klook.pupupdate.com Open in urlscan Pro
104.18.8.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://klook.pupupdate.com/
Effective URL:
https://klook.pupupdate.com/
Submission: On October 10 via api (October 10th 2025, 7:18:38 am UTC) from US — Scanned from CA

Summary HTTP 173 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 33 domains to perform 173 HTTP transactions. The main IP is 104.18.8.197, located in Ascension Island and belongs to CLOUDFLARENET, US. The main domain is klook.pupupdate.com.
TLS certificate: Issued by WE1 on October 9th 2025. Valid for: 3 months.

This is the only time klook.pupupdate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	104.18.8.197 104.18.8.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
23	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
13	142.250.80.110 142.250.80.110	15169 (GOOGLE) (GOOGLE)
29	104.18.13.135 104.18.13.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.65.168 142.250.65.168	15169 (GOOGLE) (GOOGLE)
5	23.44.111.32 23.44.111.32	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
6	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	216.239.36.178 216.239.36.178	15169 (GOOGLE) (GOOGLE)
4	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
3	142.250.65.227 142.250.65.227	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
5 23	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.207.82.34 52.207.82.34	14618 (AMAZON-AES) (AMAZON-AES)
1 1	74.214.194.131 74.214.194.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	216.200.232.253 216.200.232.253	30419 (PAEDAE-INC) (PAEDAE-INC)
1 1	107.167.123.122 107.167.123.122	21837 (OPERASOFT...) (OPERASOFTWARE)
3 7	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	159.127.42.76 159.127.42.76	26762 (CNVR-US-EAST) (CNVR-US-EAST)
6 6	50.31.142.159 50.31.142.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	50.31.142.31 50.31.142.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	23.83.76.39 23.83.76.39	395954 (LEASEWEB-...) (LEASEWEB-USA-LAX)
1 2	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2 2	20.33.69.37 20.33.69.37	8069 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
173	15

22 104.18.8.197 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

klook.pupupdate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.80.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.18.13.135 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)

asserts.blazedragon.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.168 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.44.111.32 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-44-111-32.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.81.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.65.227 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.251.35.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.82.34 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-82-34.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.253 (United States) 2 redirects

ASN30419 (PAEDAE-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.167.123.122 (United States) 1 redirects

ASN21837 (OPERASOFTWARE, US)
PTR: vip1.feednews.opera.technology

t.rtbscale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.27.193 (Ascension Island) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.127.42.76 (United States) 2 redirects

ASN26762 (CNVR-US-EAST, US)
PTR: iad02-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.31.142.159 (Mount Prospect, United States) 6 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.31.142.31 (Mount Prospect, United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.83.76.39 (Los Angeles, United States) 1 redirects

ASN395954 (LEASEWEB-USA-LAX, US)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.33.69.37 (Washington, United States) 2 redirects

ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 268 googleads.g.doubleclick.net — Cisco Umbrella Rank: 60 cm.g.doubleclick.net — Cisco Umbrella Rank: 312	474 KB
29	blazedragon.top asserts.blazedragon.top	2 MB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com tpc.googlesyndication.com Failed	396 KB
22	pupupdate.com klook.pupupdate.com	203 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 781 www.google.com Failed	141 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 703	5 KB
6	zemanta.com 6 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 787	4 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 747	142 KB
3	outbrain.com 3 redirects b1sync.outbrain.com — Cisco Umbrella Rank: 848	2 KB
3	gstatic.com www.gstatic.com	17 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	256 KB
2	temu.com 2 redirects www.temu.com — Cisco Umbrella Rank: 729	1021 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	961 B
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3661	813 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1212	2 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2647	829 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 4721	925 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 435	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 784	505 B
1	rtbscale.com 1 redirects t.rtbscale.com — Cisco Umbrella Rank: 7458	951 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 768	1 KB
0	adtrafficquality.google Failed ep1.adtrafficquality.google Failed
0	linkedin.com Failed px.ads.linkedin.com Failed
0	adkernel.com Failed dsp.adkernel.com Failed
0	loopme.me Failed csync.loopme.me Failed
0	pubmatic.com Failed image6.pubmatic.com Failed
0	2mdn.net Failed s0.2mdn.net Failed
0	adform.net Failed a2.adform.net Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	creativecdn.com Failed creativecdn.com Failed
0	googleapis.com Failed fonts.googleapis.com Failed
0	tiktokw.us Failed analytics-ipv6.tiktokw.us Failed
173	33

	Domain	Requested by
29	asserts.blazedragon.top	klook.pupupdate.com
23	cm.g.doubleclick.net	5 redirects c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
23	pagead2.googlesyndication.com	klook.pupupdate.com pagead2.googlesyndication.com securepubads.g.doubleclick.net c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com googleads.g.doubleclick.net
22	klook.pupupdate.com	klook.pupupdate.com
13	fundingchoicesmessages.google.com	klook.pupupdate.com pagead2.googlesyndication.com
8	securepubads.g.doubleclick.net	klook.pupupdate.com securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	b1sync.zemanta.com	6 redirects
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
5	analytics.tiktok.com	klook.pupupdate.com analytics.tiktok.com
4	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	b1sync.outbrain.com	3 redirects
3	www.gstatic.com	klook.pupupdate.com c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
3	www.googletagmanager.com	klook.pupupdate.com www.googletagmanager.com
2	www.temu.com	2 redirects
2	sync.teads.tv	1 redirects c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	2 redirects
2	sync.mathtag.com	2 redirects
2	match.360yield.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	match.adsrvr.org	2 redirects
2	www.google-analytics.com	www.googletagmanager.com
1	ssbsync.smartadserver.com	1 redirects
1	t.rtbscale.com	1 redirects
1	bh.contextweb.com	1 redirects
0	ep1.adtrafficquality.google Failed	pagead2.googlesyndication.com
0	px.ads.linkedin.com Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	dsp.adkernel.com Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	csync.loopme.me Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	image6.pubmatic.com Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	s0.2mdn.net Failed	klook.pupupdate.com
0	a2.adform.net Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	ib.adnxs.com Failed	googleads.g.doubleclick.net
0	creativecdn.com Failed	c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	www.google.com Failed	klook.pupupdate.com c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	tpc.googlesyndication.com Failed	klook.pupupdate.com c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
0	fonts.googleapis.com Failed	klook.pupupdate.com
0	analytics-ipv6.tiktokw.us Failed	analytics.tiktok.com
173	38

This site contains links to these domains. Also see Links.

Domain
support.google.com
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
1de1d5bd.sni.cloudflaressl.com WE1	`2025-10-09` - `2026-01-07`	3 months	crt.sh
*.g.doubleclick.net WR2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.google.com WR2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
asserts.blazedragon.top WE1	`2025-08-20` - `2025-11-18`	3 months	crt.sh
*.google-analytics.com WR2	`2025-09-15` - `2025-12-08`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2025-06-16` - `2026-06-15`	a year	crt.sh
*.gstatic.com WR2	`2025-09-15` - `2025-12-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://klook.pupupdate.com/
Frame ID: C38AD1E89FBD492B0AB973AF7DCE91F8
Requests: 87 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: FDA43CE23DA71C7721FC82EB23060CCD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251009/r20190131/zrt_lookup_fy2021.html
Frame ID: C12CE2A74D318145ACA2C916C8CCF566
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9011060347898773&output=html&adk=1812271804&adf=3025194257&lmt=1758095364&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fklook.pupupdate.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1760080720692&bpp=28&bdt=371&idt=387&shv=r20251009&mjsv=m202510060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3114509381513&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95373555%2C31095045%2C31095080%2C31095082%2C31095084%2C31095106%2C31095148%2C31095153%2C95345037%2C95373013%2C95374047%2C42533294%2C95344789&oid=2&pvsid=3353611330818587&tmod=558984860&uas=0&nvt=1&fsapi=1&fc=1920&brdim=560%2C560%2C560%2C560%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=439
Frame ID: EFDD7D600E4BCD0B56C3699FC6C59B6E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PT6PX44B
Frame ID: F0F30EC09977DC71A95E388471436CA1
Requests: 1 HTTP requests in this frame

Frame: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3117F2F407510E0E73402E5145D6EE8A
Requests: 1 HTTP requests in this frame

Frame: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 79BDC0E8F1195F5C4CF574B57F74585E
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 7F3259CA6A7E02B2E1F9727CB51E7160
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD32A6DD91160EC7D75D251022FC6827
Requests: 9 HTTP requests in this frame

Frame: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 6AE71E950B88C899331E86C1B8878C0D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMvUFxiw6PbEAjAB&v=APEucNWltOd8IyfcJANqQX7sfb5HZPZCE5GMsyEF89Vepq16MzaQpbzK77sao71GkUQat4IWlfdtNe6WwF-pkMg6BogSVquv3lklkl9fIZjh6sQiHzdYs9U
Frame ID: F5A9785D4B0EE9CDAEDDC07830010385
Requests: 5 HTTP requests in this frame

Frame: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: BAE05B7E89498E40D263CD987C26FD46
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJix78MCEIaqqM4CGM7z08ECMAE&v=APEucNXB8dPbc6dgZ2l6shTOze-L7eQDW3MvBgVcddEBqRZOqbioy-GoVFxz8Uk1m0l985gbwOhnlzfYXgzr398kObnoGNZMZxHVBhvWSquwd7k4eTopCb4
Frame ID: F240270A0452628F10802C9C5B7F77D4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2DEF0B38DD61C05ABDE9E8F6B7FA33A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8764B22C33C598DE661BAA77BDC2ED1E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

pupupdate-ตัวช่วยค้นหาคูปองง่าย ๆ - ประหยัดกับแบรนด์ชั้นนำ

Page URL History Show full URLs

http://klook.pupupdate.com/ HTTP 307
https://klook.pupupdate.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

173
Requests

70 %
HTTPS

0 %
IPv6

33
Domains

38
Subdomains

15
IPs

2
Countries

3756 kB
Transfer

7933 kB
Size

35
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/adsense/troubleshooter/1631343
Title: ดูการตั้งค่าโฆษณา Google ของฉัน

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CKT9qUrPoaIabB52Y6toP5In6uAjLr6qUggGG98er6xS2wr7ehQIQASD5nPSlAWD96KKB8AOgAaS155dByAEJqQJMKjXvAfCnPuACAKgDAcgDywSqBNQCT9BTRwUDtyM8z_rRv852vww261CYzU7IvrTRDnPSgjDzTO8gMfP18kbp2Wa6AAPnopePKAkr7HD5HefGPW_1p9wk-6NMAfHhj97a7voaYxaCMKazNVMTVuUFWC-j3siz2r33Bdll0WVOk6BAEhyUgNKS-WD0sOMhFCbA0htElLxmPDdsLGkzftifpzYrA3y0dN5_ogDeTLvnXIMNBcOJkfPgNUwgRaMrvXHX9Dv3ekIKNKojRKwDzi7B9ZnI3b9fyvpBTa7Dxp74pnffUU9V9vKNjhXYfAlhU12qiX1w0Bg9mpjy1UJINQFxNhSy4dRy79uJ-BkmFKEDsnGixeLb6sIcFi9P58A8ciM2SLy2GEUKhGFuI1ifCuLjT01PZSmTiqTNiqmGedEVtLO2RQQDPLXPU3UepCrePyDN5nPttYCdOQkZC-AlOGTIBFN6oExlk5aVzcAEsKLkkcoF4AQBiAWXqo22VaAGLtgGAoAHpO239xuoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwCgCNurpQSwCALSCCkIgGEQARidATICigI6DYBAgMCAgICAqIACqANIvf3BOljr5t3Ri5mQA7EJfXJS7TKmflqACgOYCwHICwGADAHaDBAKChDQ0rn4lI_hhwkSAgEDqg0CQ0HIDQHiDRMIiZ3e0YuZkAMVHYxaBR3khB6H6g0TCJLZ3tGLmZADFR2MWgUd5IQeh_ANAogO____________AbgT5APYEwqCFBUaE2tsb29rLnB1cHVwZGF0ZS5jb23QFQHKFgIKAPgWAYAXAbIXDhgBKgo5MzkwMTM1NDM5uhcCOAGqGBcJAAAAALn6SUESCjkzOTAxMzU0MzkYAbIYCRICn1EYLiIBANAYAcIZAggB&ae=1&ase=2&gclid=EAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE&num=1&cid=CAQSnwEAwksa0c6O_Bu48zS19o_yOtcGEAFwc1wio3A2jPNT7RA5raJe3_IU6yHrDinh8ePUYZCk-YdMzJ7qd65O8GIfj06a-qY8lChVNjkMJwvHfRfHiAiaP2NMdLi0l7Z4mA9pDoYThOouohsECOEnzJHLfUKrM3z6aO0bQ0BnUWQ20wAVPa_4fEHF0LJcGRcdd7SieEGkngw-1osBZ1U5IJIYAQ&sig=AOD64_1uOiu6opnbuHfRqYao3Yi2pKuh6Q&client=ca-pub-2574118301686814&rf=1&nb=9&adurl=https://www.symbioz.app/accueil%3Fgad_source%3D5%26gad_campaignid%3D22930478359%26gclid%3DEAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CKT9qUrPoaIabB52Y6toP5In6uAjLr6qUggGG98er6xS2wr7ehQIQASD5nPSlAWD96KKB8AOgAaS155dByAEJqQJMKjXvAfCnPuACAKgDAcgDywSqBNQCT9BTRwUDtyM8z_rRv852vww261CYzU7IvrTRDnPSgjDzTO8gMfP18kbp2Wa6AAPnopePKAkr7HD5HefGPW_1p9wk-6NMAfHhj97a7voaYxaCMKazNVMTVuUFWC-j3siz2r33Bdll0WVOk6BAEhyUgNKS-WD0sOMhFCbA0htElLxmPDdsLGkzftifpzYrA3y0dN5_ogDeTLvnXIMNBcOJkfPgNUwgRaMrvXHX9Dv3ekIKNKojRKwDzi7B9ZnI3b9fyvpBTa7Dxp74pnffUU9V9vKNjhXYfAlhU12qiX1w0Bg9mpjy1UJINQFxNhSy4dRy79uJ-BkmFKEDsnGixeLb6sIcFi9P58A8ciM2SLy2GEUKhGFuI1ifCuLjT01PZSmTiqTNiqmGedEVtLO2RQQDPLXPU3UepCrePyDN5nPttYCdOQkZC-AlOGTIBFN6oExlk5aVzcAEsKLkkcoF4AQBiAWXqo22VaAGLtgGAoAHpO239xuoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwCgCNurpQSwCALSCCkIgGEQARidATICigI6DYBAgMCAgICAqIACqANIvf3BOljr5t3Ri5mQA7EJfXJS7TKmflqACgOYCwHICwGADAHaDBAKChDQ0rn4lI_hhwkSAgEDqg0CQ0HIDQHiDRMIiZ3e0YuZkAMVHYxaBR3khB6H6g0TCJLZ3tGLmZADFR2MWgUd5IQeh_ANAogO____________AbgT5APYEwqCFBUaE2tsb29rLnB1cHVwZGF0ZS5jb23QFQHKFgIKAPgWAYAXAbIXDhgBKgo5MzkwMTM1NDM5uhcCOAGqGBcJAAAAALn6SUESCjkzOTAxMzU0MzkYAbIYCRICn1EYLiIBANAYAcIZAggB&ae=1&ase=2&gclid=EAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE&num=1&cid=CAQSnwEAwksa0c6O_Bu48zS19o_yOtcGEAFwc1wio3A2jPNT7RA5raJe3_IU6yHrDinh8ePUYZCk-YdMzJ7qd65O8GIfj06a-qY8lChVNjkMJwvHfRfHiAiaP2NMdLi0l7Z4mA9pDoYThOouohsECOEnzJHLfUKrM3z6aO0bQ0BnUWQ20wAVPa_4fEHF0LJcGRcdd7SieEGkngw-1osBZ1U5IJIYAQ&sig=AOD64_1uOiu6opnbuHfRqYao3Yi2pKuh6Q&client=ca-pub-2574118301686814&rf=1&nb=0&adurl=https://www.symbioz.app/accueil%3Fgad_source%3D5%26gad_campaignid%3D22930478359%26gclid%3DEAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE
Title: Service simple et rapide

