMZbrxk8J-TnHlo-ZmMhPy2C9uX1n0NYtjJGdga42ia6VA_Pw2V85aml7Ast0i-MkUpKns-PNvhYxSXhSthHoyzaoHCNCzgImBTJF_BH56XhuUDgWjlKr65GLLp-vD8L9fsrq1uwJEJpZ0GbPp5kv7BrsOUkHY-C2KwyyNkMaiy7_KmEydosclq9pvlwKk0KU6S2YHE985S4eOuk2j3O-88cKhb8iQoljBOpVF28OP-l90GtdnSWVKoVwQhViibyUBQlM7HBvaVJ8pR37PLjbeca8LvfbP1Fw30L25kVgbj9yfKXn9V-Zd7rCUqbe4K6MDCvEoBXLRfxbqymFfQELd62lXTThmam-IhbketCmxdSYt8YqITH9oYjIyvHyP60GP3l1LoRCm3XGBQPaRhsbuExhYQDm-On2AzdXH1ECAM3F47DclbSn_L5-inGMZOfE6QMhwSDzi4nbX7V6jzrxpKtSrKqpksG0di_ZWAZms3KlAQl8_YtPttHtm4pIVdgGDAQ-KOg_sUsLDGrEpxZnL2VbdIvVvJGvGPpIIBAVIw7cewDYmzPGS0CYD2UqH_30o-69TwR1LNDYOifo5GMjNLlEJMbXoyWh5DS9ES_b7vXMZ4_YCNbe2g0t0Oi4MKecIf_3san73Hnk39oLAsEF8SVbQQqFf2d9lM-6zDvthjUMFbJUzX5M78L6Cczft8pXWXl76adK4Q6VIZt8btA-Q9dpgtd4JNLzaIgmOcvFl_xnqw-lc2FiRZbQ3BW9n58RpUQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f154.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

POST
H2 200 / Show response
2pqo3eid5b.execute-api.us-east-1.amazonaws.com/ Frame C3B4 30 B
222 B 657ms
657ms XHR
text/plain 34.196.183.221

General

Check archive.org

Show headers Download Go to

Full URL: https://2pqo3eid5b.execute-api.us-east-1.amazonaws.com/
Requested by: Host: media-aso1.com
URL: https://media-aso1.com/sa.js?cid=hancinema-net&checksum=11693249505329
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.183.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 332cd86ba44e46beccbf913dbf6b3eefb407d8779cf3f4ec0b62d05f26cc71c1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 19:05:10 GMT
access-control-allow-headers: Content-Type
content-length: 30
apigw-requestid: KYpsGhUEoAMEVtA=
access-control-allow-methods: OPTIONS,POST
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 /
2pqo3eid5b.execute-api.us-east-1.amazonaws.com/ Frame 0
0 1130ms
360ms Preflight 34.196.183.221

General

Check archive.org

Show headers Download Go to

Full URL: https://2pqo3eid5b.execute-api.us-east-1.amazonaws.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.183.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hancinema.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
apigw-requestid: KYpsAjoKIAMEVIg=
content-length: 0
date: Mon, 28 Aug 2023 19:05:10 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6D10 6 KB
3 KB 348ms
92ms XHR
application/javascript 52.84.228.19

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.19 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 0676a5fe6935c768360b164abce6620e.cloudfront.net (CloudFront)
date: Mon, 28 Aug 2023 02:22:26 GMT
x-amz-cf-pop: SIN2-C1
age: 60164
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _Gw9RJw9lKWxTeWb7UJLgF8USO6nOr1lJbUbjdOx0B9LSp4NYv1pKg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 6D10 0
311 B 88ms
88ms XHR
text/plain 52.84.228.19

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.hancinema.net&pubid=8967f5df-f021-47e5-8795-2b120e2cfc5b
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.19 -, , ASN (),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 18:20:02 GMT
via: 1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-C1
age: 2706
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.hancinema.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: pWjN91aFqal8oWWwMq-uGS9C6X4sNvQErBSWwTXlYT_8nxBPK6A3Uw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 6D10 23 B
357 B 381ms
97ms XHR
text/javascript 13.35.23.2

