aoutoqw.xyz Open in urlscan Pro
165.22.98.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://to.aoutoqw.xyz/
Effective URL:
https://aoutoqw.xyz/
Submission: On May 31 via manual (May 31st 2023, 3:02:48 am UTC) from ID — Scanned from SG

Summary HTTP 134 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 134 HTTP transactions. The main IP is 165.22.98.83, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is aoutoqw.xyz. The Cisco Umbrella rank of the primary domain is 965794.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.

This is the only time aoutoqw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	128.199.64.249 128.199.64.249	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 23	165.22.98.83 165.22.98.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	2404:6800:400... 2404:6800:4003:c00::5f	15169 (GOOGLE) (GOOGLE)
14	2404:6800:400... 2404:6800:4003:c02::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:d8c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE)
27	2404:6800:400... 2404:6800:4003:c03::9b	15169 (GOOGLE) (GOOGLE)
1 2	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	149.56.240.131 149.56.240.131	16276 (OVH) (OVH)
2	2404:6800:400... 2404:6800:4003:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c11::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
26	2404:6800:400... 2404:6800:4003:c04::84	15169 (GOOGLE) (GOOGLE)
4 5	2404:6800:400... 2404:6800:4003:c02::93	15169 (GOOGLE) (GOOGLE)
16	2404:6800:400... 2404:6800:4003:c00::8b	15169 (GOOGLE) (GOOGLE)
134	17

2 128.199.64.249 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

to.aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 165.22.98.83 (Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aoutoqw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c00::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4003:c02::9b (Singapore)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:d8c (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c05::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2404:6800:4003:c03::9b (Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.193.213.10 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sovrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.131 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534299.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c04::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::9b (Singapore)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2404:6800:4003:c04::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c02::93 (Singapore) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4003:c00::8b (Singapore)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	403 KB
25	aoutoqw.xyz 2 redirects to.aoutoqw.xyz www.aoutoqw.xyz aoutoqw.xyz — Cisco Umbrella Rank: 965794	595 KB
23	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856	59 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	152 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	159 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	265 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
2	google.com.sg adservice.google.com.sg — Cisco Umbrella Rank: 26240	696 B
2	sovrn.com 1 redirects sovrn.com — Cisco Umbrella Rank: 25495 www.sovrn.com — Cisco Umbrella Rank: 193437	437 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17397 s4.histats.com — Cisco Umbrella Rank: 15071	5 KB
1	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 17715
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	464 B
134	12

	Domain	Requested by
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
22	aoutoqw.xyz	aoutoqw.xyz
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com aoutoqw.xyz
14	pagead2.googlesyndication.com	aoutoqw.xyz pagead2.googlesyndication.com to.aoutoqw.xyz googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	aoutoqw.xyz googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.com.sg	pagead2.googlesyndication.com
2	to.aoutoqw.xyz	1 redirects
1	e.dtscout.com	s4.histats.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	www.sovrn.com	aoutoqw.xyz
1	sovrn.com	1 redirects
1	s10.histats.com	aoutoqw.xyz
1	www.aoutoqw.xyz	1 redirects
134	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
linkmonet.com R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh
aoutoqw.xyz R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-05-27` - `2023-08-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://aoutoqw.xyz/
Frame ID: 3A164B45AB45D762A11CA0E6DE9B8804
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/zrt_lookup.html
Frame ID: E57617825DFFA032275412322308522A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&adk=1812271804&adf=3025194257&lmt=1685502162&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Faoutoqw.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161951&bpp=10&bdt=149&idt=366&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4243722432845&frm=20&pv=2&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=391
Frame ID: 16D7EB2C8B658260EE1FC90A9BDAC660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502162&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161961&bpp=3&bdt=159&idt=388&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yaVyFXdpbb&p=https%3A//aoutoqw.xyz&dtd=391
Frame ID: 0359E46D007A08B5117A512F932A5065
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C13FEEC3D54E5696615CAB6021AA216
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3807239147~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1408&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280&nras=3&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jHLi9R9cRv&p=https%3A//aoutoqw.xyz&dtd=29
Frame ID: BAA8792ED803C20D1584A25CEDE4FF2A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1034840246~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5gAAa2DbTD&p=https%3A//aoutoqw.xyz&dtd=37
Frame ID: E2E1B5FF0F8056D12802367FF98B16FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=4070374814&adf=3001769797&pi=t.aa~a.2421250157~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9Wi4VzLzOp&p=https%3A//aoutoqw.xyz&dtd=43
Frame ID: C2D90074ACA3C2DD8E016E4641BA4334
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=163&adk=2243460501&adf=3434840839&pi=t.aa~a.548476622~rp.4&w=831&lmt=1685502163&nsk=a860b106&rafmt=11&pwprc=4844043208&ad_type=text_image&format=831x163&url=https%3A%2F%2Faoutoqw.xyz%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Qg4LaQXDdR&p=https%3A//aoutoqw.xyz&dtd=48
Frame ID: D12CAA855EA3DE23ACBBE76B26844888
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7AD8F137986DAE83279538BA9A4F65B4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: FC9B323911C604BEFE065C609DC50054
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0F633B3C4B28E7B87DC517B3914BF2A6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Frame ID: 646B2E666A759C93EB418AF71965C106
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5856D16169B54B3CE13D8548BB647D34
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 107FF2E83099AA5421274318D61984E7
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A7AAAEF57DF6186B140CDA095B20CA3F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 99CE630E71AB625CFE3D028832B1E182
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 28832EC04D77689DAAA42DFF169BB3B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 3599964F758229421D8B9CE1D9657BC0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js
Frame ID: 8433F1132417547CC2D5710755E8DA4A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F0ACB36EB509C1824E739C068A6B6F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D321A03016638207D44D55FCA1F39ED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blog Of Gaming – Gaming All Day

Page URL History Show full URLs

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/ Page URL
https://www.aoutoqw.xyz/ HTTP 301
https://aoutoqw.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

134
Requests

99 %
HTTPS

75 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

1646 kB
Transfer

4592 kB
Size

14
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/want-to-be-a-pro-player-at-pubg-mobile-you-must-understand-this-technique-this-conqueror.html&t=Want+to+be+a+Pro+Player+at+PUBG+Mobile%3F+You+Must+Understand+This+Technique+This+Conqueror

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Want+to+be+a+Pro+Player+at+PUBG+Mobile%3F+You+Must+Understand+This+Technique+This+Conqueror&url=https://aoutoqw.xyz/want-to-be-a-pro-player-at-pubg-mobile-you-must-understand-this-technique-this-conqueror.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/this-is-a-list-of-buying-prices-for-heroes-in-mobile-legends-from-free-cheap-to-the-most-expensive.html&t=This+is+a+list+of+buying+prices+for+heroes+in+Mobile+Legends+from+free%2C+cheap+to+the+most+expensive

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=This+is+a+list+of+buying+prices+for+heroes+in+Mobile+Legends+from+free%2C+cheap+to+the+most+expensive&url=https://aoutoqw.xyz/this-is-a-list-of-buying-prices-for-heroes-in-mobile-legends-from-free-cheap-to-the-most-expensive.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/where-and-how-to-contact-mobile-legend-customer-service.html&t=Where+and+How+to+Contact+Mobile+Legend+Customer+Service

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Where+and+How+to+Contact+Mobile+Legend+Customer+Service&url=https://aoutoqw.xyz/where-and-how-to-contact-mobile-legend-customer-service.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/20-list-of-mobile-legend-heroes-who-can-strike-long-distance-deadly-damage.html&t=20+List+of+Mobile+Legend+Heroes+Who+Can+Strike+Long+Distance+Deadly+Damage

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=20+List+of+Mobile+Legend+Heroes+Who+Can+Strike+Long+Distance+Deadly+Damage&url=https://aoutoqw.xyz/20-list-of-mobile-legend-heroes-who-can-strike-long-distance-deadly-damage.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/tips-for-mastering-and-becoming-a-pro-player-in-the-pubg-mobile-game-weapon-secrets-on-each-map.html&t=Tips+for+Mastering+and+Becoming+a+Pro+Player+in+the+PUBG+Mobile+Game%2C+Weapon+Secrets+on+Each+Map