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CKT9qUrPoaIabB52Y6toP5In6uAjLr6qUggGG98er6xS2wr7ehQIQASD5nPSlAWD96KKB8AOgAaS155dByAEJqQJMKjXvAfCnPuACAKgDAcgDywSqBNQCT9BTRwUDtyM8z_rRv852vww261CYzU7IvrTRDnPSgjDzTO8gMfP18kbp2Wa6AAPnopePKAkr7HD5HefGPW_1p9wk-6NMAfHhj97a7voaYxaCMKazNVMTVuUFWC-j3siz2r33Bdll0WVOk6BAEhyUgNKS-WD0sOMhFCbA0htElLxmPDdsLGkzftifpzYrA3y0dN5_ogDeTLvnXIMNBcOJkfPgNUwgRaMrvXHX9Dv3ekIKNKojRKwDzi7B9ZnI3b9fyvpBTa7Dxp74pnffUU9V9vKNjhXYfAlhU12qiX1w0Bg9mpjy1UJINQFxNhSy4dRy79uJ-BkmFKEDsnGixeLb6sIcFi9P58A8ciM2SLy2GEUKhGFuI1ifCuLjT01PZSmTiqTNiqmGedEVtLO2RQQDPLXPU3UepCrePyDN5nPttYCdOQkZC-AlOGTIBFN6oExlk5aVzcAEsKLkkcoF4AQBiAWXqo22VaAGLtgGAoAHpO239xuoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwCgCNurpQSwCALSCCkIgGEQARidATICigI6DYBAgMCAgICAqIACqANIvf3BOljr5t3Ri5mQA7EJfXJS7TKmflqACgOYCwHICwGADAHaDBAKChDQ0rn4lI_hhwkSAgEDqg0CQ0HIDQHiDRMIiZ3e0YuZkAMVHYxaBR3khB6H6g0TCJLZ3tGLmZADFR2MWgUd5IQeh_ANAogO____________AbgT5APYEwqCFBUaE2tsb29rLnB1cHVwZGF0ZS5jb23QFQHKFgIKAPgWAYAXAbIXDhgBKgo5MzkwMTM1NDM5uhcCOAGqGBcJAAAAALn6SUESCjkzOTAxMzU0MzkYAbIYCRICn1EYLiIBANAYAcIZAggB&ae=1&ase=2&gclid=EAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE&num=1&cid=CAQSnwEAwksa0c6O_Bu48zS19o_yOtcGEAFwc1wio3A2jPNT7RA5raJe3_IU6yHrDinh8ePUYZCk-YdMzJ7qd65O8GIfj06a-qY8lChVNjkMJwvHfRfHiAiaP2NMdLi0l7Z4mA9pDoYThOouohsECOEnzJHLfUKrM3z6aO0bQ0BnUWQ20wAVPa_4fEHF0LJcGRcdd7SieEGkngw-1osBZ1U5IJIYAQ&sig=AOD64_1uOiu6opnbuHfRqYao3Yi2pKuh6Q&client=ca-pub-2574118301686814&rf=1&nb=19&adurl=https://www.symbioz.app/accueil%3Fgad_source%3D5%26gad_campaignid%3D22930478359%26gclid%3DEAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CKT9qUrPoaIabB52Y6toP5In6uAjLr6qUggGG98er6xS2wr7ehQIQASD5nPSlAWD96KKB8AOgAaS155dByAEJqQJMKjXvAfCnPuACAKgDAcgDywSqBNQCT9BTRwUDtyM8z_rRv852vww261CYzU7IvrTRDnPSgjDzTO8gMfP18kbp2Wa6AAPnopePKAkr7HD5HefGPW_1p9wk-6NMAfHhj97a7voaYxaCMKazNVMTVuUFWC-j3siz2r33Bdll0WVOk6BAEhyUgNKS-WD0sOMhFCbA0htElLxmPDdsLGkzftifpzYrA3y0dN5_ogDeTLvnXIMNBcOJkfPgNUwgRaMrvXHX9Dv3ekIKNKojRKwDzi7B9ZnI3b9fyvpBTa7Dxp74pnffUU9V9vKNjhXYfAlhU12qiX1w0Bg9mpjy1UJINQFxNhSy4dRy79uJ-BkmFKEDsnGixeLb6sIcFi9P58A8ciM2SLy2GEUKhGFuI1ifCuLjT01PZSmTiqTNiqmGedEVtLO2RQQDPLXPU3UepCrePyDN5nPttYCdOQkZC-AlOGTIBFN6oExlk5aVzcAEsKLkkcoF4AQBiAWXqo22VaAGLtgGAoAHpO239xuoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwCgCNurpQSwCALSCCkIgGEQARidATICigI6DYBAgMCAgICAqIACqANIvf3BOljr5t3Ri5mQA7EJfXJS7TKmflqACgOYCwHICwGADAHaDBAKChDQ0rn4lI_hhwkSAgEDqg0CQ0HIDQHiDRMIiZ3e0YuZkAMVHYxaBR3khB6H6g0TCJLZ3tGLmZADFR2MWgUd5IQeh_ANAogO____________AbgT5APYEwqCFBUaE2tsb29rLnB1cHVwZGF0ZS5jb23QFQHKFgIKAPgWAYAXAbIXDhgBKgo5MzkwMTM1NDM5uhcCOAGqGBcJAAAAALn6SUESCjkzOTAxMzU0MzkYAbIYCRICn1EYLiIBANAYAcIZAggB&ae=1&ase=2&gclid=EAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE&num=1&cid=CAQSnwEAwksa0c6O_Bu48zS19o_yOtcGEAFwc1wio3A2jPNT7RA5raJe3_IU6yHrDinh8ePUYZCk-YdMzJ7qd65O8GIfj06a-qY8lChVNjkMJwvHfRfHiAiaP2NMdLi0l7Z4mA9pDoYThOouohsECOEnzJHLfUKrM3z6aO0bQ0BnUWQ20wAVPa_4fEHF0LJcGRcdd7SieEGkngw-1osBZ1U5IJIYAQ&sig=AOD64_1uOiu6opnbuHfRqYao3Yi2pKuh6Q&client=ca-pub-2574118301686814&rf=1&nb=7&adurl=https://www.symbioz.app/accueil%3Fgad_source%3D5%26gad_campaignid%3D22930478359%26gclid%3DEAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE
Title: Simplifiez-vous la vie. Offrez-vous le ménage avec Symbioz

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?nis=4&sa=l&ai=CKT9qUrPoaIabB52Y6toP5In6uAjLr6qUggGG98er6xS2wr7ehQIQASD5nPSlAWD96KKB8AOgAaS155dByAEJqQJMKjXvAfCnPuACAKgDAcgDywSqBNQCT9BTRwUDtyM8z_rRv852vww261CYzU7IvrTRDnPSgjDzTO8gMfP18kbp2Wa6AAPnopePKAkr7HD5HefGPW_1p9wk-6NMAfHhj97a7voaYxaCMKazNVMTVuUFWC-j3siz2r33Bdll0WVOk6BAEhyUgNKS-WD0sOMhFCbA0htElLxmPDdsLGkzftifpzYrA3y0dN5_ogDeTLvnXIMNBcOJkfPgNUwgRaMrvXHX9Dv3ekIKNKojRKwDzi7B9ZnI3b9fyvpBTa7Dxp74pnffUU9V9vKNjhXYfAlhU12qiX1w0Bg9mpjy1UJINQFxNhSy4dRy79uJ-BkmFKEDsnGixeLb6sIcFi9P58A8ciM2SLy2GEUKhGFuI1ifCuLjT01PZSmTiqTNiqmGedEVtLO2RQQDPLXPU3UepCrePyDN5nPttYCdOQkZC-AlOGTIBFN6oExlk5aVzcAEsKLkkcoF4AQBiAWXqo22VaAGLtgGAoAHpO239xuoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQKoB-qxsQKoB5m1sQKoB763sQKoB_jCsQKoB_vCsQLYBwCgCNurpQSwCALSCCkIgGEQARidATICigI6DYBAgMCAgICAqIACqANIvf3BOljr5t3Ri5mQA7EJfXJS7TKmflqACgOYCwHICwGADAHaDBAKChDQ0rn4lI_hhwkSAgEDqg0CQ0HIDQHiDRMIiZ3e0YuZkAMVHYxaBR3khB6H6g0TCJLZ3tGLmZADFR2MWgUd5IQeh_ANAogO____________AbgT5APYEwqCFBUaE2tsb29rLnB1cHVwZGF0ZS5jb23QFQHKFgIKAPgWAYAXAbIXDhgBKgo5MzkwMTM1NDM5uhcCOAGqGBcJAAAAALn6SUESCjkzOTAxMzU0MzkYAbIYCRICn1EYLiIBANAYAcIZAggB&ae=1&ase=2&gclid=EAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE&num=1&cid=CAQSnwEAwksa0c6O_Bu48zS19o_yOtcGEAFwc1wio3A2jPNT7RA5raJe3_IU6yHrDinh8ePUYZCk-YdMzJ7qd65O8GIfj06a-qY8lChVNjkMJwvHfRfHiAiaP2NMdLi0l7Z4mA9pDoYThOouohsECOEnzJHLfUKrM3z6aO0bQ0BnUWQ20wAVPa_4fEHF0LJcGRcdd7SieEGkngw-1osBZ1U5IJIYAQ&sig=AOD64_1uOiu6opnbuHfRqYao3Yi2pKuh6Q&client=ca-pub-2574118301686814&rf=1&nb=8&adurl=https://www.symbioz.app/accueil%3Fgad_source%3D5%26gad_campaignid%3D22930478359%26gclid%3DEAIaIQobChMIhozf0YuZkAMVHYxaBR3khB6HEAEYASAAEgJBRvD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AaI7VA2vTjXh48LVPsIaAZ1OwjGl2dkT_7B5nnMD4pBoqKTvDL0_ItILRPqKrv_ZWgUioSp5mJ7XSP7owAoyn4x0QU5D2vEH9DORVXHZ0W45M7I4oIfGve36MXZb_kKroA9Phabf4FEg9hoigy0dXi9qap1LQqZ5Lxcq9IQ966dGS1nxUeNdk4dPkYTEj8r14xCc51Vi5GSealPSOJvmDwvKecY8bdbt4vkm6KMieZXoFz-5SkvvfeGgfsCmWpBniQCG3p00VX5t_nbxdopFOuGTRxO2DaEHmmmK6JZCtfQStaaSMC0CYCX75ctcGTYID5ndZvFajeA3k786jFWo-8h4IokQmq7xRqktME9qMOJwkYD1I9y4ZKyGTmmu7FkO5Z8FhZhFng1Ce6_4CG7RxHmIjxeFYJOke7ipeiX_KS5VD85i50I-amAuyAv4mStp09y0z6f_r7No56BNBKif216Zw8-Z5IIYV6_uZovXf_Th84KsQZVHiKaNWvixlHhNa1GGJm90laSidQPwLBwNf5LlcqCKX0YnFHRIXyEGUUXsYLo4lFnr6KlFKntgSR00mvEn8cLdslXDgamIWIOWGgLCX1y41vMvAwlbkLwGkRkHTVUiJjb6FsSGEg8C6xpwwMIT2a_RRKnMLzAjVnkjsr3WlM8nqXCgCcBbStiCIOx1DZOeG2nzHS5Ybzhoc2K65WGGeRsJzLp--fIEwh85sV-EjrgD6C1mY5JYNKs53xPSH4Zd8xbu4g_eS60CJG9rDrblMTCm2LOZBzh2-vPAtyphGibccQExekuNibalBi7TWiJhoNaNOIQk6tuSAdnVZWfkiYirwWJsdda8jt-oO5taLG7vejvc4IIi3T4a4IIBfkr4N2iLvwx0w5Dg6ZM0Ud7DtKf8S34UQAadqk3p2OxAt6hvUX4aijzOBNP-GNnu3WV3-en9gKUmnlYebOFFK9QT9-jm05XtdyFpmQBwZKY-S2uCTrhmR1RIZrEw9ZyQmpFUI87fVrEyoV5xgvYccuTGCU7RQelYD_25aMqD6KdVmHhytApjeyStQyom0QSwH1pOi3re3Er0a5zUNoBg_2EkaOBCC-VBaOgPJuKWNTrMCXckiVo4VmmEpn9ynbSA8tVdeFo4Q_8BzbnwNjZHNlXJ0cqVWtmH9MTLYYECEKFM8qYqPWGKl3iCqKFkrFjgdTQQyTX9Xa_juQT5FshJ1DMiX79YieYRTxgIcUTS_w0TA6LBLuG-bSc_9zI4Ub8J4zyqSIcioAIHJUkoI65Xy4mnqkqCGz3zTQ4PA6JtE54mzOqHGqLKte9cK3aWAFwPlVdFlq16r03PUVvAdfoo4qgO2dWGZnZDse1NPyiXBljMBqNfj0gRiZ2Gtk8OpwcFP4rwqzUNfjoBOyXh93J0h9XYmdP-5eCCujg0dzKFoaEMpeQe4s-LYNUs8W_DidqUUo52I8jrm5z2f28yM_X8tCObCbSUkuPhiAYNOBMqnsGjMizRYzRPUrQrf9TVlMB9w-GPVoJoqRwFXfoHViz9_IhaNIyW9UeFuKwAGlU50vZW0_uTeTMrDOcCPohdIs1ekO6099yexREDJ3O3Xv4yMx218tMySC7xnnbR9k9luSMBkdGRCuO1IReX2wClGCbvNhsd1BGl-dyqW_FrBTlcvu3ttqDwtEqQjWj3Mx_v7oiK0_fU6sNbtL4Jcm38vXxoStHYdUklY4vzPyGu847a_3HHOH7nSqDkLrJmD03O9e_d6SPn8rOey2WxRJADH0XV06VhDBcFixKoopQKkKelXPPSAZJojB1mPDvT2_4f7bNu_wdRNikJs9G-noa-L3JH_ly7kmyzALzz6kuoODAD1NV7DMD_5Cs8YjrM1yILDgfp22zpkNzVWgd_tLYIj4jK5ZrQ6O4D8-JmQkyUPrbchsy1T_oiii3jzuUqR8OyTw4JtYBfQZMtfEA8NTE6WvZnWiZCRBTTNyP-5GjEOLBv1D2BFlau64WhqjBme5i6Xe-GyJvmdAo-qbuK5nrXMXg1LIDJxApy3Z9OVNfiQHcW3wjawh3K29phH8HqwMdB8u-V0ebwEDeyjUWBxBUiI0y9qZ7j2tbOculvQCUHSS9zBwX_ZthE4C_5IRvaRys8cenSY0GvPi6bzL86cIol-Yl3aJWvs0tI1DlFQ3yc6b0PGwzoKnrxPWMiuXTBbACjK9Q6XlJAjLne79dhK30Pa6kSliBccNjzCbyshwBYOuMdKnk4vPtO5jxu_DS34OXgbQo_58tTTuSXfMtAH97ByiwRHv5IgD2mEJRv2wo4jVEn7vaI35l6aVwvtX5SmMEp7E0XBqq6Z7ySYsz7Mat9EK0b68ZXU4ig5PWF8GGAWto0CK5th8uUniQxXu1YnJlLkzBYOm8cR5NubF1lzZzeenKvOqCx2dwFxVlyoYt3aURn1UtlUQWEwJXZNKTYc0MKHdyCzYqqNPyu63MQyW9mO0Hv3JOEogLnGwkW8lYq8sCF6oNNQTX63U5LTUg4u5Q_i5wkpBdwvzk-DJwbyhrZgSVCSHfsklaJBSspUpzn77H8KNk3vSX_egYkkD7s3illtrgkkDeTrnL3-zcPrdM8Wrox723hChE22Ica&opi=122715837

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AaI7VA3tZ8ztBlmteZzv-hZ1T839TRingGQVPPbfc_mAATssraoL-P04SrhETQJox8p7eFjDh8LKaT2vOaeIfM0wm_XmktCApBKZiJ2UIoewaxOYZpv8AL8_W6hurtrfc1Ywhc0AADWN51zHxA2PH_vdgCloZLVJNAnGn_jzv9ICbsn3It5YI0PPYxvUV1Y9DttIaF95Z080pOx_U1WevaDeIx7InLfIUrqRh-krr3ld1RopH4t6nq1uubHHwQsftnw57lQ7HZRKAe7OiUFPy6ZK3kbqJC9c5qKiZ4rgJ41hDuTCQHThsDbt4bFpDo6SEYcVWLuG9yog7V3uBIZgYmNsN_ADJTEUQC49JZ7qPihRGJPUQDu1ZRqSouCZoqMn91MqDee0Ctgb_RZYEhwe-kYDO4vxcCAioCWaK6vcUr0zif2KENzSimpIxs2TKwRapWCoCGF-WIGMmO8AOxYAvmHpC4sMF65Jbr4lKaGQGvHpkq08AL75OGx8UHeHMk6NIHho22p7FzFbB6tbr3FIE2s1hN-Lr9OrK6SP856GGidJph7TNR0dsptEeiiyEV5sSRBL95YuHWXHqQffoShxhaNSoZFPocH6a1Q2wKOwQpgo6BaYBzYTzajsYTtt2pcMgppWQpgdNpPMqRQnUCoNdQiew_VpXXvftc02E6Cv_Nt1_YcJSvBS8TYBEOmGjEQeutZ4FX4FSOw6sBrj4VcTJHuMZ3UvRrfmEGzqWrtg4o0FMM8lIRKAQeRIjDqljTEqtiJp1ObizE5OGTyDa_m4zKdQR3M795Pc5wOheKTg47DcQ5ct60-oNJiIT9X2hBmTsiaZw5ALEgHQHX_W-6BuUYjt8_RBmAZoW2KLDrLc1n4SNgcPgozMQ94wEYuWHdrUlm90OwTcVNomTlMoJY3EACSnHXe3rr9LkHC0b--TNYC3Y5AOeNQYnyvYbA3HSoYdS6usgC_v3_WGb8-IoS4cej3P_mW3ODC6N9kUeoGLMIx3BYZDxkVzSK4JIBJdPOAnVhOpgP34Anf4neEBabWIE3-rhLZzE-joBCPj0tfBRJCZLPrahViFPWFp74WaJHyddTy5i1E3ZPQFWxY-TU_odZo0ZjwdZjlIdibE8qcqAeBBMZBYrlK26OKOvkua8A1_CVPKPj2tyTc8o_BBETIAqUSY1h66CbcDl09Js4FIxQxV8gf0E28Z2YJ4_lBHFIABNKSpoh1mKM3Fu_T8vxcbfjv6vS27IkjOoKMkCae9OYjZVQ-1qucWTmPkz0zivXeUh0FnKR3ZENU1fv3qaJHUAAjtVuDnZMWa9-AjE1kZykc3vHUcfXQQHBXDSPS1qjreX7dv0sqI5BFddTLHxjLTqvsspYk1FsQsIq3QJcYXJGhz02H4STcC5Yv3SyKSrxM-2ckOKMvYuhD_V-U6N3ySJAStS_XsM2egcb8Vx4Iz_SVdccszTnKw_bHJlu2cTKlaBtZh6VBgW9tSHJd2iFHx6HebJtyBPPzUsd6bvymWve-kNMj3MNgJveQaET3v--GlqSjPszR_mIbdQDkRqQF8Qw8S1a88MScaGRFP66jjSQuWld88trjpMtFATLZYji7d3N1WkQz2V_-BzBMwCHsZjNzdPOA5upV4HrBbz7HvJoR4dOrUkz8T6fuQox3MUPCbNThzyYPwFQZolmEady1GAgdsjcx14-FjGfOqQ4Gy8h1-rM09D22MZ3g08n2fylMSlAoS7wqcvPm2efm9RZuGYp5ctamDdUssQb0QZuvhCQA-NKG3-ewid7B-EWWUxYrBq7mDT2VrMuFP-1DBksPue2bzfii6suRS-EpYffHtq_Z0XqPT88XBlY4Q7GUf3UjmtslAdUIfbWWmSJw8N9cma3K840KEno7qGzD7zNhy_-wr47QaWHrqq5zCCO5IvgE8kyWiFlw8w_ynrIxdqQ6b1do9AnPUOA0eMssUlGGl9boEutG478SxJL7SsoIvcbRD_HnrXLV78Ch7l0Wgo0vvciSIryAaIG9054AFotnxID4a2_zjiLEXDBiA6SwOL_JZNQMQnIwaiPqfLsC7HhLRi4Y4zwRDGjIKGJocAhs0Wh76fC4nx_u62dSe1HiGUd6Kb4G8suaMH-Y6wn1YbUj5eqX3zip6i85sxXq66OUltG2uK79V4W1c4WkhXz16jHDgfcxjBZRgauW9FhACtTmcGS_vTCYtdf717HXDrIcxU5dSMFkkUjyPSu9YaavAC_iBU7Bge4fgqUWHdD00oMDQFti1afCE6Dqu9mVlmcUlTrKFAxqIsLyBHmgBmTJbjvWA1Wb97u8Eh0fRCMKImBNO_eZniAMTBW8jTA&opi=122715837