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&pid=QPbvuPTOgcxnj&cb=0&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22Amazon_320x480%22%2C%22mt%22%3A%22v%22%7D%5D&pubid=8967f5df-f021-47e5-8795-2b120e2cfc5b&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.23.2 -, , ASN (),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.hancinema.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 19:05:09 GMT
via: 1.1 101fe44f3abacff135b2a73264d75b1e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN5-C1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.hancinema.net
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: E_siNkyUQ6oZfbvpwxew1YaDcYcZMObQR5Iu4l7jPhJEAl4IEWJE1w==

POST
H2 200 track
servt.ergadx.com/ Frame C46C 0
120 B 349ms
349ms Ping
text/plain 34.233.157.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.ergadx.com/track?r=www.hancinema.net&sn=&ic=0&tgt=0&app=&wi=320&he=480&test=&d36=6.2.121&apppkg=&fv=1&proto=https&d66=8.3.17&clsid=c33dc043-c91f-4923-819e-369cf734629d&rando=70
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5fd9c7d93f2f4c6ef13a1ec7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.157.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-157-77.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hancinema.net/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 28 Aug 2023 19:05:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Domain: lib.media-aso1.com
URL: https://lib.media-aso1.com/prebid8.3.0v1.js

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.hancinema.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 00jcvmdai4q49mvqjg5l78ed44
.hancinema.net/	1970-01-20 23:56:49	Name: _ga_D18Y2PQ82H Value: GS1.1.1693249500.1.0.1693249500.60.0.0
.openx.net/	1970-01-20 23:06:25	Name: i Value: a5a7e03d-1113-4617-bb3f-b5096092cd0a\|1693249501
.casalemedia.com/	1970-01-20 23:06:25	Name: CMID Value: ZOzv3ZySjNqoNMARhv4k2AAA
.casalemedia.com/	1970-01-20 16:30:25	Name: CMPS Value: 4896
.casalemedia.com/	1970-01-20 16:30:25	Name: CMPRO Value: 4896
.hancinema.net/	1970-01-20 23:56:49	Name: _ga Value: GA1.2.710989253.1693249501
.hancinema.net/	1970-01-20 14:22:15	Name: _gid Value: GA1.2.1582855792.1693249501
.hancinema.net/	1970-01-20 14:20:49	Name: _gat_gtag_UA_81279_1 Value: 1
.doubleclick.net/	1970-01-20 23:56:49	Name: IDE Value: AHWqTUm7tLcwvr77mStGt1c8KzoH6lq_SWKcwxpZYOCEJgqg4BOyowui5EdwwF8ODB4
.demdex.net/	1970-01-20 18:40:01	Name: demdex Value: 39129202267706666332832405549621127348
.yahoo.com/	1970-01-20 23:06:47	Name: A3 Value: d=AQABBN3v7GQCEGpwwZYyZ9FzM81YBptQojMFEgEBAQFB7mT2ZK9E8HgB_eMAAA&S=AQAAAtS4Y8BwHqZJgsDoIfeY8IA
.pubmatic.com/	1970-01-20 14:22:15	Name: KTPCACOOKIE Value: YES
.dpm.demdex.net/	1970-01-20 18:40:01	Name: dpm Value: 39129202267706666332832405549621127348
.pubmatic.com/	1970-01-20 23:06:25	Name: KADUSERCOOKIE Value: BDBDAC35-3AE9-4A14-AC7C-7E83BCEAD555
.analytics.yahoo.com/	1970-01-20 23:06:25	Name: IDSYNC Value: 18gs~2dlv
.agkn.com/	1970-01-20 23:06:25	Name: ab Value: 0001%3Az03jc6MG8ISys3SMhOKv8ILxJI3KJEMA
.hancinema.net/	1970-01-20 23:06:25	Name: cf_clearance Value: _NEYigdQCbBQDtsQ.OljQXMFnJzCTnG17n_rGDzFhWo-1693249501-0-1-3d424bb0.ab018ed6.6a431450-0.2.1693249501
.rubiconproject.com/	1970-01-20 23:06:25	Name: khaos Value: LLV919CK-1P-LSQ6
.rubiconproject.com/	1970-01-20 23:06:25	Name: audit Value: 1\|ArgmPW905cA+3fXLIWrLgHQsRlyt059hnvt6KbKSNoOXiD+pr+sOsOLC1zMpm0S27T3+yxMGFdYwHTRO1/p4iG+SaIEDnvuIGsWXjmLQ3PdOZm3JxukpuWzUKoox0yO4Oq8TxZcGGGhNH3vRAwe7272UUgrhtPmiI/PfBjp7gqT9HsXPn9CGbQ==
.pubmatic.com/	1970-01-20 15:04:01	Name: KRTBCOOKIE_1051 Value: 22884-18072662105505648232
.pubmatic.com/	1970-01-20 15:04:01	Name: PugT Value: 1693249501
.bluekai.com/	1970-01-20 18:45:47	Name: bku Value: CH999BlFfsx8r3/7
.bluekai.com/	1970-01-20 18:45:47	Name: bkpa Value: KJy9qQYHd02pSUHknpx01MAdSVx21EQyBp/tBM/h1eDN1eDtBeQ01p/ZzZPASU/2ScH6zc1k16Wk1ARk1AjCn7H0SVJCqsjNztkFqi8Mqt6k1AjonZNC5sBGJEBszYDpHs/pJE/t5uDpHYD0Ba2YuN2PPDkW9yemHCdF