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Tips+for+Mastering+and+Becoming+a+Pro+Player+in+the+PUBG+Mobile+Game%2C+Weapon+Secrets+on+Each+Map&url=https://aoutoqw.xyz/tips-for-mastering-and-becoming-a-pro-player-in-the-pubg-mobile-game-weapon-secrets-on-each-map.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/here-are-15-reasons-why-the-mobile-legend-game-has-become-a-very-popular-game-in-the-world.html&t=Here+are+15+reasons+why+the+Mobile+Legend+game+has+become+a+very+popular+game+in+the+world

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Here+are+15+reasons+why+the+Mobile+Legend+game+has+become+a+very+popular+game+in+the+world&url=https://aoutoqw.xyz/here-are-15-reasons-why-the-mobile-legend-game-has-become-a-very-popular-game-in-the-world.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/30-list-of-mobile-legends-heroes-and-tier-lists-to-game-characters.html&t=30+List+of+Mobile+Legends+Heroes+and+Tier+Lists+to+Game+Characters

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=30+List+of+Mobile+Legends+Heroes+and+Tier+Lists+to+Game+Characters&url=https://aoutoqw.xyz/30-list-of-mobile-legends-heroes-and-tier-lists-to-game-characters.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/ini-tips-jago-main-game-state-of-survival-strategi-yang-wajib-anda-tahu.html&t=These+Are+Good+Tips+For+Playing+The+State+of+Survival+game%2C+a+strategy+that+you+must+know

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=These+Are+Good+Tips+For+Playing+The+State+of+Survival+game%2C+a+strategy+that+you+must+know&url=https://aoutoqw.xyz/ini-tips-jago-main-game-state-of-survival-strategi-yang-wajib-anda-tahu.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/this-is-a-list-of-the-20-most-popular-android-games-on-google-play-these-are-the-names-and-types-of-games.html&t=This+is+a+list+of+the+20+most+popular+Android+games+on+Google+Play%2C+these+are+the+names+and+types+of+games

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=This+is+a+list+of+the+20+most+popular+Android+games+on+Google+Play%2C+these+are+the+names+and+types+of+games&url=https://aoutoqw.xyz/this-is-a-list-of-the-20-most-popular-android-games-on-google-play-these-are-the-names-and-types-of-games.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://aoutoqw.xyz/list-of-free-to-paid-game-download-sites-for-mobile-pcs-to-consoles.html&t=List+of+free+to+paid+game+download+sites+for+mobile+PCs+to+consoles

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=List+of+free+to+paid+game+download+sites+for+mobile+PCs+to+consoles&url=https://aoutoqw.xyz/list-of-free-to-paid-game-download-sites-for-mobile-pcs-to-consoles.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/ Page URL
https://www.aoutoqw.xyz/ HTTP 301
https://aoutoqw.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://to.aoutoqw.xyz/ HTTP 301
https://to.aoutoqw.xyz/

Request Chain 30

https://sovrn.com/ HTTP 301
https://www.sovrn.com/

Request Chain 50

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
to.aoutoqw.xyz/
Redirect Chain

http://to.aoutoqw.xyz/
https://to.aoutoqw.xyz/

174 B
379 B

73ms
63ms

Document
text/html

128.199.64.249
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://to.aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

128.199.64.249 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / PHP/7.4.33 PleskLin

Resource Hash

5afa6c4c7a1250f1f6598fa68b4cfed77d0875b0c2d66ecfd5bd4dac3a75808e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: gzip
content-length: 151
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 03:02:41 GMT
server: nginx
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 31 May 2023 03:02:41 GMT
Location: https://to.aoutoqw.xyz/
Server: nginx

GET
H2

200

Primary Request / Show response
aoutoqw.xyz/
Redirect Chain

https://www.aoutoqw.xyz/
https://aoutoqw.xyz/

89 KB
17 KB

133ms
113ms

Document
text/html

165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PHP/7.4.27 PleskLin
Resource Hash: 53a72b61cc88af157b413abfd7751bfd9786b2ff915873d91068d0cfb1bd11f3

Request headers

Referer: https://to.aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 03:02:41 GMT
link: <https://aoutoqw.xyz/wp-json/>; rel="https://api.w.org/"
server: nginx
x-powered-by: PHP/7.4.27 PleskLin

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 May 2023 03:02:41 GMT
location: https://aoutoqw.xyz/
server: nginx
x-powered-by: PHP/7.4.27 PleskLin
x-redirect-by: WordPress

GET
H2 200 style.min.css
aoutoqw.xyz/wp-includes/css/dist/block-library/ 95 KB
11 KB 26ms
25ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-17ced"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 classic-themes.min.css
aoutoqw.xyz/wp-includes/css/ 291 B
331 B 27ms
26ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
x-accel-version: 0.01
server: nginx
etag: W/"123-5f81845d1b24f"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 18ms
7ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00f2acadff16c4093222e289271ae495967d00292465555552204c8c8d585d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 03:02:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 03:02:41 GMT

GET
H2 200 style.css
aoutoqw.xyz/wp-content/themes/ad-mania/ 279 KB
44 KB 17ms
16ms Stylesheet
text/css 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685502161&ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6ca2642ac9f2c0e3b43e177c7d26fa2f14370d866ffed9681c2a703a4de728c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 14:22:55 GMT
server: nginx
etag: W/"63a1c53f-45aa5"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
aoutoqw.xyz/wp-includes/js/jquery/ 88 KB
30 KB 23ms
23ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-15ed7"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
aoutoqw.xyz/wp-includes/js/jquery/ 13 KB
5 KB 26ms
26ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-3470"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 44ms
27ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57f09c5acfffb0900738522c0a8b3bee9777fc2d907b9df266906a1077df7fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47465
x-xss-protection: 0
server: cafe
etag: 12605842398312471601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:41 GMT

GET
H2 200 logoautoqw.png
aoutoqw.xyz/wp-content/uploads/2023/03/ 21 KB
21 KB 21ms
15ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/logoautoqw.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 440267acc23dbf11d1f4aafa2b05af63818b829400743bea39fc836b8b7bbf25

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Sat, 25 Mar 2023 08:38:38 GMT
server: nginx
etag: "641eb30e-5511"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 21777

GET
H2 200 cara-menjadi-pro-player-pubg-Conqueror-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/04/ 6 KB
6 KB 21ms
16ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/cara-menjadi-pro-player-pubg-Conqueror-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 88494fea1985db1d61143f315a980782abef6bb394222593998285d027d836ae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 13 Apr 2023 05:43:21 GMT
server: nginx
etag: "64379679-1672"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 5746

GET
H2 200 daftar-harga-hero-mobile-legends-200x150.png
aoutoqw.xyz/wp-content/uploads/2023/04/ 53 KB
53 KB 13ms
8ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/daftar-harga-hero-mobile-legends-200x150.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8fc047db1be8c33d8105711394f78c78580fccd69c77d57a276a4fa6f29ec589

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 05:07:32 GMT
server: nginx
etag: "642e5394-d28d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 53901

GET
H2 200 dimana-letak-customer-service-mobile-legend-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/04/ 3 KB
3 KB 30ms
25ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/dimana-letak-customer-service-mobile-legend-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a4549c734916f4ef3a0d6a0bac9423f9dc5a945f1e800d206dcab8ea61c2528b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-ccc"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 3276

GET
H2 200 Hero-mobile-legend-jarak-jauh-200x150.jpeg
aoutoqw.xyz/wp-content/uploads/2023/04/ 10 KB
10 KB 31ms
26ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/Hero-mobile-legend-jarak-jauh-200x150.jpeg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 80045f756b5847eaad803d8e450b12111dc75199b34e0ecc466782914bd8bc9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-26f5"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 9973