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AaI7VA1cAz9dsYtfWYqGT5o0h9nprzyB2XtWAJAWBkInKOsJxpZsO5OePyu0dbtM3Cw1tGA7qtCDSE1VifiPWfsUHVXCglN1cIpUt4R554whEqdCNMcadCznpmxo87v5_23GeZt_js-7KVr6sSMiiZnyqGe5_vkW4EgtDVnlfglsEpdPZJr0dWXKaofuy7VPGy1u9do_D2Fa7gC8xMzAma2yhMV2VmFR6XQCtYQ_U0ZAEEZyZB8gsfPnQtsuHK2HznmJlacP9P6X9L3-OA4rWrrB6cJT8GC7eNGsHupG-jmTlU1JMYHRPkqrxiLnpR_4bLKEz82r5TnmF0daS2l0_FfIFdx0exFmTQfUbz7jNx7ylz8m2YGblostKrzExtXHGABTdEMA_LmY8ay4Hv1g8Zqc5cW8cDj-13Wxzild4uO1Gzqi5Y3ggCXjdJJU-aYP1LqguWcbLZRC887vcqacBaQ8PyG4Kiu64bhOhdU58qCx4D1Pvqni_NzpUu0-eojLi8UzN-zPyp1ZfXd3yjhhKnLKuPBjHkr6y63VOaa3aWyDL3C8BnWq8HT9tjWG0ANPhaIKu7GCeuhEx3BB65J6We6Cix5OwMSqvxD65f7_DnYXlSLTDjLauc_0jf0itzsmUzPQfA7mUmEaqquzZEMzj6xJL8zUV1MEnH3QfSS4zWpMyyOl5ffFjzSDGZ8toDzRyzKFBwxAs7-szpIFfokfugkcxLObwLIGGF1EVpY18n6_s7cmO5q7DC6wHJlgEqPDUfRlySIR-mABcVhqeNA6yrHgrJ7cnEkn4vMD4q558ASaVLZXdcKtAVM-8ulkc55VVlwkL0C35lYQZ3Cnu3d6_q5bJQdzKx7xRAEAzp_1u-87FYG0Eayobex7C5CDEDqGOj9wQ1cZz9BKoi4HuFyU2VhFWswYgUfB71ZqPPkWEkCrDSdCV1TfsCQBElDzsrXUKdEuJqUM5VBeDAEQZ0XBsXWfnmeyUhQb__dcHTKiyQg3vHrBxQDVgx_a5e7CpwuSAndTi8QY_EdnGQ8nlXieVa3kX-7IeDTYpJtSkFE9aMEgaOl5AuLo2vxXuZI8sgNE19V-CrPjCJ5yUw9vHALryp-DVM2DwkGdvRSn7leFupag2pBRjntDMccSoeGxUh51_CmxQKRx90g3Kcac2mAN1lLTGcv6NboDbR1_Dh4phaB5vodcvu5BZf1I4QIBPktoiEZa5DsTfOu0sBcqYQfSFw5SFY8Cjdkn7yKRaXsm1X1NC5pnZOlMTUDOizheQEibP_0ALS-OWp_UOvm9LChB3x_jXFx8n6Y2yIMhgY57JxLPsn6xB3KfbycFOlX6J0EIEB8rDkPlQZsgzv3Oyach3NasHEg4L4m0PzftF_wcowDQYgSzr_tgKMtV60Oc45CGKuVKv_BZH1tDia3tPGqBQK4AbJGtSdDoC9V5BB3IpwMDgAPEf5CJZG5reNVBpwW5pO-FzOlhkIXKMRclWPwKT2sAosln4Rk22xJqD-6F789j4hNbVBDFcz2r0vco2-Z41TXMIOx9MSFSidrbpplaMWJwJ8D7QXax4cK_6QmQhgN1vxdkjx18yVJW9szQ97l9yCgBYYBRXoptYkakY1SF8x9KrncgDU430PPlodZDVh15msb5EWnoIsrewYHoLBQ8L-mC-uqeq6HfAo0e_vyGKs49KEdwboPi9b0fOBlaGI6GRun3EAZ4RRuj-vBmLUG7sYEzFGm8dXu7GCbvO68KJrz1SA8-PuMusbKKqWnaGqubhiGomD9jgL7XqXJHQWbT0mND_hX-ueNaR0h4ZZw18QyVEvSBjv3mGU_N480j7tJGZk85bq17FYiZc4_TL4SB59tK7ZAkLCSxe51_EYfRyZe3q73raSqleIbFHHnl2j2LXbNg_aDvCYN9aqreUtcjdSuQx0Y72iNGmYVhuO2MidE1an-pJqDF-xsprZ9heBax0uhRT-EHIAaWZpDe3L0eFHuqZ_yI0vJXKoejPLxSAB0gb0kB0bNX3dYnMSZNCa8nYonESjUPxlOv6JEpZjo2XYZbh3fqZpcfQqAx3DFoA2n7fsKPJ1N0BOkwyrizrkW8DF5rsPZDs2_0DgFWHWLzfHbdSYmk6AeZjFBTC6rhimwnA8I41eTUNBuBApZA4hduenQezGXgJQiNe6nawmy-tLPs5hQd-4ZCNfAQV4qeoggbfuHtJyd2N_iEu0fTewYbmpDAu7Bap8Pyg7cqbU8gyHgPKy3Q24apPYpH9cqxOUzhBh6OZI_Z1ZwWc5hTRn0Ze4RB8o6Rq4k9CMjwwetdKD_8kijwKIZCRKPfTdRZJTTMU9n2vulZYhdZMGCJ6vNNQYFHoc-Iaryp&opi=122715837

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://klook.pupupdate.com/ HTTP 307
https://klook.pupupdate.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDEoPMWqbudzF7Akh-r277s&google_cver=1&google_push=AXcoOmSUxADMhhtPgJPDI8L4_at1svJIFYL-P0UmiA9M-h1oGjYtzHzuFQlXvRDuNEXhNAglNsq-vzVZGeaWiYAScMjZn79dB55FTw HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEDEoPMWqbudzF7Akh-r277s&google_cver=1&google_push=AXcoOmSUxADMhhtPgJPDI8L4_at1svJIFYL-P0UmiA9M-h1oGjYtzHzuFQlXvRDuNEXhNAglNsq-vzVZGeaWiYAScMjZn79dB55FTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDYzOTMwZTktYTI5Ny00YWE5LWFmN2UtZTcxMDA4MGEyMzRk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=463930e9-a297-4aa9-af7e-e710080a234d

Request Chain 103

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFkdVdNhXEvKyCLVZTUp91w&google_cver=1&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0ukISSQHMabAyY0A HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uM-hw1MYSVogDqnyIUmitw&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0ukISSQHMabAyY0A

Request Chain 104

https://match.360yield.com/match/ebda?google_gid=CAESEE0EJsBon7Qk1moVcW_ZBcU&google_cver=1&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uVpEWTBYXA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE0EJsBon7Qk1moVcW_ZBcU&google_cver=1&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uVpEWTBYXA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6PKCk6gjQrGscJo3i9qk2A&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uVpEWTBYXA

Request Chain 106

https://bh.contextweb.com/bh/rtset?pid=559960&gp=1&google_gid=CAESEArEYWl6f7Owou9UN_j-t0Q&google_cver=1&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4eDygC3oNAU6fkYkOULM5ag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4eDygC3oNAU6fkYkOULM5ag&google_hm=UHhHbjVUSnNXd1Jv

Request Chain 107

https://sync.mathtag.com/sync/img?mt_exid=4&pixel_match=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dmediamath%26google_hm%3D%5BMM_UUID_B64WS%5D%26google_push%3D%5BGOOGLE_PUSH%5D&google_gid=CAESEC1PJMCI6N5Q47Egnlcvnoo&google_cver=1&google_push=AXcoOmRBe04Si19NxjOG_Z995av8MZAYa6e1CVspfDN1dnNpP2FwECkzMo0ICGhdKwf-xEvKRTjGfj-u_ND5q2ojfvYm_n5LgRnxAr4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRBe04Si19NxjOG_Z995av8MZAYa6e1CVspfDN1dnNpP2FwECkzMo0ICGhdKwf-xEvKRTjGfj-u_ND5q2ojfvYm_n5LgRnxAr4

Request Chain 108

https://t.rtbscale.com/pub/sync?pubid=pub12958572576960&google_push=AXcoOmRbzZDNU6AKvNxfFmqhvIFPrEawASlfwNxIZALdWUTS5AgMa3B22bI8dk5uj38Tbxp_P6OfpM7pZKjBgoChE4SvnzBKEnGvGEs&google_gid=CAESEBCvRsLl9Y8kXQohlr_y7XA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBCvRsLl9Y8kXQohlr_y7XA&google_hm=T1BVNzRmZjU2MDQ3MTkxNGI0MGE5NzQ2ZjJlZmViZmYyMjc&google_nid=adtechnacity&google_push=AXcoOmRbzZDNU6AKvNxfFmqhvIFPrEawASlfwNxIZALdWUTS5AgMa3B22bI8dk5uj38Tbxp_P6OfpM7pZKjBgoChE4SvnzBKEnGvGEs

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0

Request Chain 114

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aOizU9HM6xgAIWPHAd9f4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aOizU9HM6xgAIWPHAd9f4wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

Request Chain 142

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_cver=1&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-gl6ckrqlk5fixERkO4xDvpZkThC7jKMWxtdOWWUgV7gETf1Q HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=125308dae7ef13a3&is_secure=true&networkId=14000&version=1&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_cver=1&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-gl6ckrqlk5fixERkO4xDvpZkThC7jKMWxtdOWWUgV7gETf1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAGNT9DAvkNdAI8v44fAQEBAQEBAQCYzf1-IwEBAJjN_X4j&expiration=1760167123&google_cver=1&is_secure=true&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-gl6ckrqlk5fixERkO4xDvpZkThC7jKMWxtdOWWUgV7gETf1Q

Request Chain 143

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_cver=1&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ HTTP 302
https://b1sync.outbrain.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&s=2 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&obuid=071960bb-b90f-452e-8527-f8c33cc32b52&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&google_hm=MDcxOTYwYmItYjkwZi00NTJlLTg1MjctZjhjMzNjYzMyYjUy

Request Chain 145

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEECGdWQljn6zRNu-4ohtA1A&google_cver=1&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_BslTtJ6n9F8LGtbmE09FKfBeXMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_BslTtJ6n9F8LGtbmE09FKfBeXMg&google_hm=NDgzNDc0ODk2Mzk0ODY0ODA0MA%3D%3D&gdpr=0&gdpr_consent=

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=4&pixel_match=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dmediamath%26google_hm%3D%5BMM_UUID_B64WS%5D%26google_push%3D%5BGOOGLE_PUSH%5D&google_gid=CAESEMo-lCCHTLLPgpL7A4h-1jE&google_cver=1&google_push=AXcoOmRRFF7raTmhCWqaDWfY_IvMZWIDnkQTLbt8zkb8pmA7rFpGtL7qDL7-GUQFddL0i9Rvy9UZ3vvMUVvJTFjZ9hDcp2uUYWen8ZI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRRFF7raTmhCWqaDWfY_IvMZWIDnkQTLbt8zkb8pmA7rFpGtL7qDL7-GUQFddL0i9Rvy9UZ3vvMUVvJTFjZ9hDcp2uUYWen8ZI

Request Chain 148

https://rtb2-useast.voisetech.com/sync?exchange=1215&google_gid=CAESEKkH-elUNx56Nwomo6mW5Nc&google_cver=1&google_push=AXcoOmQubMoTW0fWpd_pft0HE4ZSCb6cbBMUV3KlxFywiMuNJDdZ0Ab8l96M-BihS7WKzmTy97JRLLxmKVCurRdCdsEGdrWYqY72xcs HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.voisetech.com%2Fsync%3Fexchange%3D1215%26google_gid%3DCAESEKkH-elUNx56Nwomo6mW5Nc%26google_cver%3D1%26google_push%3DAXcoOmQubMoTW0fWpd_pft0HE4ZSCb6cbBMUV3KlxFywiMuNJDdZ0Ab8l96M-BihS7WKzmTy97JRLLxmKVCurRdCdsEGdrWYqY72xcs

Request Chain 160

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOHtXfTfg9B34At3mtIJwis&google_cver=1&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsucOQuwfsamcoZbA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mb3ujnQHQi4vSZTDy-jQxA&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsucOQuwfsamcoZbA

Request Chain 161

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_cver=1&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9 HTTP 302
https://b1sync.outbrain.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&s=2 HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&obuid=6f32d238-f9c7-465b-8c79-7eeeb7f6f2da&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&google_hm=NmYzMmQyMzgtZjljNy00NjViLThjNzktN2VlZWI3ZjZmMmRh

Request Chain 162

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_cver=1&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE HTTP 302
https://b1sync.outbrain.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&s=2 HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&obuid=6997ea62-8645-4ea0-b384-77de0f160c9b&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&google_hm=Njk5N2VhNjItODY0NS00ZWEwLWIzODQtNzdkZTBmMTYwYzli

Request Chain 163

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDdmWUmFSkXMXjjBmH6ju6s&google_cver=1&google_push=AXcoOmR_5iuSfFFCWyEtGGmmU632EoS7hhR2cHNs3WM6HZQ8lZb734LFX8aQwk3KAeo1MLXskoPUR9o34UM3MUY8P5rbmJYPHe_2Xmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWM5MjMwODYtYjJmZS00NWNiLTk4MDEtM2NhYzU2Nzk4MmYz&google_push=AXcoOmR_5iuSfFFCWyEtGGmmU632EoS7hhR2cHNs3WM6HZQ8lZb734LFX8aQwk3KAeo1MLXskoPUR9o34UM3MUY8P5rbmJYPHe_2Xmg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 164

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEO8Ix66chT77fDg1-M9OWF4&google_cver=1&google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4mbwa7RcyI HTTP 302
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4mbwa7RcyI&google_nid=whaleco_services_llc

Request Chain 165

https://www.temu.com/api/adx/cm/pixel-google?google_gid=CAESEO8Ix66chT77fDg1-M9OWF4&google_cver=1&google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Srb8Y9BbHbpRnOZke4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Srb8Y9BbHbpRnOZke4&google_nid=temu_dsp2_

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
klook.pupupdate.com/
Redirect Chain

http://klook.pupupdate.com/
https://klook.pupupdate.com/

66 KB
13 KB

1126ms
1093ms

Document
text/html

104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90b41f6a8932d1a3eeadcf3b57b5051fb2a39ee38860dd5efdb494cd4024790c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 98c4584ef825a269-YUL
content-encoding: gzip
content-type: text/html
date: Fri, 10 Oct 2025 07:18:40 GMT
expires: Fri, 10 Oct 2025 11:18:39 GMT
last-modified: Wed, 17 Sep 2025 07:49:24 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://klook.pupupdate.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 110 KB
34 KB 248ms
48ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

0bd904b7e7200966e3c9d4e7fa4d4dc4362ac19355d7c09dbf0a3a92c2281552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 262 / 20371 / 31095120 / config-hash: 6208809842817750497
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34324
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
53 KB 296ms
69ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011060347898773

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f561afae72877798a8f7484e37b54f2743f96d8beb311128f036dadfb8c06fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 1881906887192025256
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54356
x-xss-protection: 0
server: cafe

GET
H2 200 pub-9011060347898773 Show response
fundingchoicesmessages.google.com/i/ 209 KB
67 KB 255ms
64ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-9011060347898773?ers=1

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

bf328299ca81cb2e2c7b386e67f713a6cc7180ae51307f699d934381766675df

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MPMmiS8tPG7iZS1yKuiVTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhXg4LjxbdJxNYMHsQ3OYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwNDQws9AxM4gsMAPcTNvg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-MPMmiS8tPG7iZS1yKuiVTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 0a86735c6520d94f-s.p.woff2
klook.pupupdate.com/_next/static/media/ 34 KB
35 KB 879ms
874ms Font
font/woff2 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/media/0a86735c6520d94f-s.p.woff2
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ec7ccb40cf143f977c893649deece6cc2dcc7c0ff82ebf84b6584090f207ea

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "94df5f5371c15d43ad8c4420affa4ec2"
cf-ray: 98c458562d1ca269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
accept-ranges: bytes
content-length: 35324
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: font/woff2
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 7f553bc4c0aecac7.css
klook.pupupdate.com/_next/static/css/ 30 KB
6 KB 315ms
311ms Stylesheet
text/css 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/css/7f553bc4c0aecac7.css
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf767793253962f56cce514864d81c33f723435b6d886eb7e6d885bd79b72e4

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"47ad7c2cab9a264d172a6b72849bb4b7"
cf-ray: 98c458562d19a269-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/css
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6805d208dbc22d25.css
klook.pupupdate.com/_next/static/css/ 21 KB
6 KB 863ms
859ms Stylesheet
text/css 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/css/6805d208dbc22d25.css
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6afe1db2d463a9164f4602d5fed101c522728fd0f46ffe727d41b1dedf3d3c

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a64f730edcfb00ea5cf95955684aa752"
cf-ray: 98c458562d1ba269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: text/css
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 webpack-fd8027ecb5121007.js Show response
klook.pupupdate.com/_next/static/chunks/ 2 KB
854 B 836ms
817ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/webpack-fd8027ecb5121007.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea826303d0ef602c1140b5c06b790c184a9e22ba26d3cd9030e70b334915b052

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"abe4505180236776d7a27a52790bfd79"
cf-ray: 98c458567d59a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 framework-fae63b21a27d6472.js Show response
klook.pupupdate.com/_next/static/chunks/ 138 KB
44 KB 1155ms
1136ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/framework-fae63b21a27d6472.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff365c3381f9585a8210fa6e5cdcb1b40900475b25fc2961412577a316ebeb6