.krxd.net/	1970-01-20 18:40:01	Name: _kuid_ Value: Pwz5CA8l
.tribalfusion.com/	1970-01-20 16:30:25	Name: ANON_ID Value: aynN7ERwEfZcS2QVoq7vnS8jxUIQ9f5WF5WCISj4UYebrUGN89fRcBtWa7s1Zdm8n5fRZd4cxUZcUZbEEP7eOoI6E4wknG9qudXN0CCOV816k6TZc42DFybSJRZacPrNRV9R6ZcAWgS4Zakv1ZaVbk5EKJXMruYyY16U36WkXjnvuSCKiH
.bidgx.com/	1970-01-20 15:04:01	Name: rj6u Value: 1
.bidgx.com/	1970-01-20 23:06:25	Name: aso_uid Value: 0e43b87091d6c42f36b12fc25795f16076404541
.adsrvr.org/	1970-01-20 23:07:51	Name: TDID Value: 54654ce3-5261-486a-8ba4-241834b4aca1
.adsrvr.org/	1970-01-20 23:07:51	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIqIvX8_aAlDwQBRgFIAEoAjILCPLEuZ-NgZQ8EAU4AQ..
.ladsp.com/	1970-01-20 14:20:53	Name: cr Value: 1
.quantserve.com/	1970-01-20 16:30:25	Name: d Value: EFkBCQHoKYEA
.quantserve.com/	1970-01-20 23:51:03	Name: mc Value: 64ecefde-ce152-73f3f-53870
.bidgx.com/	1970-01-20 15:04:01	Name: i4jm5 Value: 1
.c.appier.net/	1970-01-20 23:07:51	Name: _auid Value: -maOvxm1BUufkl5V3u_sZA
.c.appier.net/	1970-01-20 15:04:01	Name: _gu Value: CAESEJZppIBhd6LB-kxWZAFM4EM
.ladsp.com/	1970-01-20 23:56:49	Name: smn_uid Value: GGs1PIXwIxKCK1KnYkHArA-zDtwduxQ
.ladsp.com/	1970-01-20 23:56:49	Name: lum Value: CPb9o-yjMRIFCAEQqAE
.hancinema.net/	1970-01-20 23:42:25	Name: __gads Value: ID=f18f0cacea40f505:T=1693249502:RT=1693249502:S=ALNI_MbeSkXFQsDHHCmHTPmnWalEg8xHCg
.hancinema.net/	1970-01-20 23:42:25	Name: __gpi Value: UID=00000c353baa99d6:T=1693249502:RT=1693249502:S=ALNI_MbLRDYNRTmFb5fzW2xSynvBFpr11A
.dotomi.com/	1970-01-20 14:20:49	Name: DotomiTest Value: 3ee2ef31bf722538
.doubleclick.net/	1970-01-20 18:40:01	Name: APC Value: AfxxVi7u_h7oYwFpICY1vw7qDQ9YiLpBItvsNyHpYjhSDcMyaA3xbg
.zemanta.com/	1970-01-20 23:06:25	Name: zuid Value: wAtcaoWyc4lJEedYVZQx
.hancinema.net/	1970-01-20 14:20:49	Name: lotame_domain_check Value: hancinema.net
.hancinema.net/	1970-01-20 23:56:49	Name: _ga_7FMFX3JNYC Value: GS1.1.1693249500.1.0.1693249503.0.0.0
.crwdcntrl.net/	1970-01-20 20:49:37	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:49:37	Name: _cc_id Value: 64b4aabce2728a435ac9291c9fe1b302
.hancinema.net/	1970-01-20 20:49:37	Name: _cc_id Value: 64b4aabce2728a435ac9291c9fe1b302
.hancinema.net/	1970-01-20 14:30:54	Name: panoramaId_expiry Value: 1693854304224
.hancinema.net/	1970-01-20 14:30:54	Name: panoramaId Value: ed53a4c1b23e6880173d776bb45116d539386d268f80900163bec6c845b109de
.hancinema.net/	1970-01-20 14:30:54	Name: panoramaIdType Value: panoIndiv
.criteo.com/	1970-01-20 23:42:25	Name: uid Value: 5b786e48-3b92-48d1-82c2-bc3ad90f7abc
.everesttech.net/	1970-01-20 23:06:25	Name: everest_g_v2 Value: g_surferid~ZOzv4AAAAj5xhAAb
.hancinema.net/	1970-01-20 23:42:25	Name: cto_bundle Value: R4gCg19tOWppaG0zVktGVlB4OThFNGdwenp2YWVUTkl0S1M3ckZBVDZCTTF5Y2YydDlvN282QjN2RyUyQkNoWm5VWVklMkZTYUZFMkRWY0c3V0plUnppcGk4a1o5bXBIaCUyRm1uZnhUbXNPemNsTUVUOGx2UTlhM3hNTW1BJTJGNmFXUVFRYUJ5ajZQSEYwTFMySyUyQk4lMkZvTnR2Ukk0RSUyQkY5ZyUzRCUzRA
.mediago.io/	1970-01-20 23:06:25	Name: __mguid_ Value: a6873b07c48a7df2469b5f5974af3675
.yahoo.co.jp/	1970-01-20 23:07:51	Name: XA Value: 2emlf6dieprv0&sd=A&t=1693249504&u=1693249504&v=1
.yahoo.co.jp/	1970-01-20 23:56:49	Name: XB Value: 9iir2kdieprv0&b=3&s=fb
.bidswitch.net/	1970-01-20 23:06:25	Name: c Value: 1693249505
.bidswitch.net/	1970-01-20 23:06:25	Name: tuuid_lu Value: 1693249505
.bidswitch.net/	1970-01-20 23:06:25	Name: tuuid Value: 6cc8ad22-7b4e-419c-992b-afbd3d10b073
.ergadx.com/	1970-01-20 14:49:37	Name: aniC Value: 1693249507085-990156603239-001211-001-003987
pool.admedo.com/	1970-01-20 23:06:25	Name: tuuid Value: 22a4e9b0-790c-4247-943d-324e775b6d30
pool.admedo.com/	1970-01-20 23:06:25	Name: c Value: 1693249507
pool.admedo.com/	1970-01-20 23:06:25	Name: tuuid_lu Value: 1693249507
.hancinema.net/	1970-01-20 23:49:37	Name: _awl Value: 2.1693249508.5-8b76649d3b9a81abdeb2d32b481781bc-6763652d617369612d6561737431-0
.hancinema.net/	1970-01-20 23:49:37	Name: _admrla Value: 2.2-1d6a9595e5b0f384-df44f01e-45d0-11ee-9193-43ae4fe5eb55