GET
H2 200 tips-agar-bisa-jadi-Proplayer-di-Mobile-legends-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/04/ 7 KB
7 KB 25ms
25ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/tips-agar-bisa-jadi-Proplayer-di-Mobile-legends-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a7705dec66f49a523f90ddfdcb46db34f4694f1fd583321e022ec6909d503e61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-1cd4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 7380

GET
H2 200 alasan-mengapa-game-mobile-legend-game-paling-populer-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/04/ 16 KB
16 KB 23ms
12ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/04/alasan-mengapa-game-mobile-legend-game-paling-populer-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 050519d788fb03adda7a974b3c9aed95057b6f6fd112fd51612101e54920f18e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-3e46"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 15942

GET
H2 200 daftar-karakter-mobile-legends-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 10 KB
10 KB 15ms
12ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/daftar-karakter-mobile-legends-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 1263fbb776fcfc5cc95f29706f6ffea118842170264affb1aaa4ec7f19d6f5b6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-287d"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 10365

GET
H2 200 Game-state-of-survival-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 12 KB
12 KB 13ms
10ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/Game-state-of-survival-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ff4f3571778efcd6f1028d0261211eedfa39e0b513c350f1f80d5d4c28e8b2e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:19 GMT
server: nginx
etag: "642e33e3-3107"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 12551

GET
H2 200 game-android-terpopuler-2023-200x150.webp
aoutoqw.xyz/wp-content/uploads/2023/03/ 5 KB
5 KB 21ms
18ms Image
image/webp 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/game-android-terpopuler-2023-200x150.webp
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3195a4101fcf03bde59de0d68edd297c08153eb6ef7a39f4019d577779e3ecba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:20 GMT
server: nginx
etag: "642e33e4-14f4"
x-powered-by: PleskLin
content-type: image/webp
accept-ranges: bytes
content-length: 5364

GET
H2 200 situs-download-game-200x150.jpg
aoutoqw.xyz/wp-content/uploads/2023/03/ 12 KB
13 KB 19ms
18ms Image
image/jpeg 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/uploads/2023/03/situs-download-game-200x150.jpg
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5c1b262223e139980ed78ec64d386e924f6033d8871fdba0a93f10e79ee3c244

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 06 Apr 2023 02:52:20 GMT
server: nginx
etag: "642e33e4-31e4"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 12772

GET
H2 200 mincustom.js Show response
aoutoqw.xyz/wp-content/themes/ad-mania/js/ 457 KB
37 KB 14ms
14ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/js/mincustom.js
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bced9f7acd03baf8e91d56ef78984eb72db91c1b26e625c0e2e2ee47da8ff144

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Tue, 20 Dec 2022 14:26:43 GMT
server: nginx
etag: W/"63a1c623-724d6"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 icon.png
aoutoqw.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/ 176 KB
176 KB 13ms
13ms Image
image/png 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aoutoqw.xyz/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8dcfba4a28225c8746c26ef28776e25c1268ed730f9a187cb95bf198e4ed3a68

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Thu, 09 Mar 2023 03:49:25 GMT
server: nginx
etag: "64095745-2be51"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 179793

GET
H2 200 wp-emoji-release.min.js Show response
aoutoqw.xyz/wp-includes/js/ 18 KB
5 KB 25ms
24ms Script
application/javascript 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 06:33:37 GMT
server: nginx
etag: W/"64252d41-4904"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 59ms
18ms Script
text/javascript 2606:4700:10::ac43:d8c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:d8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 35010
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7cfbfabfed5e91ba-SIN
content-length: 4547

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 38ms
9ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 01:31:43 GMT
x-content-type-options: nosniff
age: 178258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 May 2024 01:31:43 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
19 KB 35ms
7ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400+%7COpen+Sans%3A100%26subset%3Dno-font-weight%2Ccyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:24:16 GMT
x-content-type-options: nosniff
age: 63505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 09:24:16 GMT

GET
H2 200 fa-brands-400.woff2
aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/ 64 KB
64 KB 22ms
20ms Font
font/woff2 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/fa-brands-400.woff2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685502161&ver=6.2.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4

Request headers

Referer: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685502161&ver=6.2.2
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Tue, 20 Dec 2022 14:26:47 GMT
server: nginx
etag: "63a1c627-ff24"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 65316

GET
H2 200 fa-solid-900.woff2
aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/ 49 KB
49 KB 29ms
28ms Font
font/woff2 165.22.98.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/fonts/awesomeicons/fa-solid-900.woff2
Requested by: Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685502161&ver=6.2.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 165.22.98.83 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer: https://aoutoqw.xyz/wp-content/themes/ad-mania/style.css?v=1685502161&ver=6.2.2
Origin: https://aoutoqw.xyz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
last-modified: Tue, 20 Dec 2022 14:26:50 GMT
server: nginx
etag: "63a1c62a-c4c4"
x-powered-by: PleskLin
content-type: font/woff2
accept-ranges: bytes
content-length: 50372

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 35ms
34ms Fetch
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47487
x-xss-protection: 0
server: cafe
etag: 17124789049000044836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:41 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ 350 KB
118 KB 54ms
44ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43b5270ea1a49ed5f73fbb8168b6e80ce036868a3f40419ac7c1aeb52d5182be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120474
x-xss-protection: 0
server: cafe
etag: 13031296587172685470
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/ Frame E576 10 KB
5 KB 26ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8367258519230759

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 26901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 19:34:21 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 19:34:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H2

200

/
www.sovrn.com/
Redirect Chain

https://sovrn.com/
https://www.sovrn.com/

0
0

230ms
224ms

Fetch
text/html

141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sovrn.com/

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Server

141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:42 GMT
x-cache-group: normal
content-encoding: br
strict-transport-security: max-age=63072000
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
x-powered-by: WP Engine
x-cache: HIT: 1
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nK5o0Atq8j4qtNpxJiGsPQ9NyfGekXslBQN0Q6s5XneU2pKkro01OkWPXpqeKY463NLAGQRn41ykERUKCiEHr3DodybzxvFxitHlm7pjIhvd0JWaTH0hMROgcP7gVNU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=600, must-revalidate
cf-ray: 7cfbfac3cf3a4da3-SIN
link: <https://www.sovrn.com/wp-json/>; rel="https://api.w.org/", <https://www.sovrn.com/wp-json/wp/v2/pages/25540>; rel="alternate"; type="application/json", <https://www.sovrn.com/>; rel=shortlink

Redirect headers

date: Wed, 31 May 2023 03:02:42 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNneHzzlZ%2Fmv4OBuFLFZQNX2lzwfLHS11UN5%2BZD3hIo2z7RQKXcFOV4C5wADK8Wt%2Fd%2FHQXwX8mWu9mZA1eJAERtc33uv%2Fj0BLXNKyV7Gfd%2FWcad%2BtKJlP13wIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.sovrn.com/
cf-ray: 7cfbfac25df84da3-SIN
alt-svc: h3=":443"; ma=86400
content-length: 162

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 380 B
515 B 713ms
234ms Script
text/html 149.56.240.131
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3492672&@f16&@g1&@h1&@i1&@j1685502162025&@k0&@l1&@mBlog%20Of%20Gaming%20%E2%80%93%20Gaming%20All%20Day&@n0&@ohttps%3A%2F%2Fto.aoutoqw.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-113292179&@b3:1685502162&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Faoutoqw.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.131 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534299.ip-149-56-240.net
Software: /
Resource Hash: f224adc69116837fb431e35c8f14a1982836c0ea283ed448ac17474ff3dc34d5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 31 May 2023 03:02:42 GMT
Connection: close
Content-Length: 380
Content-Type: text/html;charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
464 B 9ms
6ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aoutoqw.xyz&callback=_gfp_s_&client=ca-pub-8367258519230759

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f3a861564f8ffb5674fd1c8c067a747ca7216745f88d1bbcd5675d38940610