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"dba794492791def53f487569c617816c"
cf-ray: 98c458567d5ba269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 main-87c61b0b33867de0.js Show response
klook.pupupdate.com/_next/static/chunks/ 112 KB
32 KB 1167ms
1149ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/main-87c61b0b33867de0.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b57d9a36a02d5f00f1cc3962185489f02aced9c839bcca95e48ee1754d4edc0f

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"b804faa2f2d8a32e30f3f8c7b569fadf"
cf-ray: 98c458567d5ca269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _app-2352c82c7126f99e.js Show response
klook.pupupdate.com/_next/static/chunks/pages/ 50 KB
18 KB 817ms
799ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/pages/_app-2352c82c7126f99e.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb28c1c9aa28cf860f875bca542d30f80c4bd762744c3ae0cb5c910c57400c10

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0363fa0f8d85655ddbed9684409c9e02"
cf-ray: 98c458567d5da269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 675-95ecab0d42537fe0.js Show response
klook.pupupdate.com/_next/static/chunks/ 9 KB
4 KB 334ms
316ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/675-95ecab0d42537fe0.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46058f5fbbe980f90d8871e5ea4ebe42312314af64d68fdff1ba6df0d6cb6259

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0cf04f199127df66e44828912f47aa13"
cf-ray: 98c458567d5fa269-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 132-4efe633c2f139bc0.js Show response
klook.pupupdate.com/_next/static/chunks/ 101 KB
29 KB 1134ms
1118ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/132-4efe633c2f139bc0.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0f4205bce5692989281f776e30ff6ff7cb3a48edab540333793a4ed279c5564

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"87d10cdadff89009e72c0d5cea71ab34"
cf-ray: 98c458567d61a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 index-229dbb3350f6ef9a.js Show response
klook.pupupdate.com/_next/static/chunks/pages/ 11 KB
4 KB 834ms
818ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/chunks/pages/index-229dbb3350f6ef9a.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6220b39721cc217972f14cf71f82dc6a9cb1e052c5c3e1a4174072db425126e1

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a164d9a1ac7a4389a6233b1ec7213905"
cf-ray: 98c458567d62a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _buildManifest.js Show response
klook.pupupdate.com/_next/static/UFQ2hFKanb17gnJwaPBm8/ 1 KB
602 B 849ms
833ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/UFQ2hFKanb17gnJwaPBm8/_buildManifest.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4783123a22714db2d0d212ee12d88d42f9a8c4f2bc1e73326f42a274ad9cada0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"965916ba605e10a319289e8abe5a9d43"
cf-ray: 98c458567d65a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 _ssgManifest.js Show response
klook.pupupdate.com/_next/static/UFQ2hFKanb17gnJwaPBm8/ 218 B
202 B 878ms
863ms Script
application/javascript 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/_next/static/UFQ2hFKanb17gnJwaPBm8/_ssgManifest.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e9c735c27a326a3d4de0313aaf9af6c0ddc31c325c064dd153a0d5efcfbb31

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6bec40029cb59b7efe64853d8afc3d09"
cf-ray: 98c458568d73a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Sep 2025 07:49:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 menu.svg
klook.pupupdate.com/img/common/ 311 B
289 B 839ms
835ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/common/menu.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94447f64ef2be26f48b58ebb9a56f3cfe66c3a9bab1379f14c238e062f038b4c

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bc7dbf46bd75897329c97c6b4b0101c4"
cf-ray: 98c458562d1ea269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 logo.png
klook.pupupdate.com/img/common/ 5 KB
6 KB 373ms
370ms Image
image/png 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/common/logo.png
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b04991518562c6e9d9c121b56d8dae3c7bd3ae8a416f4f056830057f545d2c8e

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "2fbc60858e5ecbeab1bc1d6f2e92e4e4"
cf-ray: 98c458562d1fa269-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
accept-ranges: bytes
content-length: 5550
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/png
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 search.svg
klook.pupupdate.com/img/common/ 609 B
410 B 870ms
847ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/common/search.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e781f36a395624f6b5427c9afce89722a6b357174b8f59acfb79fa6d4bb0985d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"dcacb4d701d120f465c5bf7e57bb53df"
cf-ray: 98c458567d56a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 274312981305625911.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,w=800,h=196,,f=webp,fit=cover/icon/ 28 KB
28 KB 273ms
80ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,w=800,h=196,,f=webp,fit=cover/icon/274312981305625911.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2956bbf86ee485650f0288da7a716b5325ffa3c88ea21509bd79a3f9860eda85

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfxKlE19yiMHPkzgmAgzmJ-1MpW-t54GEbk5Bf5kJKDQ:6e64878961578168344fac66ee44b813"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=357+26 c=3+22 v=2025.10.3 l=28772 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c458578bd4a2ca-YUL
accept-ranges: bytes
content-length: 28772
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:34:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274313346562395447.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 207 KB
208 KB 252ms
68ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274313346562395447.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b5d2a97c3907b7059ad6f777dd923b7f772cfcb6f2624966be96dc07fb4d54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfZCheP-_gzmIdTcUwK9fxxm2_TmRh-zyU9cuqAV9NDQ:6c904ddf137e7cc75afb464f2177eca1"
age: 88976
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=1696+272 c=4+267 v=2025.10.3 l=212346 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c458578bd6a2ca-YUL
content-length: 212346
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:38:16 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274314243824684343.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 330 KB
331 KB 263ms
79ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274314243824684343.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68e470d4546cc5bd1fe9783c978344f538f865a6617147eaa3891a5350b0feb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfqPUAppWQIMeq7ZPhfRnNnahqTmRh-zyU9cuqAV9NDQ:2ca9d82f35768ff9eb7908fd00658e3f"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=321+364 c=8+355 v=2025.10.3 l=338110 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:47:10 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c458578bd9a2ca-YUL
accept-ranges: bytes
content-length: 338110
server: cloudflare

GET
H2 200 274314262967487799.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 278 KB
279 KB 265ms
81ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274314262967487799.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9244d84b3aff31d49e99a3c13e32fcd6ac4a7647ec877b9132fbae335030554

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfaC_XTdWjEIhxTnagcXa1qw8nTmRh-zyU9cuqAV9NDQ:fc48ed67b068e50b7a8a69b0ce0ac248"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=1731+308 c=6+301 v=2025.10.3 l=285098 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:47:22 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c458578bdaa2ca-YUL
accept-ranges: bytes
content-length: 285098
server: cloudflare

GET
H2 200 274314280399015223.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 196 KB
197 KB 265ms
82ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274314280399015223.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70bb73e83ee406be5ea8f01976aa7868e1923af53bb2c8df5eae76583ab4e959

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cf55lY5nUdeh3Uw946DETgubm5TmRh-zyU9cuqAV9NDQ:46d00b51001d3feeb48f95e38cc652da"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=1550+304 c=5+299 v=2025.10.3 l=201008 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:47:32 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c458578bdba2ca-YUL
accept-ranges: bytes
content-length: 201008
server: cloudflare

GET
H2 200 274314294307327287.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 379 KB
380 KB 44ms
42ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274314294307327287.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc0986bb925835c6e30882859a6470b8fae234c2536a7599b7438de42b8cc98a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfUJE_rAZ5xx6FBmHnyrb4y4C9TmRh-zyU9cuqAV9NDQ:73fbda8dc2bd4c91e2364e04fe0c77c6"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=1849+317 c=7+309 v=2025.10.3 l=388592 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:47:40 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c45857dc0fa2ca-YUL
accept-ranges: bytes
content-length: 388592
server: cloudflare

GET
H2 200 274314307427110199.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 385 KB
386 KB 42ms
41ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274314307427110199.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7768ec8cec31b661e2dcb8ddd420690176014fa28c6ae9c53ab465299fd078fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfzFOh15QmeOEozl7_R8cxpwQrTmRh-zyU9cuqAV9NDQ:dde0dd356621b2ec07d2ffbeec71c614"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=325+300 c=6+293 v=2025.10.3 l=394272 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/webp
last-modified: Wed, 18 Jun 2025 09:47:48 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c45857dc11a2ca-YUL
accept-ranges: bytes
content-length: 394272
server: cloudflare

GET
H2 200 ver.svg
klook.pupupdate.com/img/brand/ 428 B
370 B 840ms
818ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/brand/ver.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0a52274f3532693940b9d2a37f9c59ab3df4fffc7fa2fee9b302095e768243

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"25c02e70144134517c6f475025f11839"
cf-ray: 98c458567d58a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 user.svg
klook.pupupdate.com/img/home/ 2 KB
830 B 854ms
843ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/home/user.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca536de02887f28690810e2240c95a7c089a7e1a1387e796bced8d9b5a120ba

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"f5359e5ef1ba3e3ffa9c57598598b162"
cf-ray: 98c458568d74a269-YUL
expires: Fri, 10 Oct 2025 11:18:41 GMT
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 count.svg
klook.pupupdate.com/img/home/ 3 KB
2 KB 328ms
318ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/home/count.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70938d6b035831cb72d1b5d4bdb63e19a732e5fe2205313f6c583e00f4c374f2

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"27fda20c4829f3ce891c114ef84cfb18"
cf-ray: 98c458568d76a269-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fold.svg
klook.pupupdate.com/img/brand/ 1 KB
836 B 327ms
317ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/brand/fold.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06fb908ae0461cd9105a5f7540fc565bbcdcd71cb6a00fda52ce3a2a9c8d922b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2efc16f7e2906cc6844aa4b0cc6133f5"
cf-ray: 98c458568d77a269-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 obfuscated.js Show response
asserts.blazedragon.top/pageOptimization/pupupdate/ 19 KB
5 KB 234ms
42ms Script
text/javascript 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://asserts.blazedragon.top/pageOptimization/pupupdate/obfuscated.js
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86c431f097deec83cd5184720786d5e89569867071331ef4e30c116cac915cbf

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"4ba5662a0fb7a0a0fc0b1e433de925ff"
age: 88978
cf-ray: 98c458578bd1a2ca-YUL
expires: Fri, 10 Oct 2025 11:18:40 GMT
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/javascript
last-modified: Mon, 25 Aug 2025 03:20:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 355 KB
115 KB 233ms
54ms Script
application/javascript 142.250.65.168
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PT6PX44B

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6b8b19382246140523bb937f90233d44774e03f081be112fc89ad1cf6971f88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: zstd
expires: Fri, 10 Oct 2025 07:18:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 10 Oct 2025 06:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 117510
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/ 598 KB
189 KB 28ms
27ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

796853dfdf309d4168ad969d0b915ef4e10e78dd18ffaf070b198b93df6ff62d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 12895084049091349093
age: 44485
x-content-type-options: nosniff
expires: Fri, 09 Oct 2026 18:57:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 09 Oct 2025 18:57:15 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 193444
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510060101/ 506 KB
167 KB 44ms
42ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011060347898773

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

9255c823c60deaafa0b16ecfcdcb827e2454435feee6dede697859996bc9139d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 3675203039408501400
age: 52655
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 16:41:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 09 Oct 2025 16:41:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 171267
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 415 KB
141 KB 88ms
84ms Script
application/javascript 142.250.65.168
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HET379S9GW&cx=c&gtm=4e5a80

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT6PX44B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7aac78446a6f25ffc83eb15762defdafb13b86b21fd75da4bc12aff935f16836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 10 Oct 2025 07:18:40 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144069
date: Fri, 10 Oct 2025 07:18:40 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 8 KB
3 KB 580ms
43ms Script
application/javascript 23.44.111.32
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=D2M36LRC77U9PLHER7V0&lib=ttq
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.32 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-111-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43cf5189a28b1f8a8766752aaacf0887dfc1c6dc8ee9ef69a9004f00bf5438f5

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-200-181.deploy.akamaitechnologies.com (AkamaiGHost/22.3.0-92ddb6766e1177a43840985c5fc3232f) (-)
expires: Fri, 10 Oct 2025 07:18:41 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=15, origin; dur=6, inner; dur=3
x-cache: TCP_MISS from a23-44-200-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 66c0199a.1c544fa7
x-tt-trace-host: 01c7f04e6a991b7798bb43b3ff168062db9d1e4d50007ad5569cac36424aea39478b967241452a0cbf6566d7d7e1418de30ff0eca26b033c5d41c04cf8d7e322ee8021508cb3a71669a74bda65e0a8e04fa88b957147781c2bb775b18cbdb96d5089a1169f4b57bcfc37be6b68689e24c7
x-origin-response-time: 7,23.48.200.181
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-25101007184170EF3D3A69978F62CEF0-0D941C46A4E0D12A-00
content-length: 1933
x-parent-response-time: 20,23.44.200.160
x-tt-logid: 2025101007184170EF3D3A69978F62CEF0
server: nginx

POST
H3 204 AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 104ms
49ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2LS2qpu-Q0o.es5.O/d=1/rs=AJlcJMzEkyYv7wEEPbBvQcuitdGHPjLjHg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nfCEQfCQfPJV2BLEeXgGNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG48GzRcTaBDzvP7WVWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGAM5pKkU"
content-security-policy: script-src 'report-sample' 'nonce-nfCEQfCQfPJV2BLEeXgGNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxWPxSHOGEwTW2naxcigfQubrcMod5n7X1f4ooZaXC1b8fG96e0Bs0Ol7QesX0P0QU3LmPATmesWgIlrPOSbNW3FXYIw63P6ho3Qakj-qO9DLiU3lBu3lQAjt52ch2Hwdb6CiiPrxQ== Show response
fundingchoicesmessages.google.com/f/ 2 KB
2 KB 56ms
54ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWPxSHOGEwTW2naxcigfQubrcMod5n7X1f4ooZaXC1b8fG96e0Bs0Ol7QesX0P0QU3LmPATmesWgIlrPOSbNW3FXYIw63P6ho3Qakj-qO9DLiU3lBu3lQAjt52ch2Hwdb6CiiPrxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYwMDgwNzIwLDg4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9rbG9vay5wdXB1cGRhdGUuY29tLyIsbnVsbCxbWzgsIjJMUzJxcHUtUTBvIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

89e19a3c2a4b63baefcadc65f0f61c3b4aac3f30f8ca8eb63829565369b05252

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-54STC9rTBjQzsYhTZ3BXwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw0pBiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhXg4LjxbdJxN4MSlh7uYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwNDQws9AxM4gsMAAwGN4g"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-54STC9rTBjQzsYhTZ3BXwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html Show response
securepubads.g.doubleclick.net/static/topics/ Frame FDA4 105 KB
29 KB 382ms
48ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

sffe /

Resource Hash

48429c94cea0f23fe9c00d8a735dbd8e08bfbc51299ece7563887410e6723baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
age: 1436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29720
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 06:54:45 GMT
expires: Fri, 10 Oct 2025 07:44:45 GMT
last-modified: Mon, 06 Oct 2025 19:44:38 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20251009/r20190131/ Frame C12C 8 KB
4 KB 514ms
27ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20251009/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

age: 62182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Oct 2025 14:02:19 GMT
etag: 7188602577369524748
expires: Thu, 23 Oct 2025 14:02:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EFDD 1 KB
285 B 597ms
113ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9011060347898773&output=html&adk=1812271804&adf=3025194257&lmt=1758095364&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fklook.pupupdate.com%2F&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=6&dt=1760080720692&bpp=28&bdt=371&idt=387&shv=r20251009&mjsv=m202510060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3114509381513&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95373555%2C31095045%2C31095080%2C31095082%2C31095084%2C31095106%2C31095148%2C31095153%2C95345037%2C95373013%2C95374047%2C42533294%2C95344789&oid=2&pvsid=3353611330818587&tmod=558984860&uas=0&nvt=1&fsapi=1&fc=1920&brdim=560%2C560%2C560%2C560%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=439

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

e2d85b321d726855464893a422777fc7273531ed2f10ee10a35b91483d7cce93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 262
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:41 GMT
expires: Fri, 10 Oct 2025 07:18:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 circle.svg
klook.pupupdate.com/img/home/ 892 B
440 B 841ms
836ms Image
image/svg+xml 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://klook.pupupdate.com/img/home/circle.svg
Requested by: Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/_next/static/css/6805d208dbc22d25.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86f4d40f3a8ccf4fac24040b776e18c2eee67df5c374e24aa029e47b8f6d4bf2

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/_next/static/css/6805d208dbc22d25.css

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"70a8884f59f81a4d84d35e900bc7fe52"
cf-ray: 98c4585ba8f0a269-YUL
expires: Fri, 10 Oct 2025 11:18:42 GMT
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: image/svg+xml
last-modified: Wed, 17 Sep 2025 07:49:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 274014717419195703.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 3 KB
4 KB 63ms
54ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274014717419195703.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5126c5a35165e0122f709da0d48861d3769195c49d73ef8c24c0ff887a27746f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cffVd_csM3hPw6t-m_6MP1aHIOTmRh-zyU9cuqAV9NDQ:da78c73ff530f9caee5256345e6553cc"
age: 88978
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=689+18 c=2+16 v=2025.9.5 l=3424 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585beed5a2ca-YUL
content-length: 3424
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:11:39 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274014313709047095.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 4 KB
4 KB 97ms
88ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274014313709047095.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd71ffcbbce50d3a7cd8740629cfc2d9e4c87647f1b714eef47ab296065bb6c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfYGEB9yD4kpgBsbkYiEw0kiV3TmRh-zyU9cuqAV9NDQ:1085dd071dddfe82e57bd14f934877f3"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=43+8 c=0+7 v=2025.9.5 l=3972 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585bfed9a2ca-YUL
content-length: 3972
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:07:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274146192273706295.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 4 KB
5 KB 53ms
44ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274146192273706295.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

202a9972ab2ea6b45e307fd7b7424fac0b51050e4090be94d38a4b42ed55145c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfgFplCwlyW2c9Gn6ZOs5bHzU1TmRh-zyU9cuqAV9NDQ:2dd79fa74a33cc14aa564af8c71cff47"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=327+13 c=1+12 v=2025.10.3 l=4526 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 05:57:44 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfedaa2ca-YUL
accept-ranges: bytes
content-length: 4526
server: cloudflare

GET
H2 200 274129249181371703.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 6 KB
6 KB 41ms
32ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274129249181371703.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d2475135b324350eeb99a231fc176d78227cd1319fb55768130f4e68b776fc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfQgN9-5H4yQ6L640EpqUgZYfvTmRh-zyU9cuqAV9NDQ:c675a8c6d06d554f86eea7d545c74d26"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=929+46 c=0+45 v=2025.10.3 l=5924 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 03:09:25 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfedca2ca-YUL
accept-ranges: bytes
content-length: 5924
server: cloudflare