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662105505648232&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1612871806153672&output=html&h=250&slotname=1054740416&adk=1151663206&adf=3965729263&pi=t.ma~as.1054740416&w=970&lmt=1693220701&format=970x250&url=https%3A%2F%2Fwww.hancinema.net%2Fkorean_jerome.php&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693249500906&bpp=1&bdt=1924&idt=913&shv=r20230823&mjsv=m202308230101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3089863421112&frm=23&ife=1&pv=1&ga_vid=710989253.1693249501&ga_sid=1693249502&ga_hid=1077704268&ga_fc=1&nhd=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=62&biw=1600&bih=1200&isw=970&ish=250&ifk=3625047482&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31077324%2C31077388%2C44796634&oid=2&pvsid=2118434397584407&tmod=923722436&uas=0&nvt=1&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rh0ht7ugpjvd&fsb=1&dtd=919 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEDjp_YRTSs7sS5FBLhn-TFg&google_cver=1&google_push=AXcoOmSDp_xpnSW63jANiq9Df7atKzTR3b93JyHSrJUOJ0WszrRMx-t3fm9aW0LJ4nS-2lTGHobXpnUm60JFUbmUrKghUIszJKxUCQ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEJL1MUl3tMnhtKe1cVSpC00&google_cver=1&google_push=AXcoOmQLdjq-hBzxN0DhIYsDJNgKju8na99zPhbf65u4kPtY-I9iH_z5SkshysRc1AftE12NHpSWe9R6R56DSeN9w4RnMYCMMezfqefV4VhOmanKohqcBT7Q1N7rNw2lrokTiLafJv_RG-dpwDKL2w1e9vvaSyg Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