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
531 B 19ms
7ms Script
application/javascript 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 19ms
7ms Script
application/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16D7 514 KB
92 KB 701ms
699ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&adk=1812271804&adf=3025194257&lmt=1685502162&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Faoutoqw.xyz%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161951&bpp=10&bdt=149&idt=366&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4243722432845&frm=20&pv=2&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=391

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab0c2c977f4a14a284a91d0ffad16f1c29629df3b4c8a059223646d4e5d73d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 93884
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
expires: Wed, 31 May 2023 03:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0359 102 KB
36 KB 445ms
444ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502162&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161961&bpp=3&bdt=159&idt=388&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yaVyFXdpbb&p=https%3A//aoutoqw.xyz&dtd=391

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8080d83ceaecd6c5ee51878be7b2fd3907ba8f7996cd73e06502c2ff245118b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:42 GMT
expires: Wed, 31 May 2023 03:02:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 500 /
e.dtscout.com/e/ 0
0 512ms
488ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Faoutoqw.xyz%2F&j=https%3A%2F%2Fto.aoutoqw.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?3492672&@f16&@g1&@h1&@i1&@j1685502162025&@k0&@l1&@mBlog%20Of%20Gaming%20%E2%80%93%20Gaming%20All%20Day&@n0&@ohttps%3A%2F%2Fto.aoutoqw.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-113292179&@b3:1685502162&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Faoutoqw.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRogDVv5oQWgrvJ9BtHhvooGd3jOaWOBT7f9sb5LTxVEA%2FK4ItdyUlSLYnVPio87UdI19NdOVlken5c%2BjRpBdYlY%2BkV6GB0UMaAeVaIeDr%2F8bK5EGDGkL%2FoaO19ZTWNBXXbGwwSM3ZgLwqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-s: mtl1
cf-ray: 7cfbfac54d96899e-SIN

GET
H2 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 0359 8 KB
4 KB 20ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502162&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161961&bpp=3&bdt=159&idt=388&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yaVyFXdpbb&p=https%3A//aoutoqw.xyz&dtd=391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 09:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 09:31:10 GMT

GET
H2 200 0d45a8785eb2baeb4eb1c97aee3191c6.js Show response
www.gstatic.com/mysidia/ Frame 0359 9 KB
4 KB 21ms
7ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d45a8785eb2baeb4eb1c97aee3191c6.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 19:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3912
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:52:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 19:48:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0359 14 KB
1 KB 11ms
10ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 03:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:51:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 03:02:42 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0359 2 KB
973 B 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 0359 22 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0359 3 KB
1 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0359 19 KB
8 KB 17ms
3ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0359 171 KB
53 KB 311ms
310ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H2 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame 0359 32 KB
13 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0359 0
0 59ms
58ms Fetch
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2L340rh2ZLq2FsmDrAGbqqiAD6XB4O9wufSR_eER2ImFngsQASCb8rMeYL8FoAHo-4-GKcgBAagDAcgDywSqBNQBT9CFvGgDUG0lfQSV_UdKspSYf68A5UrUAqkJiHLEqP__9mDDeRnbFVBdadp7P_mObdacKPaMo7aKjhfkTi_S5yMf_henhdyxT3qjOl4scz0Hd6TedDPQuyGecM9NCiBRJlmxlVIGC-K8B5Oj_EOgj5t5uBPmRnzQyuzFs7TtveR1qYhokt9lJL0PnbJSfr_QL4yecwPgKYv2onA0M9sn0rAhTlsgxYm_hNpqqL-BbZSn6YdXapmPGJXvwimCPQMkf_LEC1ZIMljuACxpZu0PiXkiY0bABIrjh-KbBJIFBAgEGAGSBQQIBRgEgAfos-DlA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDENpG0ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwKIFAHQFQGAFwGyFxwKGggAEhRwdWItODM2NzI1ODUxOTIzMDc1ORgA&sigh=QnlzKWFiBSM&uach_m=[UACH]&cid=CAQSGwBygQiD7-fS9VIhrjeOCWr4kGoFAXmh2akrZxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502162&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161961&bpp=3&bdt=159&idt=388&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yaVyFXdpbb&p=https%3A//aoutoqw.xyz&dtd=391
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 May 2023 03:02:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 31 May 2023 03:02:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C13 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=683863926&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502162&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502161961&bpp=3&bdt=159&idt=388&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=151&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yaVyFXdpbb&p=https%3A//aoutoqw.xyz&dtd=391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2769
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0359 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ad74f212e4b5832d102b18fee306b44999202a962e62af0065b45d52164ab19

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0C13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

1668ms
1667ms

Document
text/html

2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:44 GMT
expires: Wed, 31 May 2023 03:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/ 152 KB
52 KB 32ms
32ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8201dce0d4887b9a8127227d1fc7057861190c2783ddedebaab2b51995bb9735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52764
x-xss-protection: 0
server: cafe
etag: 10891598218441691720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H2 200 ca-pub-8367258519230759 Show response
fundingchoicesmessages.google.com/i/ 133 KB
46 KB 40ms
29ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8367258519230759?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a4741b90b5bc2a4083d76e9c7aec00e591b5b7bb6397eea1607ee491b0c402e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4ReHt7KrltHaZQCo-0F8dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4ReHt7KrltHaZQCo-0F8dA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.sg/adsid/ 107 B
165 B 10ms
8ms Script
application/javascript 2404:6800:4003:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.sg/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 7ms
6ms Script
application/javascript 2404:6800:4003:c11::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aoutoqw.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAA8 436 B
233 B 267ms
264ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=3175363789&pi=t.aa~a.3807239147~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1408&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280&nras=3&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=jHLi9R9cRv&p=https%3A//aoutoqw.xyz&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe8008ecf8f1eea59720f3b6c667171a7a98062e81de484a67d9bf3f14cbf80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2E1 436 B
233 B 212ms
211ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1034840246~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5gAAa2DbTD&p=https%3A//aoutoqw.xyz&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5516c7877f622ecb36069e1cd1a5c675796864b07a3d09d59402dc8e3b8f2e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2D9 436 B
232 B 358ms
357ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=280&adk=4070374814&adf=3001769797&pi=t.aa~a.2421250157~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1685502163&rafmt=1&to=qs&pwprc=4844043208&format=1200x280&url=https%3A%2F%2Faoutoqw.xyz%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=9Wi4VzLzOp&p=https%3A//aoutoqw.xyz&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c607dacc9c511a8fdf7dcccc638d05ad53bc402a7ced6a9509e5d7f61d1c42ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D12C 436 B
233 B 172ms
172ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8367258519230759&output=html&h=163&adk=2243460501&adf=3434840839&pi=t.aa~a.548476622~rp.4&w=831&lmt=1685502163&nsk=a860b106&rafmt=11&pwprc=4844043208&ad_type=text_image&format=831x163&url=https%3A%2F%2Faoutoqw.xyz%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1685502163210&bpp=1&bdt=1407&idt=-M&shv=r20230525&mjsv=m202305250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D393a87afb08de8d5-2204d2638fe10073%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ&gpic=UID%3D00000c0d4bf7e2e3%3AT%3D1685502162%3ART%3D1685502162%3AS%3DALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280%2C1200x280&nras=6&correlator=4243722432845&frm=20&pv=1&ga_vid=165959322.1685502162&ga_sid=1685502162&ga_hid=1726095030&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=1212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31071755%2C44788442%2C44790154&oid=2&psts=ABHeCviY09I_ecn8gFIt8qPNceeooaW6RvScfOaSX17pVBCgrm_P3I1erBnpMjISonR08oXAcRvlLiGQYZIelstMnPDvukVQ&pvsid=4441231896261296&tmod=843076314&uas=0&nvt=1&ref=https%3A%2F%2Fto.aoutoqw.xyz%2F&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Qg4LaQXDdR&p=https%3A//aoutoqw.xyz&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4feb4b2eef44d2ac8f199ba176773aca1311824886d8bb43c7ef20b901e9baff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame 7AD8 10 KB
4 KB 5ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 10970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame FC9B 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 10970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame 0F63 10 KB
4 KB 4ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 10970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/ Frame 646B 10 KB
4 KB 4ms
3ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 10970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 23:59:53 GMT
etag: 15057649708203361565
expires: Tue, 13 Jun 2023 23:59:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXkOCjwbqd9_8oQVHPro3eejTv6YKAifw1yDmIlgtt_8TkpoT2oGFT5nH7JZJogjg22YQOAmObhxht3tSQPdqE= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 45ms
44ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkOCjwbqd9_8oQVHPro3eejTv6YKAifw1yDmIlgtt_8TkpoT2oGFT5nH7JZJogjg22YQOAmObhxht3tSQPdqE=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NTAyMTYzLDM0ODAwMDAwMF0sIjNEMTU5MkJCLTk3RDEtNDAyRi1BRDIwLUE5OUM3NjM3N0IzMyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf3001363507fafcd1b4530517f1fcc151991f7030d6858c1f30aa596d4f12af