GET
H2 200 274024557927468343.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 8 KB
9 KB 47ms
39ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274024557927468343.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a150bc30e62c41bd01eed00e8d285864a776ab2fdb6eb67a6b3dc5a5ed9226

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfkCUhcaWw5CNMXgqyP0uW4Z93TmRh-zyU9cuqAV9NDQ:01fc97649469657c3f17f89c6405241e"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=864+61 c=2+59 v=2025.10.3 l=8350 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 09:49:24 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfedda2ca-YUL
accept-ranges: bytes
content-length: 8350
server: cloudflare

GET
H2 200 274014012256030007.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 21 KB
22 KB 98ms
91ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274014012256030007.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d27d58a1ac40dd971a0bac4aae743d9d5bcd48979fdd2c4d542a6fa634da591

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfRjHfPmUI9xGlOp4THBCVL65TTmRh-zyU9cuqAV9NDQ:c1f382c7190a04346896e6344f651e93"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=1086+37 c=6+30 v=2025.9.5 l=21930 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585bfedea2ca-YUL
content-length: 21930
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:04:38 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274128111585463607.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 28 KB
28 KB 43ms
35ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274128111585463607.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1940584bd39bb260c2dc49aeaaa2bc607da425703c9b3e644d52a418ae803d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfnl89EBc0slx3nNi0bIzd80cwTmRh-zyU9cuqAV9NDQ:a10ce4360e8e16b0fcfcc2664fe487a9"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=1036+83 c=3+79 v=2025.10.3 l=28362 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 02:58:07 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfedfa2ca-YUL
accept-ranges: bytes
content-length: 28362
server: cloudflare

GET
H2 200 274014131659476279.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 10 KB
10 KB 270ms
263ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274014131659476279.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273b6586fb85861b4bab48102a5e857ea6e9aaa76449344f0d3ab7b86ad3b7ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfThlwzUiym5Fijt9U5jFJD4OOTmRh-zyU9cuqAV9NDQ:fa3996487f393d74ab11cf72ea832312"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=798+108 c=0+0 v=2025.9.5 l=9756 f=false wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585bfee1a2ca-YUL
content-length: 9756
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:05:49 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274146283122330935.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 5 KB
5 KB 47ms
40ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274146283122330935.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8efcc83d42be8a685964abf10c364bebdb9a52925883990e35d1dc03525427d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfKH8w_hpzfn5X5WEUmh1pgP90TmRh-zyU9cuqAV9NDQ:fe8e612a9763e801719f49becc8f3966"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=844+20 c=1+19 v=2025.10.3 l=4632 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 05:58:38 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfee2a2ca-YUL
accept-ranges: bytes
content-length: 4632
server: cloudflare

GET
H2 200 274145332206505271.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 12 KB
12 KB 52ms
46ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274145332206505271.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526b1c70bab33ebd9f245b5bf5d2b485a3a6df8607f09ebe94704421f20730f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfaYstY2KvgET8saqwT1hr0hJvTmRh-zyU9cuqAV9NDQ:e3184ae7e3349fc4a8335682791db03a"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=1079+45 c=1+43 v=2025.10.3 l=12422 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 05:49:11 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585bfee5a2ca-YUL
accept-ranges: bytes
content-length: 12422
server: cloudflare

GET
H2 200 274015029307641143.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 15 KB
15 KB 47ms
41ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274015029307641143.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

728264aa9f69af8cd94cb65d6b5ad819dab20a61136ebde783888dd26171727c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfVDOtsbBrHlaVHBr0xIPZnbbDTmRh-zyU9cuqAV9NDQ:54533062a48f03350eaa6f9a906153b5"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=1056+341 c=0+0 v=2025.10.3 l=14870 f=false wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:14:45 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef1a2ca-YUL
accept-ranges: bytes
content-length: 14870
server: cloudflare

GET
H2 200 274014626016922935.webp
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 7 KB
7 KB 52ms
46ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274014626016922935.webp

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7b6ac4392c7e225a2ea3b4374f2401d66da16e27f178b2df9f2a230f782c1c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cf3WudqNySECoj_h0SLEg9zpdNTmRh-zyU9cuqAV9NDQ:a2cab39400df9ab78276d9e30277bce8"
cf-bgj: imgq:0,h2pri
cf-resized: internal=ok/h q=0 n=807+3 c=3+0 v=2025.10.3 l=6932 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:10:44 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef2a2ca-YUL
accept-ranges: bytes
content-length: 6932
server: cloudflare

GET
H2 200 274024901357079863.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 22 KB
22 KB 53ms
48ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274024901357079863.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d514c801a7c7efc24579a5ed8ec5d11299fbe16409158034b54cda27e7d7d5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfRFOY6Yo_JqyEyIo3_wUjdVf0TmRh-zyU9cuqAV9NDQ:66d8039affd2912164c214855d6a3a97"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=865+78 c=13+64 v=2025.10.3 l=22628 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 09:52:49 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef3a2ca-YUL
accept-ranges: bytes
content-length: 22628
server: cloudflare

GET
H2 200 274147539584814391.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 15 KB
15 KB 61ms
56ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274147539584814391.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cab7abeb333b9241b71a3b266aa748744e9c164c4a906afa3f96604766a00d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfhChRsd6puM_OFAl50cB3lpcRTmRh-zyU9cuqAV9NDQ:de98473dd673b65b73c0c3b329431c0c"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=881+39 c=1+38 v=2025.10.3 l=15354 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 06:11:07 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef4a2ca-YUL
accept-ranges: bytes
content-length: 15354
server: cloudflare

GET
H2 200 274025523422694711.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 47 KB
47 KB 56ms
51ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274025523422694711.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba156a23660425fe40b9b9cee86b44ed31e730cdf53fd4bba02d7b562359e1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfXJVJec7n-DY7p-tynL_Q4qCpTmRh-zyU9cuqAV9NDQ:e47a045170ff5959ffad77be778296f7"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=1500+223 c=27+196 v=2025.10.3 l=47878 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 09:58:59 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef5a2ca-YUL
accept-ranges: bytes
content-length: 47878
server: cloudflare

GET
H2 200 274130152869334327.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 5 KB
5 KB 58ms
54ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274130152869334327.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cfac5fe1b8e2bae6077af193bda02f59fe7087cd23b653b8966b165ab10d87e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfeJvD6w3Ftk47IT-BcSaAGaJKTmRh-zyU9cuqAV9NDQ:a1e72aad0a5bff0f74ffbe6c3ce25f4b"
cf-bgj: imgq:100,h2pri
cf-resized: internal=ok/h q=0 n=826+93 c=0+0 v=2025.10.3 l=4980 f=false wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 03:18:24 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef6a2ca-YUL
accept-ranges: bytes
content-length: 4980
server: cloudflare

GET
H2 200 274134180844014903.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 59 KB
59 KB 87ms
83ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274134180844014903.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54d513444b65704c948fffeba8a2c3e43380d133ccb56c6bbd407fe1aead653d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cf1Nzv-tW0LX1yux2xAccGGayyTmRh-zyU9cuqAV9NDQ:a57b6607b8780c2da2ec52fc8a7a6f8d"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=377+219 c=0+0 v=2025.10.3 l=60084 f=false wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585c0ef7a2ca-YUL
content-length: 60084
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 03:58:24 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274020871956335927.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 19 KB
19 KB 64ms
60ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274020871956335927.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b6f8c513e9d544ffff70788ed1fbce50ddba16e52c265dc9aca46f325b6974a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cfIAeJ-niW9AJS1L3NvKrApiDJTmRh-zyU9cuqAV9NDQ:1e6a7149198c86539b0b5cc9af83826d"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=384+31 c=2+29 v=2025.10.3 l=19206 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 09:12:47 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0ef8a2ca-YUL
accept-ranges: bytes
content-length: 19206
server: cloudflare

GET
H2 200 274017775888895287.png
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 2 KB
2 KB 90ms
86ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274017775888895287.png

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7249fd416223f245a5db21c212d9feb16b9de7d24d9f4d28cabb7a62150f2e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfOqMZXV020xzORVSo1ZapgBYkTmRh-zyU9cuqAV9NDQ:5baa2df2be2f0fd9fe6d67c8fdce9237"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=86+3 c=0+3 v=2025.10.3 l=1608 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585c0efaa2ca-YUL
content-length: 1608
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Mon, 16 Jun 2025 08:42:02 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274148141048007991.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 11 KB
11 KB 86ms
83ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274148141048007991.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3367e5a79c62de6fc1fc9cf80c4c520cd5b6c80a17d49c4685dc6817cf407d97

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "cfAI2xJc2OaquYG4X6a7hS6y4OTmRh-zyU9cuqAV9NDQ:d3f2e0e0c51e6cbedadcf1ecd9e9b74e"
warning: cf-images 299 "cover fit mode needs both width and height"
cf-resized: internal=ok/h q=0 n=925+14 c=1+12 v=2025.9.5 l=11224 f=false c2=0 wv=2025.9.0
x-content-type-options: nosniff
cf-ray: 98c4585c0efba2ca-YUL
content-length: 11224
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 06:17:05 GMT
server: cloudflare
vary: Accept, Accept-Encoding

GET
H2 200 274147919588756791.jpg
asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/ 5 KB
5 KB 51ms
48ms Image
image/webp 104.18.13.135
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://asserts.blazedragon.top/cdn-cgi/image/anim=true,,f=webp,fit=cover/icon/274147919588756791.jpg

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.13.135 , Ascension Island, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ba2e90b9ce058598dc103085037b90b68e092b55872372a59f0f1bc623a9abb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cf-cache-status: HIT
etag: "cf4XRUWBJOM7h01m8cXFAAhVmaTmRh-zyU9cuqAV9NDQ:0afc56032d9f5bd25bc66cf25f1cfb48"
cf-bgj: imgq:86,h2pri
cf-resized: internal=ok/h q=0 n=780+11 c=0+10 v=2025.10.3 l=5180 f=false c2=0 wv=2025.9.0
warning: cf-images 299 "cover fit mode needs both width and height"
x-content-type-options: nosniff
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: image/webp
last-modified: Tue, 17 Jun 2025 06:14:53 GMT
vary: Accept, Accept-Encoding
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; img-src data:;
cache-control: public, max-age=14400
cf-ray: 98c4585c0efca2ca-YUL
accept-ranges: bytes
content-length: 5180
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 262ms
40ms Fetch
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HET379S9GW&gtm=45je5a80v9222971190z89222901201za200zb9222901201zd9222901201&_p=1760080720359&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&cid=94060458.1760080721&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115834636~115834638~115868795~115868797&sid=1760080721&sct=1&seg=0&dl=https%3A%2F%2Fklook.pupupdate.com%2F&dt=pupupdate-%E0%B8%95%E0%B8%B1%E0%B8%A7%E0%B8%8A%E0%B9%88%E0%B8%A7%E0%B8%A2%E0%B8%84%E0%B9%89%E0%B8%99%E0%B8%AB%E0%B8%B2%E0%B8%84%E0%B8%B9%E0%B8%9B%E0%B8%AD%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%86%20-%20%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%AB%E0%B8%A2%E0%B8%B1%E0%B8%94%E0%B8%81%E0%B8%B1%E0%B8%9A%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B8%8A%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%99%E0%B8%B3&en=page_view&_fv=1&_nsi=1&_ss=1&ep.%E9%A1%B5%E9%9D%A2%E5%90%8D%E7%A7%B0=https%3A%2F%2Fklook.pupupdate.com%2F&tfd=2249
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HET379S9GW&cx=c&gtm=4e5a80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://klook.pupupdate.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:41 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
0 1ms
0ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9011060347898773

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/_next/static/chunks/main-87c61b0b33867de0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

f561afae72877798a8f7484e37b54f2743f96d8beb311128f036dadfb8c06fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin: https://klook.pupupdate.com
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 1881906887192025256
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 07:18:40 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54356
x-xss-protection: 0
server: cafe

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame F0F3 268 B
437 B 106ms
43ms Document
text/html 142.250.65.168
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-PT6PX44B

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/_next/static/chunks/pages/_app-2352c82c7126f99e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: zstd
content-length: 117
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 205 KB
56 KB 388ms
388ms Fetch
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3353611330818587&correlator=3745188709378405&eid=31095120%2C83322294%2C31088080%2C83321073%2C95374345%2C31086810&output=ldjh&gdfp_req=1&vrg=202510070101&ptt=17&impl=fif&gdpr=0&iu_parts=23208204883%2Cpupupdate%2Cvignette&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&dids=gpt_unit_%2F23208204883%2Fpupupdat&sfv=1-0-45&ists=1&fas=8&fsapi=1&ifs=%5B%5B%5B2%2C1%5D%5D%5D&sc=1&cookie_enabled=1&abxe=1&dt=1760080721991&lmt=1758095364&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklook.pupupdate.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1760080720321&idt=588&adks=3765471987&frm=20&eoidce=1&pgls=CAk.&blev=1&bisch=1&td=1&egid=25335&tan=2202dfca-542c-4b27-9364-b02edc5390a1&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

50f5d62c2abb4dbe60290d951106d309828ab799c35a808ad5ba37f8fe242c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://klook.pupupdate.com
content-length: 57798
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3117 7 KB
3 KB 160ms
59ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
expires: Fri, 10 Oct 2025 07:18:42 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/ 58 KB
19 KB 31ms
30ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl_page_level_ads.js?cb=31095120

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

4374ecadadac5aee246663119fd08f568a9ec21db90bcee2033f0e7fb6e4c099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 8442972259616570070
age: 76483
x-content-type-options: nosniff
expires: Fri, 09 Oct 2026 10:03:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 09 Oct 2025 10:03:59 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 19292
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
14 KB 581ms
580ms Fetch
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3353611330818587&correlator=3745188709378405&eid=31095120%2C83322294%2C31088080%2C83321073%2C95374345%2C31086810&output=ldjh&gdfp_req=1&vrg=202510070101&ptt=17&impl=fif&gdpr=0&iu_parts=23208204883%2Cpupupdate%2Cbanner-home1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=3&dids=banner-home1&adfs=2120053175&sfv=1-0-45&ifs=%5B%5B%5B2%2C1%5D%5D%5D&sc=1&cookie_enabled=1&abxe=1&dt=1760080722078&lmt=1758095364&adxs=315&adys=326&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklook.pupupdate.com%2F&vis=1&psz=970x270&msz=970x0&fws=4&ohw=970&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1760080720321&idt=588&adks=3877265617&frm=20&eoidce=1&pgls=CAk.&blev=1&bisch=1&td=1&egid=25335&tan=2202dfca-542c-4b27-9364-b02edc5390a2&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

fcbdf189c6888a88a137e66ed8df7e4efa77c0658bb4e22d29198ca4c34f2926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://klook.pupupdate.com
content-length: 13834
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
14 KB 753ms
752ms Fetch
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3353611330818587&correlator=3745188709378405&eid=31095120%2C83322294%2C31088080%2C83321073%2C95374345%2C31086810&output=ldjh&gdfp_req=1&vrg=202510070101&ptt=17&impl=fif&gdpr=0&iu_parts=23208204883%2Cpupupdate%2Cbanner-home2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=4&dids=banner-home2&adfs=4009384490&sfv=1-0-45&ifs=%5B%5B%5B2%2C1%5D%5D%5D&sc=1&cookie_enabled=1&abxe=1&dt=1760080722116&lmt=1758095364&adxs=315&adys=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fklook.pupupdate.com%2F&vis=1&psz=970x270&msz=970x0&fws=4&ohw=970&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1760080720321&idt=588&adks=1774646446&frm=20&eoidce=1&pgls=CAk.&blev=1&bisch=1&td=1&egid=25335&tan=2202dfca-542c-4b27-9364-b02edc5390a3&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

ddae78037ba523b9d51d2c8bf611cc8e0f0f5dda059df02b4cee724f1a1eacbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
google-lineitem-id: -1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://klook.pupupdate.com
content-length: 13996
x-xss-protection: 0
server: cafe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 44ms
42ms Fetch
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://klook.pupupdate.com/

Response headers

GET
H3 200 ca-pub-9011060347898773 Show response
fundingchoicesmessages.google.com/i/ 209 KB
66 KB 67ms
65ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9011060347898773?href=https%3A%2F%2Fklook.pupupdate.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

640affb3de912c7db48374dfb69f8aab2924d1f7566e9d3d390045174e29df4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qc3PR4INeC0NAtfw2mwytg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw1JBiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhbg5Lj1bdJxNYMK9x2VKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGpoYGBhZ6BibxBQYA0zs3Hw"
content-security-policy: script-src 'report-sample' 'nonce-Qc3PR4INeC0NAtfw2mwytg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVFt4yQUaCmz8FUEdk68WP9Mz-AaYq1xFW57-_sJSYndddVOmKTmUVSxcpahx4vQshSfVfUOB6Q_EPD1J2diOzJk3QJXVPNaEBScjZIc62cx1AC-V3K50ZFrkGcWXbm22pEJ8vG7A== Show response
fundingchoicesmessages.google.com/f/ 9 KB
4 KB 70ms
68ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVFt4yQUaCmz8FUEdk68WP9Mz-AaYq1xFW57-_sJSYndddVOmKTmUVSxcpahx4vQshSfVfUOB6Q_EPD1J2diOzJk3QJXVPNaEBScjZIc62cx1AC-V3K50ZFrkGcWXbm22pEJ8vG7A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYwMDgwNzIyLDI2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8va2xvb2sucHVwdXBkYXRlLmNvbS8iLG51bGwsW1s4LCIyTFMycXB1LVEwbyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksImZhbHNlIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

62ca54b6a7f69631047682afa385412a92a1401d7e2fb32e5e825c2b14524adb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-74VYvXy9ptm-mpZcgoK3yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhXg4Lj1bdJxNYMfkW9MZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwNDQws9AxM4gsMAP2mNxw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-74VYvXy9ptm-mpZcgoK3yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 main.MTE0NjY3MDc0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 425 KB
98 KB 25ms
21ms Script
application/javascript 23.44.111.32
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE0NjY3MDc0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=D2M36LRC77U9PLHER7V0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.32 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-111-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 793c69dc60074ce8728bcc08ffa52ca6dd20a5189eb96cc6a4a0dcd41b430f2a