07c225f3.online
21136e6aa79854648d1bed6699699d3f.safeframe.googlesyndication.com
2pqo3eid5b.execute-api.us-east-1.amazonaws.com
3ea317513bf284d022cde2710ba14a12.safeframe.googlesyndication.com
96bab9142c6f4b8d85fd7bb26a739688.safeframe.googlesyndication.com
a.c.appier.net
a.tribalfusion.com
aa.agkn.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.as.criteo.com
analytics.google.com
app.cauly.co.kr
b1-sindc1.zemanta.com
b1sync.zemanta.com
b1t-sindc1.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
c.amazon-adsystem.com
cat.sg1.as.criteo.com
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cid.media-aso1.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cms.quantserve.com
content1.avplayer.com
cr-p1.ladsp.com
csm.as.criteo.net
d1tbj6eaenapdy.cloudfront.net
dclk-match.dotomi.com
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
feed.avplayer.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
imageproxy.as.criteo.net
images.hancinema.net
in.logtail.com
invstatic101.creativecdn.com
lib.media-aso1.com
match.adsrvr.org
media-aso1.com
media.bidgx.com
pagead2.googlesyndication.com
partner.googleadservices.com
photos.hancinema.net
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pool.admedo.com
pubads.g.doubleclick.net
public-prod-dspcookiematching.dmxleo.com
rtb.jp2.as.criteo.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
serv.ergadx.com
servt.ergadx.com
simage2.pubmatic.com
srv.bidgx.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.bluekai.com
tags.crwdcntrl.net
tags.expo9.exponential.com
tg1.ergadx.com
thomastorch.com
tpc.googlesyndication.com
trace.mediago.io
track.bidgx.com
ups.analytics.yahoo.com
us-u.openx.net
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
www.googletagservices.com
www.hancinema.net
x.bidswitch.net
lib.media-aso1.com
sync.search.spotxchange.com
103.195.32.131
103.229.10.180
104.16.57.101
104.17.24.14
104.18.12.219
104.18.25.173
104.21.12.31
104.21.5.40
104.26.0.212
104.69.166.9
13.224.249.77
13.228.126.19
13.231.16.113
13.33.45.231
13.33.88.98
13.33.92.130
13.35.23.2
133.186.161.88
135.181.123.227
139.162.58.205
141.95.98.65
142.251.10.154
142.251.10.94
142.251.12.148
142.251.12.156
142.251.12.157
142.251.175.155
151.101.193.229
151.101.66.49
172.217.194.149
172.64.148.101
172.64.152.89
172.67.132.240
172.67.38.106
172.67.69.92
174.137.133.49
18.232.200.223
18.65.39.30
182.161.73.129
182.161.73.132
182.161.73.136
182.161.73.142
182.161.73.148
182.161.73.159
182.161.74.19
183.79.219.252
184.51.97.203
216.239.32.181
23.108.101.161
23.207.181.73
23.32.29.90
3.224.245.106
34.149.46.224
34.196.183.221
34.233.157.77
34.96.70.87
35.164.29.234
35.208.249.213
35.213.12.39
35.244.159.8
35.71.131.137
52.192.160.122
52.74.107.222
52.74.240.101
52.84.228.19
54.151.165.0
64.233.170.154
67.199.150.81
67.199.150.86
69.16.175.10
69.16.175.42
69.173.158.64
70.42.32.159
74.125.130.100
74.125.130.157
74.125.200.147
74.125.200.156
74.125.24.132
74.125.24.97
74.125.68.132
74.125.68.155
89.207.22.76
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
04ceb6d398a87f1a6201d894dddcf6099b9a74c77a95ee6976868d24c81b44eb
062eb567176b265a0cb766716c933098ba1a566da93947afafe527c8f4cb035c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a924b62a51069fe0f5280301cf9cb4a61e8a6c182d66a3958418b149b99ad4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be863bb6e247b125306c6f0e6c73d19310aa48189c8c61f3d6cefafcde5a3a1
0e32a95bc5bad6d8cad0a23ae958505f2145078bd938e14920310f78d9bd8a40