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XVo0C2qr3xtyiMe55nqVjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XVo0C2qr3xtyiMe55nqVjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0359 33 KB
33 KB 4ms
4ms Font
font/woff2 2404:6800:4003:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 08:17:57 GMT
x-content-type-options: nosniff
age: 67486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 May 2024 08:17:57 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 7AD8 4 KB
671 B 12ms
11ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 02:24:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7AD8 205 B
229 B 5ms
5ms Image
image/png 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 07:22:22 GMT
x-content-type-options: nosniff
age: 330021
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 May 2024 07:22:22 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7AD8 604 B
628 B 8ms
7ms Image
image/png 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 11:10:14 GMT
x-content-type-options: nosniff
age: 57149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 29 May 2024 11:10:14 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/ Frame 7AD8 13 KB
6 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 04:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5756
x-xss-protection: 0
server: cafe
etag: 6942144704403180717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 04:38:27 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/ Frame 7AD8 20 KB
8 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 04:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81569
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8300
x-xss-protection: 0
server: cafe
etag: 2697337515266134059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 04:23:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame FC9B 2 KB
892 B 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame FC9B 22 KB
9 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5856 143 B
166 B 5ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame FC9B 3 KB
1 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame FC9B 19 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC9B 171 KB
53 KB 86ms
86ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 32da0f4bcd46006ef465cafdfe68b840.js Show response
www.gstatic.com/mysidia/ Frame FC9B 32 KB
13 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/32da0f4bcd46006ef465cafdfe68b840.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13640
x-xss-protection: 0
last-modified: Mon, 22 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 02:47:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0F63 2 KB
892 B 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 0F63 22 KB
9 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0F63 3 KB
1 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 0F63 19 KB
8 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F63 171 KB
53 KB 79ms
78ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 0F63 32 KB
13 KB 8ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:50:44 GMT

GET
H3 200 ef33bde3b6f53b5d50fc677805f1b9fa.js Show response
www.gstatic.com/mysidia/ Frame 646B 8 KB
4 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef33bde3b6f53b5d50fc677805f1b9fa.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 09:31:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3674
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 09:31:10 GMT

GET
H3 200 ee89b602e2534f412f73bbda73fe42b2.js Show response
www.gstatic.com/mysidia/ Frame 646B 9 KB
4 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee89b602e2534f412f73bbda73fe42b2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 20:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4066
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 20:08:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 646B 14 KB
1 KB 14ms
14ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 02:54:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 646B 2 KB
892 B 10ms
8ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 646B 22 KB
9 KB 11ms
9ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 646B 3 KB
1 KB 12ms
10ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 646B 19 KB
8 KB 12ms
10ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 646B 171 KB
53 KB 70ms
68ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 646B 32 KB
13 KB 12ms
10ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:50:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 107F 14 KB
1 KB 9ms
9ms Stylesheet
text/css 2404:6800:4003:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 May 2023 01:16:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 107F 2 KB
892 B 4ms
4ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:58:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/ Frame 107F 22 KB
9 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 20:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23877
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8798
x-xss-protection: 0
server: cafe
etag: 11317101923912129037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 20:24:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7AA 143 B
166 B 10ms
9ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 107F 3 KB
1 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/ Frame 107F 19 KB
8 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230525/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 19:14:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7987
x-xss-protection: 0
server: cafe
etag: 5788035530912182302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:14:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 107F 171 KB
53 KB 13ms
12ms Script
text/javascript 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54244
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684927996807358"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 03:02:43 GMT

GET
H3 200 0a0369f67a094afc57e3321b90807283.js Show response
www.gstatic.com/mysidia/ Frame 107F 32 KB
13 KB 8ms
8ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0a0369f67a094afc57e3321b90807283.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 17:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13649
x-xss-protection: 0
last-modified: Sat, 27 May 2023 00:00:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Aug 2023 17:50:44 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11298430646273164980/ Frame 646B 706 B
733 B 11ms
9ms Image
image/png 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11298430646273164980/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

873041e459a5fe26b40908b7750f4d035e53b43cda18bc9d6501be26dd67acaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 13:28:30 GMT
x-content-type-options: nosniff
age: 567253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706
x-xss-protection: 0
last-modified: Wed, 24 May 2023 05:06:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 23 May 2024 13:28:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5856
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

998ms
997ms

Document
text/html

2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:44 GMT
expires: Wed, 31 May 2023 03:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 646B 0
0 57ms
57ms Fetch
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSH4s0rh2ZMC5Fsem9QOqxrGYAs7dnu1wyKzYkpMRt-mivcABEAEgm_KzHmCBBKABnqKpminIAQGpAqJL0OWHRZI-qAMBqgTGAU_QOYpOX3Au9yc7oxo-tNyje8bwfTSeqCk9ArEijawi1DyFq1acD7XMQP_K56fVyRXs1fGzzx8ltJVpK2XAUPHuI29FuEf3smbK8BlmW5v3U2bndVLEuifJe3S9baYKygYAmmz9hVo_mzCdLKvyUWm5F3ZVSW2WdWpGMDmtsTKrZrboBCwX4D5QgRmIVGSuVKOHYvL8nKBjlzsqQ9O9z9CYl7cWM96VIOIGJY19jslTy5y6x5FXUWVGoTT1W0BLPEjBYpOma8AEs6XZiLgEgAee2vn5A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEJA10ggUCIBhEAEYHzICigI6AoBASL39wTqACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItODM2NzI1ODUxOTIzMDc1ORgA&sigh=RoXdGmRkAaA&uach_m=[UACH]&cid=CAQSGwBygQiDNLLObkTOy8z0Y_bq_KCvB5GNF0JH2hgB&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 31 May 2023 03:02:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99CE 143 B
166 B 4ms
4ms Document
text/html 2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 2770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 02:16:33 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 646B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d80d712851ce97d206e8a2a6ea67ba384206e5426c196733e13b4982522c712

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A7AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

867ms
866ms

Document
text/html

2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:44 GMT
expires: Wed, 31 May 2023 03:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

837ms
837ms

Document
text/html

2404:6800:4003:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:44 GMT
expires: Wed, 31 May 2023 03:02:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2883 37 KB
14 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: to.aoutoqw.xyz
URL: https://to.aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 02:48:04 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 20ms
19ms Image
image/gif 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.40685819310391813

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-s1k-sLSguOtXREVtNWvc3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-s1k-sLSguOtXREVtNWvc3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 20ms
20ms Image
image/gif 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.158893194207129

Requested by

Host: aoutoqw.xyz
URL: https://aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FWZHICWbK6u7cWvNp9hlCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-FWZHICWbK6u7cWvNp9hlCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
17ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SHjp8CjSKFNhr6DuQDcOKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-SHjp8CjSKFNhr6DuQDcOKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 13ms
12ms XHR
application/json 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230525&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81923a4777cc2890a66ec1dc2c924cdeec1dddc95a692861f8190c4142b53afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11018
x-xss-protection: 0