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

x-cache: TCP_HIT from a23-44-200-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-25092907135124B814EE94986F05D4A7-3290A1735708C941-00
content-length: 99486
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2025092907135124B814EE94986F05D4A7
server: nginx
x-akamai-request-id: 1c545049
x-tt-trace-host: 015c7e02b79093bf0c95706ce1550477bd2ba41479e88a25cd7fa36b6484ef195e1f4db86ea17e7969b62c2be3c562309af9dbeb04913546c8cba5c4d97566e4375261c08d257d8f71dc7286558d1fb212038bcc8c025d3d0e46ad395768f1b3d7

GET
H2 200 identify_4e6f0095.js Show response
analytics.tiktok.com/i18n/pixel/static/ 152 KB
40 KB 27ms
23ms Script
application/javascript 23.44.111.32
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_4e6f0095.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE0NjY3MDc0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.32 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-111-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f01b82daeb7f9668082e10f62b4bb8efe99d7bdf6e6765083f0fa2858b77d26f

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

x-cache: TCP_MEM_HIT from a23-44-200-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
access-control-expose-headers: x-tt-traceflag,x-tt-logid
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-250923111303C78E4EF6A7D74969DC45-6DF691F08EE1ED70-00
content-length: 39812
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20250923111303C78E4EF6A7D74969DC45
server: nginx
x-akamai-request-id: 1c54507b
x-tt-trace-host: 0121ffda53e6c473a4841409f086762fc5d1d7e35befad3155246817896f76e6d6c46449db2daee0e30b97509980b29e6313d5a5fe8a1e2b617fc07e1e474cfe63cc84e166fe59076486e31b0bd70e8b7adb714064f64fedd7464c3b8d98841bef

POST enrich_ipv6
analytics-ipv6.tiktokw.us/ipv6/ 0
0

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
915 B 81ms
80ms Ping
text/plain 23.44.111.32
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE0NjY3MDc0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.32 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-111-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://klook.pupupdate.com/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
x-cache-remote: TCP_MISS from a2-17-114-158.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 10 Oct 2025 07:18:42 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=45, inner; dur=41
x-cache: TCP_MISS from a23-44-200-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
date: Fri, 10 Oct 2025 07:18:42 GMT
x-akamai-request-id: b835db2b.1c545089
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01c7f04e6a991b7798bb43b3ff168062db9d1e4d50007ad5569cac36424aea39479e4f5dc085636a80cfd752e7f15f1807314049814afe9f67ccb19745066d03ec8dbf7ddb144a8af7bc63cbd8ebc4e03ca2cc09eed05dcf6b813cf874bed24af499f391ec782ff1228f378fb614e921f4
x-origin-response-time: 45,2.17.114.158
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-251010071842CA20A16B2D16941C1AC8-3631E15B709B3F14-00
content-length: 0
x-parent-response-time: 52,23.44.200.160
x-tt-logid: 20251010071842CA20A16B2D16941C1AC8
server: nginx

GET
H3 200 container.html Show response
c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 79BD 7 KB
0 1ms
1ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
expires: Fri, 10 Oct 2025 07:18:42 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET css
fonts.googleapis.com/ Frame 7F32 0
0

GET load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame 7F32 0
0

GET abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/ Frame 7F32 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame 7F32 0
0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD32 1 KB
837 B 92ms
26ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

age: 42820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Oct 2025 19:25:02 GMT
etag: 9725182468138058862
expires: Fri, 10 Oct 2025 19:25:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame 7F32 0
0

GET l
www.google.com/ads/measurement/ Frame 7F32 0
0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7F32 221 KB
68 KB 90ms
27ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

8fdffa5eb0b48fc1905798aa59fc2f7797ab0b8834a50c379c52a158acc9ab08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 922261510173048218
age: 2736
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:33:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 06:33:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69858
x-xss-protection: 0
server: cafe

GET
H2 200 877273e96ffbdd68da2250941f8ed370.js Show response
www.gstatic.com/mysidia/ Frame 7F32 38 KB
16 KB 101ms
28ms Script
text/javascript 142.250.65.227
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/mysidia/877273e96ffbdd68da2250941f8ed370.js?tag=addon/mysidia_one_click_handler_one_afma

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

5e94c49bf40e237af759eadba6dc2dc0a7a3433ce586b20445a0c7bc0d04048e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
age: 129204
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
x-content-type-options: nosniff
expires: Tue, 06 Jan 2026 19:25:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:25:18 GMT
last-modified: Thu, 02 Oct 2025 22:11:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7776000
cross-origin-opener-policy: same-origin; report-to="mysidia"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
accept-ranges: bytes
content-length: 15847
x-xss-protection: 0
server: sffe

GET fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/ Frame 79BD 0
0

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 79BD 205 B
296 B 103ms
36ms Image
image/png 142.250.65.227
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

age: 129155
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Thu, 08 Oct 2026 19:26:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 08 Oct 2025 19:26:07 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 205
x-xss-protection: 0
server: sffe

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 79BD 604 B
919 B 102ms
36ms Image
image/png 142.250.65.227
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

age: 57021
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options: nosniff
expires: Fri, 09 Oct 2026 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 09 Oct 2025 15:28:21 GMT
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
vary: Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
content-length: 604
x-xss-protection: 0
server: sffe

GET interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/ Frame 79BD 0
0

GET 14763004658117789537
tpc.googlesyndication.com/simgad/8600616443092576230/ Frame 7F32 0
0

GET 14763004658117789537
tpc.googlesyndication.com/simgad/4242810531678970802/ Frame 7F32 0
0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
916 B 60ms
58ms Ping
text/plain 23.44.111.32
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE0NjY3MDc0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.32 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-44-111-32.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://klook.pupupdate.com/

Response headers

access-control-expose-headers: x-tt-traceflag,x-tt-logid
x-cache-remote: TCP_MISS from a2-17-114-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 10 Oct 2025 07:18:42 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=17, inner; dur=14
x-cache: TCP_MISS from a23-44-200-160.deploy.akamaitechnologies.com (AkamaiGHost/22.2.5-89cb7fd9e741ec8f5be4a861b4ee725e) (-)
date: Fri, 10 Oct 2025 07:18:42 GMT
x-akamai-request-id: 5256db17.1c5450b2
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01c7f04e6a991b7798bb43b3ff168062db9d1e4d50007ad5569cac36424aea39478e7cb6855bdf2d7e1f6050ef9b0db17f20ec85fd9d19164c972d396ce83ef964d228b8d19a55c4279ad0e1c70e5eda8f00c04d345395a643a11117fc15cb16b2a2a81e86189953519c59f7724312f03b
x-origin-response-time: 17,2.17.114.160
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-251010071842C925DCBDE67DBF62C1A1-3D5EC4904B43ECA7-00
content-length: 0
x-parent-response-time: 24,23.44.200.160
x-tt-logid: 20251010071842C925DCBDE67DBF62C1A1
server: nginx

GET
H3 200 container.html Show response
c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 6AE7 7 KB
0 1ms
1ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
expires: Fri, 10 Oct 2025 07:18:42 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F5A9 652 B
254 B 68ms
48ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMvUFxiw6PbEAjAB&v=APEucNWltOd8IyfcJANqQX7sfb5HZPZCE5GMsyEF89Vepq16MzaQpbzK77sao71GkUQat4IWlfdtNe6WwF-pkMg6BogSVquv3lklkl9fIZjh6sQiHzdYs9U

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

8c04e118bdd5757192be2a1eb360786f9fa1c4b398806430b7f41f203f64d8e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6AE7 103 KB
35 KB 60ms
60ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

5e2fb13fa7e4158cd2fc32ac83803d4fde7c96572fa8c6bba8b7b7f804201c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 6681987532584135033
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 35538
x-xss-protection: 0
server: cafe

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AE7 42 B
63 B 44ms
41ms Image
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7JwSW3EO8Jxz-8Cvt0a0iUQ5CoJEF0L7JtgRY0TdCfmqzAVvodGrmVEE7pA-ltx17yhFKin-fvZ5gIcIlwwfNpaLGSIJDRMsvDRgCkJqeStLLlOM

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Oct 2025 07:18:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame 6AE7 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame 6AE7 0
0

GET l
www.google.com/ads/measurement/ Frame 6AE7 0
0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6AE7 221 KB
0 3ms
2ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

8fdffa5eb0b48fc1905798aa59fc2f7797ab0b8834a50c379c52a158acc9ab08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 922261510173048218
age: 2736
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:33:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 06:33:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69858
x-xss-protection: 0
server: cafe

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDEoPMWqbudzF7Akh-r277s&google_cver=1&google_push=AXcoOmSUxADMhhtPgJPDI8L4_at1svJIFYL-P0UmiA9M-h1oGjYtzHzuFQlXvRDuNEXhNAglNsq-vzVZGeaWiYAScM...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEDEoPMWqbudzF7Akh-r277s&google_cver=1&google_push=AXcoOmSUxADMhhtPgJPDI8L4_at1svJIFYL-P0UmiA9M-h1oGjYtzHzuFQlXvRDuNEXhNAglNsq-vzVZGeaWiYAScM...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDYzOTMwZTktYTI5Ny00YWE5LWFmN2UtZTcxMDA4MGEyMzRk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=463930e9-a297-4aa9-af7e-e710080a234d

170 B
243 B

119ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDYzOTMwZTktYTI5Ny00YWE5LWFmN2UtZTcxMDA4MGEyMzRk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=463930e9-a297-4aa9-af7e-e710080a234d

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NDYzOTMwZTktYTI5Ny00YWE5LWFmN2UtZTcxMDA4MGEyMzRk&google_push&gdpr=0&gdpr_consent=&ttd_tdid=463930e9-a297-4aa9-af7e-e710080a234d
content-length: 423
date: Fri, 10 Oct 2025 07:18:43 GMT
server: Kestrel

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEFkdVdNhXEvKyCLVZTUp91w&google_cver=1&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0u...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uM-hw1MYSVogDqnyIUmitw&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0ukISSQHMabAyY0A

170 B
188 B

45ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uM-hw1MYSVogDqnyIUmitw&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0ukISSQHMabAyY0A

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:46 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uM-hw1MYSVogDqnyIUmitw&google_push=AXcoOmT_kQuCQYKe13xRvdX6cT6_qN1uyyoC53cSRYqFuSdoqYLfT4ZuIoockwQK7dVIQtoWcCsnpdQtDTrqdu0ukISSQHMabAyY0A
x-host: tde-deliveryengine-production-b8cdf65f5-v9m4g
via: 1.1 google
x-engine-version: 0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
date: Fri, 10 Oct 2025 07:18:46 GMT
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEE0EJsBon7Qk1moVcW_ZBcU&google_cver=1&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uV...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE0EJsBon7Qk1moVcW_ZBcU&google_cver=1&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglB...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6PKCk6gjQrGscJo3i9qk2A&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4Pgl...

170 B
188 B

54ms
54ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6PKCk6gjQrGscJo3i9qk2A&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uVpEWTBYXA

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=6PKCk6gjQrGscJo3i9qk2A&google_push=AXcoOmTVaRVzAyJTxj1XZA5iMm0qM7H7nc4DEnKP0DAQeabnOM6bukz37UD_50Eb2w4i3DXhV_EP8FROmZx4PglBd001uVpEWTBYXA
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/plain

GET cm-notify
creativecdn.com/ Frame BD32 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=559960&gp=1&google_gid=CAESEArEYWl6f7Owou9UN_j-t0Q&google_cver=1&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4...
https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4eDygC3oNAU6fkYkOULM5ag&google_hm=UHhHbjVUS...

170 B
188 B

44ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4eDygC3oNAU6fkYkOULM5ag&google_hm=UHhHbjVUSnNXd1Jv

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:44 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=pulsepoint_inc_&google_push=AXcoOmTe-juVtlyXWDqlOcjuGltmzq61zvmJlDnsOwXQO9Z4VZcyp7I-uDhwaHAe4A4KlXOX4ZFjNN0k4eDygC3oNAU6fkYkOULM5ag&google_hm=UHhHbjVUSnNXd1Jv
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-6f7f77b8f4-sjwdv
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-CA
server: Jetty(12.0.22)

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&pixel_match=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dmediamath%26google_hm%3D%5BMM_UUID_B64WS%5D%26google_push%3D%5BGOOGLE_PUSH%5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRBe04Si19NxjOG_Z995av8MZAYa6e1CVspfDN1dnNpP2FwECkzMo0ICGhdKwf-xEvKRTjGfj-u_ND5q2ojfvYm_n5LgRnxAr4

170 B
188 B

44ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRBe04Si19NxjOG_Z995av8MZAYa6e1CVspfDN1dnNpP2FwECkzMo0ICGhdKwf-xEvKRTjGfj-u_ND5q2ojfvYm_n5LgRnxAr4

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:46 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

X-Permitted-Cross-Domain-Policies: all
X-Content-Type-Options: nosniff
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Fri, 10 Oct 2025 07:18:46 GMT
Content-Type: image/gif
Strict-Transport-Security: 31536000
Cache-Control: no-cache,no-store,must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRBe04Si19NxjOG_Z995av8MZAYa6e1CVspfDN1dnNpP2FwECkzMo0ICGhdKwf-xEvKRTjGfj-u_ND5q2ojfvYm_n5LgRnxAr4
Pragma: no-cache
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
Access-Control-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Server: MT3 2082 0091691 master ord ord-pixel-x17 config_version:"519"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD32
Redirect Chain

https://t.rtbscale.com/pub/sync?pubid=pub12958572576960&google_push=AXcoOmRbzZDNU6AKvNxfFmqhvIFPrEawASlfwNxIZALdWUTS5AgMa3B22bI8dk5uj38Tbxp_P6OfpM7pZKjBgoChE4SvnzBKEnGvGEs&google_gid=CAESEBCvRsLl9Y...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBCvRsLl9Y8kXQohlr_y7XA&google_hm=T1BVNzRmZjU2MDQ3MTkxNGI0MGE5NzQ2ZjJlZmViZmYyMjc&google_nid=adtechnacity&google_push=AXcoOmRbzZDNU6A...

170 B
188 B

44ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBCvRsLl9Y8kXQohlr_y7XA&google_hm=T1BVNzRmZjU2MDQ3MTkxNGI0MGE5NzQ2ZjJlZmViZmYyMjc&google_nid=adtechnacity&google_push=AXcoOmRbzZDNU6AKvNxfFmqhvIFPrEawASlfwNxIZALdWUTS5AgMa3B22bI8dk5uj38Tbxp_P6OfpM7pZKjBgoChE4SvnzBKEnGvGEs

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:44 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBCvRsLl9Y8kXQohlr_y7XA&google_hm=T1BVNzRmZjU2MDQ3MTkxNGI0MGE5NzQ2ZjJlZmViZmYyMjc&google_nid=adtechnacity&google_push=AXcoOmRbzZDNU6AKvNxfFmqhvIFPrEawASlfwNxIZALdWUTS5AgMa3B22bI8dk5uj38Tbxp_P6OfpM7pZKjBgoChE4SvnzBKEnGvGEs
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 324
Date: Fri, 10 Oct 2025 07:18:43 GMT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BD32 0
40 B 611ms
73ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGP7N4tBRwxGCWk2YJvSC_GWHAxmmurxDt9BJf0gSMrqGaSgYIsnzutIpjlftzCSHLXYOUXr2z

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html
server: HTTP server (unknown)

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AE7 0
20 B 45ms
40ms Ping
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7263764871129&version=m202509090101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 10 Oct 2025 07:18:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AE7 0
20 B 42ms
40ms Ping
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7263764871129&version=m202509090101&ct=76&x=1&cor=13387480356387901440