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c068af6dfc0234569404701305fc3a9d0f31d4f54ea97e3c08f8d4675d2163
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1898891380de5ef04eec7dc1ae250634b713b563611359ba581dca74601148dc
1aba31060c8f08b631177211a991057542945d5c5ea9fcdafbd6db93ecb7a4b7
1cf0d60a46bf31e9cd598154c949a867d61509bd1bae48e5dad01eb65b4c4188
1d96e9175047dae4a4e08521adb76db1d811489cc2999faf9d6a43a2e93879b2
1f7d640a8b0bd536beeb63eb6ddb50d918315f176eb08fed4dbb0b6e789f1412
21168621f9feb8aa0183452abecfe5a3ea534fd97c6a1a2e2e769fd3950c7012
24095533dbae557b1bd3382e30fc3757cca99461f6e750d91b53e97dd71acd70
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276f700e2cd3e069a4af10464b68427f8458afe18ecaafa439feebed73e694a4
27ace7d57101d2e69415d07b539322b7484ab5aad04d17f348cf4290205af414
280503830b0fab5d1a73359cfb1fc40fb8e6cb7cb20e1b6e437711e0ca060661
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29dddc94f23e000d3cb957fa0e8503645c306249ec0dec283f378b5dedfd7cc7
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2db5edcee3ffe9b8f2e7794abb193d95e7c3d23d81e0cb254d4a4df2f5d7577d
2e54723c30900bfaf3f9c50b2e7f8da379727eb432b1c49267da5f452d4518b3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332cd86ba44e46beccbf913dbf6b3eefb407d8779cf3f4ec0b62d05f26cc71c1
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
33da58720b15c6c4a39434c3ff98963ba13012e754388d6dab79371f069a70f5
34df8fd6fcabd7c7b45dd71a2a4cb5c9d9710a3c45845082e671899fac4beca6
3830bc6fe41f172ae4f65829d0c9758709e83c11403be620ddc1cbe4d1796c57
388638f8588c36e617ce23eb5776672ea9cd56a8099557416ee88242809b96ad
3a62faf9406941e227e05706202e4e3fce76b76d5b938052e76d34d961242760
3b195b7982a434ef1d5be410aa1fc828cd2c28bcbd92227ec89330b44af90d53
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c75c9372eaa898e55e87e6aa7f1ea3dee8b4511c9091525cd0a7c01ba86683a
40528c9642eb83cac6c8c83d5712388fcdefdce0a8e23545010bc68082c56b51
4089b24589fe24c05fa742bd60bb2f4cbbb7b2ea3c94931efe58c8d04f2d3f75
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4573a6fb34aa140988dfb125320680a5aebb7ecccd26a4dc2b9480e7392391d0
45c9166c62ee100f189be98bc7c15fc325bb26757fa0ebd2c4de64d19d25db49
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
483ff5b258b3fe931aa2259f6dec60fde27ff50f3c64eaf2044078baf2fd393b
48a2e5f70af6a73de341cfd25dc65063a1a8e4cd4318f47f6508301ac94bb6f2
4a62be19df2cf32def097123d0d9d3a76414de00bcdafd44d339fdc42c075b86
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4dcf516b0bac4f9a3104d20f97b79ce95895b80befa2cc2a1a8b54ae339600dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecbf684dc450c457e3d56fdfe96ab3e508b9e451827bafa9f3aca0b02e7f2ad
4f466a21eed9c971c5b2d8b563cde989515c4fec0a48959ef781c115e9945bc4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561850fd99429425ab1ff4ffbac47360e470389f6762497c5cd19b81297eff16
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
582c6653f5263143eab94a12364b7aad99387190137c5c9a358e14b8693093b1
589f552ac7e9bf941f8bccd42ce8414593d4e4ea760a0f89cef604b7c9279b37
5b01af2d4531c8b2eb7892f4b967938f53ff091303ea12dc1ea616cf8ac631df
5be793063e14bfdf36adf0c1c5ee6f02cfd5db1163292ad3774986abe382981a
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5e518f81520f6d97ce0f874d72e84cb8e0dff8d7f62c6287a8f3566d404e113b
6066510b0bd9dee82e1f8ff5e2aa41b4c028ce9326b5599b0778fdd44d628271
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60d0bc8578fcce8cb083b395e5c04cabac4a23a065c0c676c941b1804b420bf9