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3599 37 KB
14 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 02:48:04 GMT

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8433 37 KB
14 KB 7ms
7ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: to.aoutoqw.xyz
URL: https://to.aoutoqw.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 02:48:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 7ms
6ms Script
text/javascript 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 May 2023 03:02:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F0A 13 KB
5 KB 5ms
5ms Document
text/html 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 182679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 May 2023 00:18:05 GMT
expires: Tue, 28 May 2024 00:18:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8D32 783 B
534 B 16ms
16ms Document
text/html 2404:6800:4003:c02::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::93 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05548588e17764b8c41c5b629852f9ad7793ebc2a0599ad1e483e09ea0898bdd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hS1k-w0JgwNMe9KTsxM1SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aoutoqw.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hS1k-w0JgwNMe9KTsxM1SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 May 2023 03:02:44 GMT
expires: Wed, 31 May 2023 03:02:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F0A 37 KB
14 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WucCaKvgDQ9fmljOI_WvgP1fjZ6LWmR4VZAfUyHL0jo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 27 May 2023 02:48:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 346480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14660
x-xss-protection: 0
last-modified: Mon, 22 May 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 May 2024 02:48:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D32 0
0 50ms
49ms Image
text/html 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230525&jk=4441231896261296&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 646B 42 B
64 B 49ms
48ms Fetch
image/gif 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi3rvW-NjLjkG2le54UJnzIGxjbLS3ZKWiOY4XFjtDcufHuG5gJKzd-YzU78i5UtYH1CI11I71j6ao5PT5wPf2TsgS5PJpHhXEiZHEWW4T_dtIJTj5Ohfgjt-wAu7GJK4bQuJGgP22-fp9TOcVRMdAH3O7ukOdSldeaopXOyrbjOx8jV6s1S8bVNBGkOTONC5vewMouItVNmvXjiy-_Blhl_pzF7AUpRvsVi5XRUHlM2uz54Aa4F2rVkxHnsQvdrjbTG79yFoMnLxGWyYX2StddF1tsQ4d9gjQqKwPIOjvLDo57FqXtONoIeUo-ttyvdbBUaeehh907vpAKShtBed4fnn4l9C7h0uYAhcyn9Oky0i1NNdKP39A1ENlF-WmjfHFRd3uoWNdNOyMsyiXKFtOUlNkKRJQ6mY0hbNS-9qNZhTJOKqL8IIMuzDSYz2vHbNkbksXsLBEc37E0QZIwRnm1GKa2Sn8JbPyE1G04GNuhpJQERQI8rfuCFVEjHsaCDqy5kn_WVJR2GAHrhQiPouLZsDaaB7iIiRy8SLU6dEPOXVhjohzabdaLOzwfhs4h8u6Fmwtl65n7y0HlCjrqn7356QfGPLFVUTCJ4yQew9aTMbRg_qxuiYiOvrd-qdMRCL4kWHguj6BxY50dyo1sXPrJ-sA0Q610dC75xwhmmKIMa4j6RMmbHpg4sewhGNNND3AwBJlHvijrRyvET4qLS95ecGxizXquzhjEvMXSLG-3sYYVNySwHvXYww79gNcEduR4q4SKgS7JYqbQgP_PdW8i7_83Ba9Vogh8o-tiNglDzp1EuHDLhp4dLFxjaRLn3iUnT7rd778-1Z_aMFwDV8T1Q1wUBA389luQezqO4YB9r1-hnw6Ja2X0VCyjUz8IujDl-6zb5SdIYlZndqJmfrBfz0hDLuC&sai=AMfl-YS5aRf9FTJQ0Dx-POL3Ryy_YxfB0jLqRTIEVqvFkr_HbHh_JLd4lFnVehw9yMgMX9nL2WtHNb0d5FGrlTuj_5bQxgSqhJGGaw&sig=Cg0ArKJSzPK2UV6FTDtFEAE&cid=CAQSGwBygQiDNLLObkTOy8z0Y_bq_KCvB5GNF0JH2hgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=0,662,1000,1059,1059&tos=0,662,338,59,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685502163328&rpt=389&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 03:02:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F0A 0
10 B 4ms
4ms Image
text/plain 2404:6800:4003:c04::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Aul_NQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c04::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dartads. Show response
fundingchoicesmessages.google.com/f/AGSKWxUFR83QltD_FNlmOEZ0S7L1Jy5LBOkdzMmPjggX4PKNACkISa0lkxIWTgX9fUDcGdMmjBBNbWDEsMiPYa_LwQcWDuCW6iOxxJBUV7I0p7f_KhIbnDGmYgXD6vTM1ZEWx7-GdaGIGkFgOThmheCp6fHiqSmOO... 54 B
109 B 18ms
18ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUFR83QltD_FNlmOEZ0S7L1Jy5LBOkdzMmPjggX4PKNACkISa0lkxIWTgX9fUDcGdMmjBBNbWDEsMiPYa_LwQcWDuCW6iOxxJBUV7I0p7f_KhIbnDGmYgXD6vTM1ZEWx7-GdaGIGkFgOThmheCp6fHiqSmOOs4qt0Pg7RvQpaXUce0OVnAlEHVGqvCu/_-ad-24x24./adttext./adsvc2..468x60-/dartads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72d09a1440ef570ae2d34ba2b0ccb8bb890bcded2bc83f5b19b9d39d72747bd4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8MvrythlNsD3QKJ6G-pa2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8MvrythlNsD3QKJ6G-pa2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 5ms
5ms Script
text/javascript 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.fJX35WYDV2I.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxY9Ym35Pk_cZDaZFcQHHlrbnICag/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 31 May 2023 03:14:23 GMT

POST
H3 204 AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
15ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N_SP4pjxeZpTvuM6IlVmFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-N_SP4pjxeZpTvuM6IlVmFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 16ms
16ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W8wtmqZjmizMq2jkbNKqUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-W8wtmqZjmizMq2jkbNKqUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 15ms
15ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dYcsECVf45fWI85OHbZD1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dYcsECVf45fWI85OHbZD1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 19ms
19ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVY0Smbea7QWN0jDkIL9QYrz0d1w3hDM_v106FonduZFvCbv0YixEx6hu4dcXkn-XmZgzAGxcilYRTsHaLnVsOcIiTh4THOqnh4hLk5ECg2FtQ0lwedlo-_svDwMGC13F9CTL-SZQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1yS1W4pVtuwKL-iqsyy9rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1yS1W4pVtuwKL-iqsyy9rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW89OlkVAxrpyl_MlvnFd3NUmGOc8EUPc4nc4qYSyZFb8QJkQXpz1hIYH6lneZrfaME5ZlO7AiV2EQ0bkbRlYYkWo8nstAfDHjbicM3XJaWP5per-8NVq4PfS6xklf9oAFZNMX0tg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 28ms
28ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW89OlkVAxrpyl_MlvnFd3NUmGOc8EUPc4nc4qYSyZFb8QJkQXpz1hIYH6lneZrfaME5ZlO7AiV2EQ0bkbRlYYkWo8nstAfDHjbicM3XJaWP5per-8NVq4PfS6xklf9oAFZNMX0tg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NTAyMTY1LDE2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3672f0e4ef723db2f1dd84665cfe114d04d074a043a677e2231b94b6366eb9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HBSL34MEaayzmXXOXPhzoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-HBSL34MEaayzmXXOXPhzoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUxN0z5VyMb0yI_yT6CgvTE5OwJBR9L4wiRl_xntZwNFhonVv6JwFl2QKzEEvjqeU15c5N5XLekDPwfq4mDQJg= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 14ms
14ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxN0z5VyMb0yI_yT6CgvTE5OwJBR9L4wiRl_xntZwNFhonVv6JwFl2QKzEEvjqeU15c5N5XLekDPwfq4mDQJg=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qQEDD8SkB5L1LXlfBoaKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-qQEDD8SkB5L1LXlfBoaKpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXnh_CH6Iw-22vBELoHjKv0lH-dAXRjqV6FrL1P337NH7u06pe4OcFsbFYNhP_VthKnijb0T2qdlz0cB_MFIPowIaWQ9WxL6-fHOUrO0QM8XpSZS2MLXE7phXWGiNx-HZG3pBQA3g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 32ms
32ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXnh_CH6Iw-22vBELoHjKv0lH-dAXRjqV6FrL1P337NH7u06pe4OcFsbFYNhP_VthKnijb0T2qdlz0cB_MFIPowIaWQ9WxL6-fHOUrO0QM8XpSZS2MLXE7phXWGiNx-HZG3pBQA3g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NTAyMTY1LDE5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYW91dG9xdy54eXovIixudWxsLFtbOCwiZkpYMzVXWURWMkkiXSxbOSwiemgtQ04iXSxbMTgsIltbWzFdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01354d88fa9ed140bde5c6ec55e8482158073b2a1df1e501f500f6915fa564ea