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 10 Oct 2025 07:18:42 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6AE7 110 KB
44 KB 90ms
89ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjwTr5nlcNL6g6Ov1m96gM6oA9HEafaEz4n8luDu9VKGkqWNbdRb0DUnhWqkEwr_7FY6WYWeuDL2CnH6DTgFfR-iJKkqkJc_3j5l3j5V9aUmLc8K8&cry=1&dbm_d=AKAmf-BSe8Z52iFcSxCuttlNOQDD7aRFLECMLAC1torI-j5PtKew8_LbsosZn8hTOjc4xdtt3OAupdngV5vLHepuBR6yhso1LVysVhaQFm6jUiXVxKSp2aUvQFcz7FmejOB8WXso299_pfMv4gjm1IyiQrjYNblcpMbf0NIWIQHEm0ZVMjmUU5rP85a4RlgwzeuEty4YzQTzqOpR88iHLH8SI00C9y645ImuTxXkYaomq5jrzG1TQbdiNpr_HeBWDfwRTHr3inMQy0-urkW3CqO4MHpSemS8siSvVPl7Vh27KlaMQvmreCyJVG06edzr9U25HhnjrbzNYMDnTw5nBFD4SYnt_lxqqALp8boxpEVpYdIXDw9wj5Y-C3Y7fKROzseIrYwl2kI_bDtaOofWKS2A28GkWhCcYO_RKnKE_qCibmY9P49ouNhacqjJcsmlcmWyNPcEkK5rHk5jdL_MAfVyVoOBGw2MbqLzvN5bhWFEKf-WMHWrkszcSzkKuBoMcaGKXyhAfRG-Ol0-r8TptO-PXss7KHdvSyCZjfbPl_uhsYjF5WHu7yQ33v5UCdcrszlQOABCIPOZwJsgD33vvb8WJmjrZVPML00oZS9GDP-n-P0X0ZaqCsCxvBode0Sm0bZMaj1sjCAxwvJ3ljcuLkhFQ71LXKQuyADHPgCBrt5DewvOGJfsBxxWlh_sbGKjdfbq-vTwzTnmrR_u-stcn6TZT5dbzDGOcBdM68uxpphwcpX6OhtOAw-0KoxuKB-0-dtT2lb806tu0Q7x4yuFWcPomGxxPUg_gVQhCooKFTLpln4yVSCW5G896ZZoql9Opboay07wtPfGQfOqwwpx01BjrYxxQ_dQaKrErgT8kNEE0ar862eXKdjy9Ng3WnSmcylQg_ne3gUCMM0vU50Vo90zr_qgbcpSJoneGDDpuiE4OYZUEDKhTQWVxGX1Im0RSbPmP6O1jkJ0ZILHLOen5oElEx6VqiuVTSV3qAiktkNJu30XMKlNdByOy6zuw1udQ3aHXZgV4nBk7Gfymu7iz2R3A5Fb1zkc8yGwqYxZdw3Jy-1qh_iIBytyYh999QFDdCU9XkNa9fCTtSfHO3XCmUByrUGhZvXs-bNn40aw418Hpie5w9ip-Ha5R5AOcnHUUX6Pz4DUhTYzXO-XEwVOrsTbhmn17bG4awdWboogXeizHf8sVcpO33xfd379FbRIjlLLqNo8OBqx0Bx7tcLnVL8mfabqZgV0v-T57PqC2nSJ_u12lhW3iEhANrGYeL_gk4AwDEPq0DTYJLt6uZSxhSw_XhTv9n_mbcqkjRYbZeKpVEPxIm0AwllwA2Y7NIY6z4601Y2IMg2QeacpfNnoUYJWjhWZe4iQxpZ8Wo8u4BHSgsWpyGTpU2eDE1zdWJiSslN5MQKY4llnmz29fOTMDhRm3ZErVNqGfax4xY5eTNbJuLQwuycqbjjUvZnqFgBuQAR6o4ptJpQEB7dDVG1Nqrl3Ei0c6CH37cOyy1BsV7VKB2QqBcl-aE7BEfUfzFg6cmDc_hZI-dW0ns34U6AUVuID6iAkg-iOkv761-uueHmoUKiWvRcMo4Bq37Z1zgc8_VO_xIO689O72uLT2n__EEcHmqwmPsuJu9JtTGDMSUQ6ttIs3gSZSn9e9mFyRRLN2-AE9EiXx55_InlHZZwnpdo1LHd4mVas47Zbpzxq7TCrtn1a-LIc1hkL3R5zkJOLbjhonINmgYPBevPXrVD6GOi93XYSkOdTMESRezLtEOkpmWWWr7pv5S2QaZ_Zb2xjjqSq_TzYxuXsClAsv3L9zbdvTYZlbqjJt-sp2b8g5rF-YOcGKEmKgeORbznmT9MezxNyWH4i-T4C3RuptsMTcVbqRFztjTGfTL0B-nPJoCoN36QJxyFA4SLk6M9OZU7GZ6iNbLrWe4ZEZsxEVNuvL5qpLGCzYieM-kYcwjoNPuh5c-scrNPYQDpla7vA6PHSDjG_TBWo3KFVULh4RX203g72RgMCe5s9l7b29YvRD89iH8Q3setoictMFDgtjn4l131-51TlhbYs8RLnu24YRysgrWEfhDP-WrOdHQn2iBFELZD83tmvFsP40mZiSknyLRZEPzsEquqXvSD4YgX5aSESq8C27BlpvwjFXax2fhWuklv3aUYoaQfAted3N0LjWu9wwBmV6kXI-B9fThXjDFCrXeC6P4iziRDccZXOQFvJrHjfSNnj6m2VLZQKgN2FLldOvEW-zJQ5MD5kwqHl8WL8bORZlhyrxCl1fi-ZIpChSbi2PLt0vxB_SiU41olT56HdcvU89vLd3lKopuXo_9K336S3weYz-Q57Ocu2XoFnj3LbQcfpZIOn3LpVx6CLvrgSF0l9OL0COtuO16UCLl0EetMFqitJ1lCpfxe5Nyp8H8YTLlievKwHm8EJn-zDHW50FC-EC3gFZmlLZbQsGyw1tsKyH1qi2jNqYXnEFi9_pMFhT_d8WmtGI1sLoTmyvLgp_t9bqVAbe7GGlqBXeQ08Wz-W3orIGIu32N9-LxBxcJNcBPqs32maSKRjhjv7mds0L8Dr3oscC6or8Mv1QY0JWWbDX81uSy-PXzptHticqgq37I0pTpCzRWg-joFf6wX3Xk_S-EFXshr-BttsvozvrYc0PM0TxE_hZAc3ypfoEP5wZgCoNWW2MoPWaI-z_0gQMOcXqjIZiY1HpgmzFS0RnhUP1nKAaTFctaOc-FlpemZMmOH0CVsuMu3Kojm7vPUbcit_Xwruf-xS4Ud5YBIIECwda4Qx-b_NjPx8VDLebE0HtMR5HoOSnh9dfN5WmLl3ZJq7iQYgItuGxVEWKJ-Cr2Vamk0BlPWf4B2TybgLuT7NLN3tsF96plnM-p8dRif7j6lU-7XJCKldpVgdImZWuhutpHxkrjbUtqgaHkIL-3bSiVTERBvvelylO9yjB30h8QsyQo9Ok2Mo2xjqmnOMDPUqmGBwATstDaXjepTiOxN4BV_qyfo5xLW352mUOpNt79UiA4zW8aaCZilvoryCz3GyMJ-j9cdTruwMB_Sy1DYkIBmXk7B4YExUpnjcKy2gsiHKjW9UpRdZ_r3Nd__ABWjMDma1vcUdABiMfjXLa2LOljgasu2JJMzTAhb7eA_r7Nz1dSGLzO_p2HTcSUXb7p57c0eaSv12ztoD8yRBu3UMpRGzHbXzIImqYfnjmqOLfIlxR7iiRFVXBSE1CmGnpY-oR-m3hLtB2kuGq_pBTxeRwyIFRBxaeDIwfe02DsTZx1tw0LT0BV2vwlKFYsYQhwczLY8ga2PWsHMVCxG6NqM7am3lNWRBtbOHeEsqueAFhv43PtIJkCAVnPjUDhrO0CX6hhBQ8IBrVd7M8NN7cCPE7E3MuC_vv4hS7SrdzBI_MbYXm5Gh3U8h_xyyTBkCReb4VgFCjsEl-WIEDlNUa_FrZGMNuwqrHSBBUL-ieMk-WLd2kIXFE8YdUGU4xlZNqTybBqlsr2JjkIjHetlnVOzCDUpzPN0QYwL87NpySgK9AapVgoo1EYx32TkcWcvBE5RMokhCbTNcTXC9OLrGeYUOZr_KsLw2JaxE816j6_KKzSnpfSRKtR4pePtBk_G-uhPq4rpgZAA1FWVz1iRVrWpAeO1_v51LBjboblKUCAJcPX969b4p5MTiV4K9AlUjLwcrOLJNWNBjy3HoiY-nG_9RdJjVO5Vy0SmREHLvXckjRID28ms9E2O5IqP6uPU7UQ96fEnLAdscWHLhexVO4NCjb8-6PlzOr9EG-GzuxGy7RyfhHVL9Fs3I2XXPB9q_U4sdCUm773XxIga_GhTuQdQMUwKc3Ratd0TrnYMDS9qFEPV_IhXonLnD3DKIJNKbSPe-j0CpXboRmGGVfZmfk8dRUbb19jnkNG6-K1FB0Fe3XP5bltXv0v1V6lnoaP5TLNBKTxD4Ffz24tZVlaWLK74we5L5JKoKfRWMzA7r5OJZOVJRcUviaIsUyltcQaTmOOq2Qo-QMWdKUMjBTv5dqiNE0FctmAS4nXKyjJNCBZtEZRjQbRFNqCormsThLM7WB83XipXBVF0WfMQ25Let87y6YTgJ7SopQ4T2e68tPj1ZxpZvaVyrvO5jEpK7kFQ5mwHK1Fz6CP63zw3c7BnDhshtDqxNUt_X639QhV_CbRwd1GrwXHKrWqqJr_wi6sguApANiAuxw_ePw_y8NM2mqMNYd4NlN6c4xKnZHwLnDujAXB3JbE79GighzbKIOMAUwpf5tGIa4vibrIhivLIvgzewtf5bH8kPSdYVqOkZNOFzuPONiqdWH9Fe9FcByYrydkzeKSLGMROu20EvPcgFCln2rjZIv-XuSA_Ef-oHltWG8JsockhGJEwybZMtfpZmH5dwTL0d6PA4L3LpWS-YLpI2mBD6RRJEOD7N_b9DfET6a3BACYCz3dJLW9Lje-SEtNdM2Eu-GAROy97PA3vsDnqbcohvabFRcsWIDJE6PN_bOnrGI1xqHkb1qlf2chQmxaMxQLty-6HDJYd4VcoTjbH3uMJkYRwcLj4vrvuLlLBdf03Bc3L_r0PKfeOINSB2m5MiXt5jf16bQQKR80l_rDI4_rjDH2py-q9nomLpYNe8aYaSzJbw5N8VyMdQH875_mPiUJK_VgxDw42UCEPDX1Us-30W6cWFTu6uToCZ1f4fYwyG-OWAWU9mSgK2X_Vf-pvcMVSs88-1FMvrlD_iv1_UuRP02FysR2yT6WoOGP4evKOR8Gx10TpdgwTN41p5MsAro9pdYJp1J5bpIJtMajxQmYVzcKm4IOH2u4x6h8qEnAiX9csSGiwpaNYlM4RR5wOGwVTkdBjzFIDyvXWySpV1X10VuD0h6QUN3LYWGUPlXBPeN9YK&cid=CAQSnwEAwksa0QS0lQJkTC-P-55nCtDfJKlnN0nPWqYv6_pmX36n3YyS76qFHSMzrs_StoOdSFgJB5Tgprefug4bI4tAMFDLSLwC7UPV_hY3j1oRGpHDF4S15ewO2lWw9OlsMQ-4dLIjGYT_KmxKQDoL35YXEQbyrhdYheHMiFL3lU07qL5-yHKy2uAJFGtCKfsBTpZKuZ7ZYFm4QilxU0UCOfgYAQ&dv3_ver=m202509090101&nel=1&rfl=https%3A%2F%2Fklook.pupupdate.com%2F&ds=l&xdt=1&ct=76&iif=1&cor=13387480356387901440&adk=943508964&idt=74&cac=0&dtd=84

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

cd208c4a129484b38cfd5b378bfaf8c103c963a0174383afc47a847a71a5ed41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 45482
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F5A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0

43 B
718 B

41ms
39ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMvUFxiw6PbEAjAB&v=APEucNWltOd8IyfcJANqQX7sfb5HZPZCE5GMsyEF89Vepq16MzaQpbzK77sao71GkUQat4IWlfdtNe6WwF-pkMg6BogSVquv3lklkl9fIZjh6sQiHzdYs9U
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4PgQNPbpIxAuAc9vbFll5yy%2FFnpdlPdMEBXdkNyU2fO4UgqnSxHbX5g26tFuJlkobN%2B2zRqY26qspTyi6R4Dc%2F2xq3j1Lc8%2FwTrapN4Wt0obvv6nlg%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: image/gif
vary: accept-encoding
priority: u=2,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98c458692967a300-YUL
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 324
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F5A9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aOizU9HM6xgAIWPHAd9f4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1

43 B
808 B

40ms
37ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMvUFxiw6PbEAjAB&v=APEucNWltOd8IyfcJANqQX7sfb5HZPZCE5GMsyEF89Vepq16MzaQpbzK77sao71GkUQat4IWlfdtNe6WwF-pkMg6BogSVquv3lklkl9fIZjh6sQiHzdYs9U
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4HESbtQ96AomFKof0r4odDKbvTBUAVvjU4ssLjuJjr%2Bejux1fWkIY%2BVMPiLSdLYp2GSlsUZrPdNJuBEG8BLUucKzYbq8oVSCT84KhJzVehl1EwWiGQ%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: image/gif
vary: accept-encoding
priority: u=2,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98c458692966a300-YUL
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET

setuid
ib.adnxs.com/ Frame F5A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

0
0

GET getuid
ib.adnxs.com/ Frame F5A9 0
0

GET
H3 200 container.html Show response
c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame BAE0 7 KB
0 0ms
0ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202510070101/pubads_impl.js?cb=31095120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://klook.pupupdate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 3121
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:42 GMT
expires: Fri, 10 Oct 2025 07:18:42 GMT
last-modified: Thu, 08 May 2025 23:15:48 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510090101/ 63 KB
23 KB 36ms
33ms Other
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510090101/gpt

Requested by

Host: klook.pupupdate.com
URL: https://klook.pupupdate.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer

Response headers

content-encoding: br
etag: 13283420341987886150
age: 64042
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 13:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 09 Oct 2025 13:31:21 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 23314
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202510090101"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F240 652 B
254 B 62ms
47ms Document
text/html 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJix78MCEIaqqM4CGM7z08ECMAE&v=APEucNXB8dPbc6dgZ2l6shTOze-L7eQDW3MvBgVcddEBqRZOqbioy-GoVFxz8Uk1m0l985gbwOhnlzfYXgzr398kObnoGNZMZxHVBhvWSquwd7k4eTopCb4

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

8c04e118bdd5757192be2a1eb360786f9fa1c4b398806430b7f41f203f64d8e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 10 Oct 2025 07:18:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BAE0 103 KB
0 14ms
14ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

5e2fb13fa7e4158cd2fc32ac83803d4fde7c96572fa8c6bba8b7b7f804201c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 6681987532584135033
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 07:18:42 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 35538
x-xss-protection: 0
server: cafe

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAE0 42 B
63 B 51ms
40ms Image
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWd2tofs9BeE1bxRHCXi1CycAJM4e7CVHQj4u7N00F1kcg_Q61mk4Lum4M16LCMmvRVbyG0xEGIkfeQMN5GXtFxlIkZLqxo7tiztcCp_4sJt2zJEQ

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET /
a2.adform.net/adfserve/ Frame BAE0 0
0

GET window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame BAE0 0
0

GET qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/ Frame BAE0 0
0

GET l
www.google.com/ads/measurement/ Frame BAE0 0
0

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BAE0 221 KB
0 14ms
13ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

8fdffa5eb0b48fc1905798aa59fc2f7797ab0b8834a50c379c52a158acc9ab08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 922261510173048218
age: 2736
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:33:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 06:33:06 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=ISO-8859-1
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69858
x-xss-protection: 0
server: cafe