61138e8c3b67e3af8d7af25df3412b239aad6cc9701ca3d23c77c1062541e3dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
667c7c8e6fe98a76c1862736c68ef5d4f56abd626cf642febe15d51eb1532498
672b9f9bf95f07b238cfb2fbeeca2ccbf1e655358f0857d04c221bb431189af4
68be479f1cba81bc0ccc3e4d0c6cb6f8304477dc4001f34164c914f4c51e5b6b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dff92f7837110686c19c7a127d195b497c6830d072d1b4e9549bf2f69266400
6efd5724223b8cb84079e0229ddfb95fbb1d9db3c0a5725d9434144434919769
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
71886a269122b5e7665e7851baca15b83e040963f309433476e62aa04e67b1e4
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c1fc8c18d24d19d6c884f5fd28d6c5a2ffd92d82173f0e3969070e299a6123
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74fccd7da630db4f39a9ee870bbaf55cc0276cb657b4049dcf9854e7c731a78a
765ac42ed26a548fbdd88bb79e41d99e80d172868e8c38298da51a385ad5ed5d
76c41bd89e80dfb6b96f94e85f2446bc8695df6ee4f362f3381deaedc5891c21
78ee1b5e88bc9bc886d0c0f5d1aaabdc144a53547a47f27dc253d100b5e44cf0
7a451a2020cc0d35b07f985182ee8086172fb6edb2404b2e3302cf22bf5789df
7be03afa789da1063f30a4239c60a68b93e7dd278163c8f6c8ad5aab2dc4b0c3
7bf65b7ff4571bdc31f13c635efd9b7a2d5ad7e7af7de848927a82e32e1e3ef3
7e4ae9511a9191f548fdd73cf243397036a0edb0ef73eb71ae1fb7a8664ac2c3
7ff05800b962b374d5094fb35200220debe6c105705270c7ed14d58baf8c5b98
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
823de2158122dc8c5b8a532270c8b9ae1b0a573ab9a4b3287c5a4d985863eee5
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
8522a35c012ac1a2ea61c8daaeca62e7a74fe3dafc5579a3f9f9e11c6d602e6f
87fe2f8d2db40cd602e142da42ff4f47621bd905cafbe66ea15b4fbb523e84c4
8961bb89d0e46e6b321d5f0ee959d7fb73077377c050602d5289378f2eca4128
896f0ce8118ac2d5a6aafff694dcd6859831048e22e02142fae6cc748769d348
8b6eea5eaa2225cf5ad055b0cd5c926f9a854658c6cc599b0ad94e994d32cfec
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f0046bd3ba12f2dec4b7ebac487eb57c8341c169dfe7fe110c37669d5450b7c
8f03124699cb7701850f88f1a2d4e7f4f5f58ecd1d313be2a2c66bd7bd0e03fd
9076dc4f5110cc40afaebff968b7740deddc5060e9b33a783ace21888cb4c614
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
91feb75cd8c5088a6815c12c416ea61d267a3c72738407728a966b78578e72bc
9373c497bb49c2d030a37ea23346d2c6d1801b07efd321cf917daf945a566e6f
93f9b3c83d86e805ad1505f77be90db2b1b8b3e3af33f5449187df590f9fd17f
9469385ba7159e16172cccfb120c734437539a90af09895d8ca9df51ceb5dd1d
95b49487ac1fd02aa24f37fbc041b68f9feb31a1021b29f76e875afc46da9b33
981ec7d904ff8121067903404a3f1254cd933472d1bacf3a4b748c238a80a8b9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ec3a8bc4f4faa7a812e228036a700fbd11e86ee010b138d094626f7b6a3b103
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f376ae12e71e8daa1b4b735abd305ecb83a1fac5477c570fb3f8e68757b3ae6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b63357a0b483e9f9e0decd22640811e5468ae55b5cf2573dd0ba77eae78c53
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4385bc5c90046cd05af1db5d45331f0244aed9804b1b591731b9d5d06990785
a4a4147ee2eca90797757f6525f25a6757e7a93444051acad72ecb2a4d52dd80
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6a542faa22889d6a38c8d2afc411f3779236afc8733c87d9e82428ecfb0928f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a35aa3bfde75686fa6a8faa8306e304adcff94378bb1694183dc643696ade6
aa17a30f6ec6d08cd44f4567a44e4b0916ca968a7b2d0a7bb9cdb9a34b461825