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hl4bATieMkYKVW43yA8ibA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hl4bATieMkYKVW43yA8ibA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXv9s8c8oBz95JaJT9DO1Tg4RqNoo_X8zmQT9y5g_q_BAe1-Zo203vUCeYkST_b_Bg7ciRFYUexWB5RZoNeRZOuB-0cIsVZk05Bht35O_eZdJ2x8RQOVS50SmX3-KlPcxXkAtHbrQ== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 31ms
31ms Script
application/javascript 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXv9s8c8oBz95JaJT9DO1Tg4RqNoo_X8zmQT9y5g_q_BAe1-Zo203vUCeYkST_b_Bg7ciRFYUexWB5RZoNeRZOuB-0cIsVZk05Bht35O_eZdJ2x8RQOVS50SmX3-KlPcxXkAtHbrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg1NTAyMTY1LDIzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hb3V0b3F3Lnh5ei8iLG51bGwsW1s4LCJmSlgzNVdZRFYySSJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMV1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9e8429295ffa5524566fab17da092068d7989ee76f0a57ad1b91e94c09e88a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i65XujX5tm7AlO_0SnkbyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-i65XujX5tm7AlO_0SnkbyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWlxsfDKJusPemb81DfhyCjtE5MZBxcF0XkrG6ZIehZpBiQu8FBF6G6dK5nBlrxX_kn9uLoQvpVNEnxlu3HZj1muOFMIp3_XtRaiP37rOwGcKx9pGmw8CHpX_4_qa0Z30azFS65Nw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 12ms
12ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWlxsfDKJusPemb81DfhyCjtE5MZBxcF0XkrG6ZIehZpBiQu8FBF6G6dK5nBlrxX_kn9uLoQvpVNEnxlu3HZj1muOFMIp3_XtRaiP37rOwGcKx9pGmw8CHpX_4_qa0Z30azFS65Nw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PCqyp0HKNuRbZQVlemT40g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-PCqyp0HKNuRbZQVlemT40g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aoutoqw.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUxN0z5VyMb0yI_yT6CgvTE5OwJBR9L4wiRl_xntZwNFhonVv6JwFl2QKzEEvjqeU15c5N5XLekDPwfq4mDQJg= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
16ms XHR
text/html 2404:6800:4003:c00::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxN0z5VyMb0yI_yT6CgvTE5OwJBR9L4wiRl_xntZwNFhonVv6JwFl2QKzEEvjqeU15c5N5XLekDPwfq4mDQJg=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P6Jc5-WyDsi-CnSGfEVYJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://aoutoqw.xyz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 May 2023 03:02:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P6Jc5-WyDsi-CnSGfEVYJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aoutoqw.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230525&jk=4441231896261296&bg=!QEOlQxfNAAZu7ficTu07ADkAdvg8WpSqhNMmtZz5pK9oFqQLP7kTKo-A76qpsA6uXVtvL9jNYcEVZT0XtZHNBE3dOLSm1D4vabYCAAAAVVIAAAADaAEHmQKSzyadKjMaHj2LCiGjTZWB52Rh1ydiIULQIyf3GXjRJZGelMx3lOUsLHBAv0RHBj2UyEBwY25EaErIs2JHgelA1t4ieTYrDQAo6hIT9w9IUX1r7MhU1crsZparZlB9xtr_01RauOuy4nNK4-OxyFKBCDbnvmVqi5Eh9GBKIgxIedtewNl7q-Woth4yKnesoxKKZH1-8VcUcbPjCLcYMMLjo_MwCbjHCYViCwFNPLCvG_gLmVTTCkIaE6wNVzI7v3eLck067xCe2XvgDFE19mi40lveN9f89E9vK-LIIJY1P1ZK3WNVCQkfDUya2fAGPiRBMAycRr2ld4e-It5X8HhQlS5rEq0sUKQbwfMkPAjlwX6QIiI7hQcUGf1JkgUQou0oal7dNaNEFXuz8Nk4Q2FqxSkK3CyvhKk8uacuKSCkR0Z3S9PC-dYk0ohg7uJSfAaCYzwUXEi_Np2wyOyc1C17CGWkat2iElrgHvG9iWXnjpmD5lAZ-NDwRFqnIpC7hp4nGf8vTbE5VsvRHx7Rvw6e2SAJdXt5tnrNmmTrKPNXD6qNeggwBO2X-lPSxAerEK8cXLdbbvoAdzWKLIbyy4Wfl1PDhX7adgEwlMZTMJiZbZiKbbDpUclW5v5ZsMLALKjA11kOygFumCAjjohiYaWLUp9Sg605PM9eb17j8QtSnVNHNmBooIr0hD3Hcq-hlYJ_owXUSQ1PODLZfOqCUK8EUHCOVauNWjhyDE4IXxbhMw_2ZglesCkt5-lW-fgtCN0tocw3_r9Bzz34bprK0tHsfAHmj9SZ8DnHhTu-0fl8SJeiXL3FqwyUlsocHyM0MRVwALmt4RNsVP4O4TvmApg4z_qm63LyAVTvqH8q934sIiNjFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://aoutoqw.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0359 42 B
64 B 52ms
51ms Fetch
image/gif 2404:6800:4003:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQCaRznVKQeiQR1htA1WOKD_NHAkmyBwMPFYxmUTulzCQ41wvNtQInUra0kh-7_eSqs9gV3eql5wUUEwh3nf0lWjDkgvlUlRGijn7w5fDjhObddgXGrnjE9oNLIfakM5CP2rY&sai=AMfl-YT-Q1wuW_4IStl1yL1P1WKUNYpMvEI6zkMgK20PivoPIfaA6SuV47ovwQNuMk8uURx9J4nPHTc5oSMI&sig=Cg0ArKJSzH3SpDhxQdR_EAE&cid=CAQSGwBygQiD7-fS9VIhrjeOCWr4kGoFAXmh2akrZxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230524&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3088186576&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1685502162353&rpt=2249&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::9b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 May 2023 03:02:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstCfa3492672 Value: 1685502162025
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstCla3492672 Value: 1685502162025
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstCmu3492672 Value: 1685502162025
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstPn3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstPt3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstCnv3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:18	Name: HstCns3492672 Value: 1
aoutoqw.xyz/	1970-01-20 20:57:18	Name: c_ref_3492672 Value: https%3A%2F%2Fto.aoutoqw.xyz%2F
.aoutoqw.xyz/	1970-01-20 21:33:18	Name: __gads Value: ID=393a87afb08de8d5-2204d2638fe10073:T=1685502162:RT=1685502162:S=ALNI_MYk9nu5drYRs4YqcCnf2XgQL2YKVQ
.aoutoqw.xyz/	1970-01-20 21:33:18	Name: __gpi Value: UID=00000c0d4bf7e2e3:T=1685502162:RT=1685502162:S=ALNI_Maas8OEocI3RT9yfCNMlg2OhsDJ4A
.doubleclick.net/	1970-01-20 21:47:42	Name: IDE Value: AHWqTUkT4nLFYVOC5FdHURUVxFq0Gi3EXA4KuH53Fw87-l1uSVISRhT1M4D8uERP0IA
.doubleclick.net/	1970-01-20 12:11:43	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 12:11:45	Name: DSID Value: NO_DATA