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ae13a055c909e01673b435a3d3fad35541465fa10432f2e9844204c7bae3fd4a
ae35948a144288a04250b295a24aeaef973408866142f90f834fae7487d540b9
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
b0420a8b60e2665a21a57c5c59f8fd8ac86e659b9785b4ab912dddf509500e03
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b26e204c16e4d7379f8d694d22ed5d6eddab3fe7b33d0d24731b78e1fcd01a8c
b4c8ef13c89c0ac84ae067b5ba5661ba9a0c631a4f10d221ee7190b9831e1659
b4da667d037dda2a415af7b9b9f758cf5b58520944c0c22dddfc79bb0a157c35
b4fd0a95c3940c95f47c4b5a0d270118845fc08083bc7e0255bed3e6cec5f18a
b705d08242a724ecba6d3872b0779768210efc9c3ec4eabd003cbc317b54f381
b8a04614f4eea63702eda0f32c2daa703bbc09dbe76afbe9bc79fe3a5feda6c7
b987213b417d19010682d9adc61a1a86214e283346ecf3e63b2684b62ad07fef
ba621dde6a67a133777c61faf26817eda04dcaa0df941c65a4934f173408a078
bb096fbaf493383bc342fc4e0956c2f91eb92673f8a5424efe62340fe16e1adb
be944362de3e9a05e94be75bf426e2ec426bc84871f17c1bdac19bc429c030b5
bff9d0bec6e0c2e257b7475acb24f4b99b3d67e00c2b77956fd0d65e719171d8
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c4aa33b6e9b51ae1255f933abf5c6349e2f7008665c09b7c96dd5160ee8bcbef
c67098b3e177d58b24bf24bb12037703d9779ebc0570f016d3f6f8e5c4247959
c9691f6543526903ca8774d43b38aad8ebf04efc79ef94ffe7d178a56c2f89f6
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cd43b92589069ef69b2abc27681da90acc9d6ee4aaf2522234114eebdb333723
ce1eefe36d53421b72b697e65f0d8325fb8575d97a2a82f6d8219550005a4a85
d1496c578acf2957689e6a013bb348b694db5800b239df669a69991818aa7934
d1cf569e70060d02505b891936991708b929da9aed889b0b347b9304e40f5b15
d1f1d8c79eb9391003293f7c49eab4fdd4141f3bc48cdeecec7b63db12df3d7e
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d542b5141355b413486546677dda2a8f316910635c396273dbb04320d9919b01
d63ab1c0fe7ceaabe4078bee9882922f975c30a94f372788432bc0abea324632
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d87401c3256d2c5f9b0caa68d9ca130c5cb52660cfbe44ec9dac2e5261e4b796
db3334123804e21acaa74f2e62a0578a77a738efc967bb430be41e1b0b9b35f0
de1eeee6af100d6697355dc3bf1ce1b487f7ac8d54979a6ff693556ea5344ddf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e207af9aedb0ff54e16a2bb01cb7d7f59c9d7ef3ccfddf15bb4551b24bad2924
e2aa515f0a1503a8717a4c606d235ba23d076933a640afedfa0dd1cc866546fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
e7e85560dd1bed553a99af3c5ceb7740f048a19f0f38194b6c4089e17aac06b4
e80d2575e982cdf26641fa066ef74aded5c163840ad1aef30f17cabe9f835d6d
ec5b6111eab9c335799ca1d7d77049e3d1b6437a6cdc9c0250bd0f49e6c458e7
ee034adb7803ec6620aa02bb71507c85e7148277c970a72d21eb995ab80710f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09a2c536aa47c480cd3c0c8dc4c0958401b127864aaac47888c12bb5181c1dd
f2915fc3f640cf6b52323f2b2cadb3e6eca1e898e0b39cac3b1b85794290b497
f4ef911ee49fdd3118b41a55968fb30522a89f48bebb73abeefcc737c5741574
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.hancinema.net Open in urlscan Pro 104.26.0.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

302 Requests

86 %HTTPS

0 %IPv6

59 Domains

94 Subdomains

67 IPs

6 Countries

4128 kBTransfer

12884 kBSize

66 Cookies

20 Outgoing links

Redirected requests

302 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hancinema.net Open in urlscan Pro
104.26.0.212 Public Scan

Screenshot
Live screenshot

Full Image

302
Requests

86 %
HTTPS

0 %
IPv6

59
Domains

94
Subdomains

67
IPs

6
Countries

4128 kB
Transfer

12884 kB
Size

66
Cookies

302 HTTP transactions
4 data transactions