.aoutoqw.xyz/	1970-01-20 20:57:18	Name: FCNEC Value: %5B%5B%22AKsRol8KAyw38eom67yuF-k163x4lllrNk4mfi-lqdhw9Vi7BYYfNjNEHBO3i8Of6z5O_1a7HLMx2XiYr3CsxlreMEazeTWOa4iQ4Ti2-uhK1qMD42zYj5QygF8xUGbannjsf5Z6ow9k3ilaM6dlzKGVwYvvyVdjYA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Faoutoqw.xyz%2F&j=https%3A%2F%2Fto.aoutoqw.xyz%2F Message: Failed to load resource: the server responded with a status of 500 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230525/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8367258519230759&fa=1&ifi=10&uci=a!a&btvi=7&xpc=f7tN9GIvv3&p=https%3A//aoutoqw.xyz Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.sg
aoutoqw.xyz
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s10.histats.com
s4.histats.com
sovrn.com
to.aoutoqw.xyz
tpc.googlesyndication.com
www.aoutoqw.xyz
www.google.com
www.googletagservices.com
www.gstatic.com
www.sovrn.com
128.199.64.249
141.193.213.10
149.56.240.131
165.22.98.83
2404:6800:4003:c00::5f
2404:6800:4003:c00::8b
2404:6800:4003:c02::93
2404:6800:4003:c02::9b
2404:6800:4003:c03::9b
2404:6800:4003:c04::5e
2404:6800:4003:c04::84
2404:6800:4003:c04::9b
2404:6800:4003:c05::5e
2404:6800:4003:c11::9b
2606:4700:10::ac43:d8c
2606:4700:21::8d65:780a
00f2acadff16c4093222e289271ae495967d00292465555552204c8c8d585d42
01354d88fa9ed140bde5c6ec55e8482158073b2a1df1e501f500f6915fa564ea
050519d788fb03adda7a974b3c9aed95057b6f6fd112fd51612101e54920f18e
05548588e17764b8c41c5b629852f9ad7793ebc2a0599ad1e483e09ea0898bdd
1263fbb776fcfc5cc95f29706f6ffea118842170264affb1aaa4ec7f19d6f5b6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
2c3e04a3f536b4a6300aeee8ee1dbbfddaacaf29d9f44dadff76b136fab44e38
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3195a4101fcf03bde59de0d68edd297c08153eb6ef7a39f4019d577779e3ecba
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
410f4228aa677eb20622c6f1e0f67966fcecca198ad07bb096f0265b2689ded7
43b5270ea1a49ed5f73fbb8168b6e80ce036868a3f40419ac7c1aeb52d5182be
440267acc23dbf11d1f4aafa2b05af63818b829400743bea39fc836b8b7bbf25
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4a4741b90b5bc2a4083d76e9c7aec00e591b5b7bb6397eea1607ee491b0c402e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4feb4b2eef44d2ac8f199ba176773aca1311824886d8bb43c7ef20b901e9baff
53a72b61cc88af157b413abfd7751bfd9786b2ff915873d91068d0cfb1bd11f3
5516c7877f622ecb36069e1cd1a5c675796864b07a3d09d59402dc8e3b8f2e03
551debe8c4f0db7b25699af72a204caf099af55413f90eb34b5f546330d6187c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f09c5acfffb0900738522c0a8b3bee9777fc2d907b9df266906a1077df7fa3
5ae70268abe00d0f5f9a58ce23f5af80fd5f8d9e8b5a647855901f5321cbd23a
5afa6c4c7a1250f1f6598fa68b4cfed77d0875b0c2d66ecfd5bd4dac3a75808e
5c1b262223e139980ed78ec64d386e924f6033d8871fdba0a93f10e79ee3c244
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6ca2642ac9f2c0e3b43e177c7d26fa2f14370d866ffed9681c2a703a4de728c2
72d09a1440ef570ae2d34ba2b0ccb8bb890bcded2bc83f5b19b9d39d72747bd4
79b7ea99abb66869005319b8443ee41c65ae93a3ecdfebdc6cee9df87d87b8dc
7d80d712851ce97d206e8a2a6ea67ba384206e5426c196733e13b4982522c712
80045f756b5847eaad803d8e450b12111dc75199b34e0ecc466782914bd8bc9e
81923a4777cc2890a66ec1dc2c924cdeec1dddc95a692861f8190c4142b53afb
8201dce0d4887b9a8127227d1fc7057861190c2783ddedebaab2b51995bb9735
873041e459a5fe26b40908b7750f4d035e53b43cda18bc9d6501be26dd67acaf
88494fea1985db1d61143f315a980782abef6bb394222593998285d027d836ae
88a51fe784c58c712a93f3f4e123e163e901042438df74cf793bdcf28eb090d4
8b53bbcf5bade5c6d3715a1df364ce5df527a85a7d2e0a6e2529e93d6cfe98de
8d47e9b04cf995a35fac50d2d39cd0006ef7e7f07f9373cad2fe5a207745f1b7
8dcfba4a28225c8746c26ef28776e25c1268ed730f9a187cb95bf198e4ed3a68
8fc047db1be8c33d8105711394f78c78580fccd69c77d57a276a4fa6f29ec589
9308b705d2d0ac6c12ed564db32be5b6db776e14ceefd8c7f16c947e65db6b0b
974956f1b7b82cecd8ae88a0b685f0d5dfe5c8534c2784e59abeea719eadbbc4
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9ad74f212e4b5832d102b18fee306b44999202a962e62af0065b45d52164ab19
a3672f0e4ef723db2f1dd84665cfe114d04d074a043a677e2231b94b6366eb9a
a4549c734916f4ef3a0d6a0bac9423f9dc5a945f1e800d206dcab8ea61c2528b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7705dec66f49a523f90ddfdcb46db34f4694f1fd583321e022ec6909d503e61
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bced9f7acd03baf8e91d56ef78984eb72db91c1b26e625c0e2e2ee47da8ff144
bf3001363507fafcd1b4530517f1fcc151991f7030d6858c1f30aa596d4f12af
c0f3a861564f8ffb5674fd1c8c067a747ca7216745f88d1bbcd5675d38940610
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c607dacc9c511a8fdf7dcccc638d05ad53bc402a7ced6a9509e5d7f61d1c42ff
c9e8429295ffa5524566fab17da092068d7989ee76f0a57ad1b91e94c09e88a6
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cdb8889029e112e6178e400c7b7b4b900ca01e12f08089e994a055236b4b74d6
d42e2b0fdb945504b8da66763e41d57d6245ab8218c6df329b56a841ffbcd7ee
dab0c2c977f4a14a284a91d0ffad16f1c29629df3b4c8a059223646d4e5d73d5
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8080d83ceaecd6c5ee51878be7b2fd3907ba8f7996cd73e06502c2ff245118b
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ebe8008ecf8f1eea59720f3b6c667171a7a98062e81de484a67d9bf3f14cbf80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f224adc69116837fb431e35c8f14a1982836c0ea283ed448ac17474ff3dc34d5
ff4f3571778efcd6f1028d0261211eedfa39e0b513c350f1f80d5d4c28e8b2e9

aoutoqw.xyz Open in urlscan Pro 165.22.98.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

99 %HTTPS

75 %IPv6

12 Domains

20 Subdomains

17 IPs

3 Countries

1646 kBTransfer

4592 kBSize

14 Cookies

20 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aoutoqw.xyz Open in urlscan Pro
165.22.98.83 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

99 %
HTTPS

75 %
IPv6

12
Domains

20
Subdomains

17
IPs

3
Countries

1646 kB
Transfer

4592 kB
Size

14
Cookies

134 HTTP transactions
2 data transactions