GET html_inpage_rendering_lib_200_287.js
s0.2mdn.net/879366/ Frame 6AE7 0
0

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/ Frame 6AE7 12 KB
4 KB 29ms
29ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjwTr5nlcNL6g6Ov1m96gM6oA9HEafaEz4n8luDu9VKGkqWNbdRb0DUnhWqkEwr_7FY6WYWeuDL2CnH6DTgFfR-iJKkqkJc_3j5l3j5V9aUmLc8K8&cry=1&dbm_d=AKAmf-BSe8Z52iFcSxCuttlNOQDD7aRFLECMLAC1torI-j5PtKew8_LbsosZn8hTOjc4xdtt3OAupdngV5vLHepuBR6yhso1LVysVhaQFm6jUiXVxKSp2aUvQFcz7FmejOB8WXso299_pfMv4gjm1IyiQrjYNblcpMbf0NIWIQHEm0ZVMjmUU5rP85a4RlgwzeuEty4YzQTzqOpR88iHLH8SI00C9y645ImuTxXkYaomq5jrzG1TQbdiNpr_HeBWDfwRTHr3inMQy0-urkW3CqO4MHpSemS8siSvVPl7Vh27KlaMQvmreCyJVG06edzr9U25HhnjrbzNYMDnTw5nBFD4SYnt_lxqqALp8boxpEVpYdIXDw9wj5Y-C3Y7fKROzseIrYwl2kI_bDtaOofWKS2A28GkWhCcYO_RKnKE_qCibmY9P49ouNhacqjJcsmlcmWyNPcEkK5rHk5jdL_MAfVyVoOBGw2MbqLzvN5bhWFEKf-WMHWrkszcSzkKuBoMcaGKXyhAfRG-Ol0-r8TptO-PXss7KHdvSyCZjfbPl_uhsYjF5WHu7yQ33v5UCdcrszlQOABCIPOZwJsgD33vvb8WJmjrZVPML00oZS9GDP-n-P0X0ZaqCsCxvBode0Sm0bZMaj1sjCAxwvJ3ljcuLkhFQ71LXKQuyADHPgCBrt5DewvOGJfsBxxWlh_sbGKjdfbq-vTwzTnmrR_u-stcn6TZT5dbzDGOcBdM68uxpphwcpX6OhtOAw-0KoxuKB-0-dtT2lb806tu0Q7x4yuFWcPomGxxPUg_gVQhCooKFTLpln4yVSCW5G896ZZoql9Opboay07wtPfGQfOqwwpx01BjrYxxQ_dQaKrErgT8kNEE0ar862eXKdjy9Ng3WnSmcylQg_ne3gUCMM0vU50Vo90zr_qgbcpSJoneGDDpuiE4OYZUEDKhTQWVxGX1Im0RSbPmP6O1jkJ0ZILHLOen5oElEx6VqiuVTSV3qAiktkNJu30XMKlNdByOy6zuw1udQ3aHXZgV4nBk7Gfymu7iz2R3A5Fb1zkc8yGwqYxZdw3Jy-1qh_iIBytyYh999QFDdCU9XkNa9fCTtSfHO3XCmUByrUGhZvXs-bNn40aw418Hpie5w9ip-Ha5R5AOcnHUUX6Pz4DUhTYzXO-XEwVOrsTbhmn17bG4awdWboogXeizHf8sVcpO33xfd379FbRIjlLLqNo8OBqx0Bx7tcLnVL8mfabqZgV0v-T57PqC2nSJ_u12lhW3iEhANrGYeL_gk4AwDEPq0DTYJLt6uZSxhSw_XhTv9n_mbcqkjRYbZeKpVEPxIm0AwllwA2Y7NIY6z4601Y2IMg2QeacpfNnoUYJWjhWZe4iQxpZ8Wo8u4BHSgsWpyGTpU2eDE1zdWJiSslN5MQKY4llnmz29fOTMDhRm3ZErVNqGfax4xY5eTNbJuLQwuycqbjjUvZnqFgBuQAR6o4ptJpQEB7dDVG1Nqrl3Ei0c6CH37cOyy1BsV7VKB2QqBcl-aE7BEfUfzFg6cmDc_hZI-dW0ns34U6AUVuID6iAkg-iOkv761-uueHmoUKiWvRcMo4Bq37Z1zgc8_VO_xIO689O72uLT2n__EEcHmqwmPsuJu9JtTGDMSUQ6ttIs3gSZSn9e9mFyRRLN2-AE9EiXx55_InlHZZwnpdo1LHd4mVas47Zbpzxq7TCrtn1a-LIc1hkL3R5zkJOLbjhonINmgYPBevPXrVD6GOi93XYSkOdTMESRezLtEOkpmWWWr7pv5S2QaZ_Zb2xjjqSq_TzYxuXsClAsv3L9zbdvTYZlbqjJt-sp2b8g5rF-YOcGKEmKgeORbznmT9MezxNyWH4i-T4C3RuptsMTcVbqRFztjTGfTL0B-nPJoCoN36QJxyFA4SLk6M9OZU7GZ6iNbLrWe4ZEZsxEVNuvL5qpLGCzYieM-kYcwjoNPuh5c-scrNPYQDpla7vA6PHSDjG_TBWo3KFVULh4RX203g72RgMCe5s9l7b29YvRD89iH8Q3setoictMFDgtjn4l131-51TlhbYs8RLnu24YRysgrWEfhDP-WrOdHQn2iBFELZD83tmvFsP40mZiSknyLRZEPzsEquqXvSD4YgX5aSESq8C27BlpvwjFXax2fhWuklv3aUYoaQfAted3N0LjWu9wwBmV6kXI-B9fThXjDFCrXeC6P4iziRDccZXOQFvJrHjfSNnj6m2VLZQKgN2FLldOvEW-zJQ5MD5kwqHl8WL8bORZlhyrxCl1fi-ZIpChSbi2PLt0vxB_SiU41olT56HdcvU89vLd3lKopuXo_9K336S3weYz-Q57Ocu2XoFnj3LbQcfpZIOn3LpVx6CLvrgSF0l9OL0COtuO16UCLl0EetMFqitJ1lCpfxe5Nyp8H8YTLlievKwHm8EJn-zDHW50FC-EC3gFZmlLZbQsGyw1tsKyH1qi2jNqYXnEFi9_pMFhT_d8WmtGI1sLoTmyvLgp_t9bqVAbe7GGlqBXeQ08Wz-W3orIGIu32N9-LxBxcJNcBPqs32maSKRjhjv7mds0L8Dr3oscC6or8Mv1QY0JWWbDX81uSy-PXzptHticqgq37I0pTpCzRWg-joFf6wX3Xk_S-EFXshr-BttsvozvrYc0PM0TxE_hZAc3ypfoEP5wZgCoNWW2MoPWaI-z_0gQMOcXqjIZiY1HpgmzFS0RnhUP1nKAaTFctaOc-FlpemZMmOH0CVsuMu3Kojm7vPUbcit_Xwruf-xS4Ud5YBIIECwda4Qx-b_NjPx8VDLebE0HtMR5HoOSnh9dfN5WmLl3ZJq7iQYgItuGxVEWKJ-Cr2Vamk0BlPWf4B2TybgLuT7NLN3tsF96plnM-p8dRif7j6lU-7XJCKldpVgdImZWuhutpHxkrjbUtqgaHkIL-3bSiVTERBvvelylO9yjB30h8QsyQo9Ok2Mo2xjqmnOMDPUqmGBwATstDaXjepTiOxN4BV_qyfo5xLW352mUOpNt79UiA4zW8aaCZilvoryCz3GyMJ-j9cdTruwMB_Sy1DYkIBmXk7B4YExUpnjcKy2gsiHKjW9UpRdZ_r3Nd__ABWjMDma1vcUdABiMfjXLa2LOljgasu2JJMzTAhb7eA_r7Nz1dSGLzO_p2HTcSUXb7p57c0eaSv12ztoD8yRBu3UMpRGzHbXzIImqYfnjmqOLfIlxR7iiRFVXBSE1CmGnpY-oR-m3hLtB2kuGq_pBTxeRwyIFRBxaeDIwfe02DsTZx1tw0LT0BV2vwlKFYsYQhwczLY8ga2PWsHMVCxG6NqM7am3lNWRBtbOHeEsqueAFhv43PtIJkCAVnPjUDhrO0CX6hhBQ8IBrVd7M8NN7cCPE7E3MuC_vv4hS7SrdzBI_MbYXm5Gh3U8h_xyyTBkCReb4VgFCjsEl-WIEDlNUa_FrZGMNuwqrHSBBUL-ieMk-WLd2kIXFE8YdUGU4xlZNqTybBqlsr2JjkIjHetlnVOzCDUpzPN0QYwL87NpySgK9AapVgoo1EYx32TkcWcvBE5RMokhCbTNcTXC9OLrGeYUOZr_KsLw2JaxE816j6_KKzSnpfSRKtR4pePtBk_G-uhPq4rpgZAA1FWVz1iRVrWpAeO1_v51LBjboblKUCAJcPX969b4p5MTiV4K9AlUjLwcrOLJNWNBjy3HoiY-nG_9RdJjVO5Vy0SmREHLvXckjRID28ms9E2O5IqP6uPU7UQ96fEnLAdscWHLhexVO4NCjb8-6PlzOr9EG-GzuxGy7RyfhHVL9Fs3I2XXPB9q_U4sdCUm773XxIga_GhTuQdQMUwKc3Ratd0TrnYMDS9qFEPV_IhXonLnD3DKIJNKbSPe-j0CpXboRmGGVfZmfk8dRUbb19jnkNG6-K1FB0Fe3XP5bltXv0v1V6lnoaP5TLNBKTxD4Ffz24tZVlaWLK74we5L5JKoKfRWMzA7r5OJZOVJRcUviaIsUyltcQaTmOOq2Qo-QMWdKUMjBTv5dqiNE0FctmAS4nXKyjJNCBZtEZRjQbRFNqCormsThLM7WB83XipXBVF0WfMQ25Let87y6YTgJ7SopQ4T2e68tPj1ZxpZvaVyrvO5jEpK7kFQ5mwHK1Fz6CP63zw3c7BnDhshtDqxNUt_X639QhV_CbRwd1GrwXHKrWqqJr_wi6sguApANiAuxw_ePw_y8NM2mqMNYd4NlN6c4xKnZHwLnDujAXB3JbE79GighzbKIOMAUwpf5tGIa4vibrIhivLIvgzewtf5bH8kPSdYVqOkZNOFzuPONiqdWH9Fe9FcByYrydkzeKSLGMROu20EvPcgFCln2rjZIv-XuSA_Ef-oHltWG8JsockhGJEwybZMtfpZmH5dwTL0d6PA4L3LpWS-YLpI2mBD6RRJEOD7N_b9DfET6a3BACYCz3dJLW9Lje-SEtNdM2Eu-GAROy97PA3vsDnqbcohvabFRcsWIDJE6PN_bOnrGI1xqHkb1qlf2chQmxaMxQLty-6HDJYd4VcoTjbH3uMJkYRwcLj4vrvuLlLBdf03Bc3L_r0PKfeOINSB2m5MiXt5jf16bQQKR80l_rDI4_rjDH2py-q9nomLpYNe8aYaSzJbw5N8VyMdQH875_mPiUJK_VgxDw42UCEPDX1Us-30W6cWFTu6uToCZ1f4fYwyG-OWAWU9mSgK2X_Vf-pvcMVSs88-1FMvrlD_iv1_UuRP02FysR2yT6WoOGP4evKOR8Gx10TpdgwTN41p5MsAro9pdYJp1J5bpIJtMajxQmYVzcKm4IOH2u4x6h8qEnAiX9csSGiwpaNYlM4RR5wOGwVTkdBjzFIDyvXWySpV1X10VuD0h6QUN3LYWGUPlXBPeN9YK&cid=CAQSnwEAwksa0QS0lQJkTC-P-55nCtDfJKlnN0nPWqYv6_pmX36n3YyS76qFHSMzrs_StoOdSFgJB5Tgprefug4bI4tAMFDLSLwC7UPV_hY3j1oRGpHDF4S15ewO2lWw9OlsMQ-4dLIjGYT_KmxKQDoL35YXEQbyrhdYheHMiFL3lU07qL5-yHKy2uAJFGtCKfsBTpZKuZ7ZYFm4QilxU0UCOfgYAQ&dv3_ver=m202509090101&nel=1&rfl=https%3A%2F%2Fklook.pupupdate.com%2F&ds=l&xdt=1&ct=76&iif=1&cor=13387480356387901440&adk=943508964&idt=74&cac=0&dtd=84

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

5200be3b4b176c7261265cf054274ea69fc60a845b1a7ad6526f39800a42c9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 3556294197315566109
age: 62342
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 13:59:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 09 Oct 2025 13:59:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4400
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/ Frame 6AE7 29 KB
11 KB 27ms
26ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

85581df61d5a1dd5bd4262eb26e836283a26bf7e72477538f1ab619ab61ac5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 2256618141468367123
age: 62342
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 13:59:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 09 Oct 2025 13:59:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 11030
x-xss-protection: 0
server: cafe

GET Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 6AE7 0
0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAE0 0
20 B 48ms
48ms Ping
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1698801114956&version=m202509090101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAE0 0
20 B 43ms
41ms Ping
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1698801114956&version=m202509090101&ct=119&x=1&cor=8843801923944061952

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BAE0 105 KB
43 KB 80ms
79ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQhLqJuhjs54ZffL7zyOXrPuJNG_D0Y78WOvQt9ttJazYoHZncpaCQ3IRwWeEHQyOLCPaBFxSoUbozk3tyA84K_mJkOooKkzmuonZHyZoQ6Zmkf8KMAg1eO0JeAjXzjky8sXC5bBQRVVR9vOuV1KLxeGfb4Sd6N2qFkHX8EhoEIjGm3CKAASzAVnXHUe-iqqjrAdMnfiwKp55D4_L54yMpq5gSib-nEgDwwev8oS88HdGFAYxWwgfov1tOVNYCfErxAUCCbxXPadj2oenwwiVZ0imFP_V8qvUKZfKk3EtCTF3j9h9YXvvcDJlUPToYIRz1Xyq0&cry=1&dbm_d=AKAmf-Amkb8CbbeASiAhsG87V_t_UgPO5XSclKsk7r5B6aIv47O4nhNTjl383gTaraBOmB71bzb45mebE902rMhk-aPFLApLdl5DzAx1_3frqd6wN8fNvGtNOI3waxtcXO65rKBdTXcbl8haPJIQquoTq9ie7lwcTlTfNDLik-x4Nu48jNPtqEQHP34RwyvoYvYGEAbQMyEvvYVPHg2c24fk_WxHkjyjOYBefm6z6VvCZETIhYTQJv4MreqLE_YoCD1-hUzXvZcqW-bhi_V60YMV2uVU6vMaePwDkISbrIoTy08v1HXk3sV2LHzOSnkiKoPSX8bO1LBjVjBQVeB7dibtXYTKMyDviQSJRlJBC0FuCGkS8wnMeRPhotTU8CA0KglB_rG_063uoURXud7cWslRxbsRSQOzPVLw6iPkz3pT1QSp6Idlfibh3rFEIuvu17k5ZlPec4Al90kJkRrX0N0M5Qb5eR6vlV3J68AcGyPLJDmuVOCmw7yRBG3RefvmXAjHHyqVXj2kazDosZTUyYM4GFUemATS8W1IWVuWJdQ7EYdrPWjnb5v6xk8coUad-D_1qKJZazvUy5gi1KzG2ZetmwYjGjO9Gm0gvvoxrVHXod6xOZxqt3yn-hXTTWOSTAmQXHTku1vK4dJbNN0Vy5E8WVgKOULYgL4YhD9tbjylTohMUEt6Pl8MMYskPJwCJgfFxh6DjrfOShMimN2nTOIGQFFGK9lyj29RHiafLZI8MaIteS9eU4oBT-DCaXmxgYoVH1uxcaHXHMlovaH03A7pUl62hBaGaRW9sVqIAh6S-OzYdaSxb15OZFgNmfgjrJOTBlnadmsJXHpwa06A_2XDk9qYoswPhS3QUZKXA1aTaGdc9YZfD1GnEEB_t6hxO2LFrPd5KeNvDUWd91PC9BhP_iE0iCih05N7pHq4MUQGtMSsjh3Rq-_mziFrdSgdsTJ1mRvCVmMvMfgeCjcIDk2mm0F6A5sJeD00IP6EvkdG7TJgR5ns5nfyFesR2KSpylGmmWFFlpNwmx5yyZiuRnFoJtsDKHpW-jHcDpJs1K0n-3aKh5MIKtttUqnJ-xtqWktBMIu2CmxF84kQF8vcZEcE2vcXMWInub-aMYC6K1vkDBkXn_BDGCD8Nb5Klo4ZdRMO352W3u6-AASDRNcFGtBTpkoEpIQpj0k9BkU10brdgH0IVmANK7Aq2tB3t5oMEPGtP4PhXD75ngL_psmB7BpeQ-QU0dKnzhpiMh2j6w_dB-xnxNYHkeX7BhY3qnvAqv_JCm2MtjroacHMn3p4j77Uqrhk_f8HqW79K5SQ-eocNm07L8tb2lj4XkbomRuiRadR3FhIAIqstJtOnOX6eTY2rhMXoY9Wtii--xvjHCkhd8YGs9OukJV3HjAvReJmdnl_aaod70GVA1r84r1j2oYC6ZlmSwNRsp45dFT53JGKGt5vIDrJz5_FoeLITLtI_GIThz3j3q_y0rSene9cZ3_IXI8Rpj_5T3xhrWvjI-69zWxKL4r34Y6Ofk3dsuviNw16VBvoEMIipQ6RxRuKdHnRlgOoejQqUTvYq9hgcwdAgINkiJTOhygZy12txka750wP7m4dD_nAB8lBK46yTBE3Y_WCmejo2CPxVPICBLxKNjAw2P_nsaXCUBZBUeq2WnZ8sPetpp5DPDEl2JxE8kImnQaAjnwXFxFl26jN2l_v8oI0Z1zlG2rQoICboXTCG7XjOWBN7bd86fiaOrdHURkiG-g9nYFWzG8SPDPEFllhEoMIgCB1oSxEUyJ1rAP2YyEIJ4ycZ8rrwqDQVH9dhFaf4-D535-HkabqIay4NxTLYhZQEwwMIWwALI7xLgCFm11iYh5GISWrl1dJ5JRbciYiH_QNBGVwwpVkFwM5YvExAB01QZvmR7YglFudDd64KO1NWs8NSFPb558UFzH7Wp5NZhK0Y8WJTGCEULy97rxQfP5_oq9dHrgl35AyWYIRuiE22h8uZ_cViptjm4DjOMLBXveB7_3e4o-vYoZlyQUvNV4I4F20xYMsZIhPCNOCEJ0fn6OZ8QKfoIhIOYZJhwhM_qZSlUxPtKv1c2RQFyKqO_zdiar8rYmeZ4Q3Eem5amqPgigHyHhJIBovJIolE2_shCuNtyN_svYUy1OhmFvCtcGb4LW3-a6dY-fDp4exgH3sCUEkVmJwH-tS2taQTxgCoUnTsJeUthvzIs0PhKQcF4oV73mkmpFGVbiY-mu6Y8jGrlxCHBVZwWpxJNJJKTTfwm3NNgMmV0betFf3xojSSk5TvL7PDnqSzSVlUoXqtVZ2GRc8ZAZchOVeS5lFPpH59PD1hOeVsIlVkkaa9oMYNFafVqlw5OdFktU1SNpULnCsY7ZV7Hsrcq5PV0jduyL36ju2Lh6eqHMQQjqJOdGaBmO2FW4q8rRfPhAnhy0a5416IlQw9HUWAeyxrrvAZIG6jv_srWaxxvxZeCtnkwd_36uSAGkRRtWdAE8v9fQr70Qvxzw5mMbbzMFJKkWey8TnSFL8SJQ52_3snpIDAqmZrM3KBldwLAUIq3B9fgz1xepHRyKzZpD8Ftx1R4ERvNNOZtU-Ptl07Gsjc7L4pSkndFXVgkLJ12s8jw-bFxeAWZVuqS3DmjgUtBwPzlwhoGy7MnRJ1p6A7q-VTI-xubK0-Z-1iVcZBjL8lFxjmxYbZS9IiF1wis4HHdqUqcyn3V7BG0IovyDi-UCSFYPyIGuNWnNah2VvbcTZmh0bBzj5FrB-4PDbPDbkZj4mocxKzMT6WXl60oiJgRi_a7IlYor9o_cIG8qJL7LPZ7b9LwlGR7MOYRAIAUXFJv2YyHKiX0WGI7WiDfzi5TqyXyaqaDGIrnP6JRKE8DSy4TiLIwX8hAA1-XcwALTmQuMXgLYt3fT09AhSa-XdZSTGu5S7hd-Qfc1-tzEfS8mz2Tq-pNc9QVOjk-hW8XxzDLw1o_1IPWBNp7SPo1kPCbNPu9GAaOUGCFIz5LvxKHzTGyB87PPAKHJfpEiiebwSjC7sdahOQtx1AO3hVaKYyY_VMntXzIYE97UuITrixn9ed5MJ-zyyWgfnCRIsbeHFlgdk5ax-fBsHCVk-wmb6uP5G4bqQp-NedL98odXDIBICWxJ5EBBDpssYNsavPYqGLHC_gStRFB-SEPQXH4r-2tFhxpagQtnlpobchi8KiTGxGMnpg7tpgVHEgYRb5MlxHM-z5zgyHCxcqAHAN1rNF4k0qZxdaP-KwtCzrG4h4XnTy3qdiJJSMw6Pcb6KJgej3Z6VUL9DbfnyKD8_m_WlCzn97DBctw8Jn5gvdpm3A8YSV5o87KTUdrkjC3YhvJiXwm3BQVr0wXHux5J13wQqYk5J-zJgoREbl8xOCIigxq-92npkKFzwn1ibG0XZrDGJ0ARrtyvvtYCt5UPMIQLps90DaNNSY89dlgHIBV59U4dgrxNJ-heDbiT2jUN68poMq1YaYb-DOzDY7jk-CgP027hgCVj41JKjRtN1SCd-acqq921hS6Euy2UfRh9cq__bpGZochSQD5TWeDAlCS9a1YBheYj4hJvCpFQp8W-UcG05_LRNV7dtUwCvI6CSSa5AOwPz8x3FOmYq7uONzo0g6kPp5yWmevWf43XHcpOqNfAY1fgbkaPtY9rZPkKjoUMUZn6PkQlvmQZfX9-i-0Jq-50xYYNvOvtaZg51KRxeY_4UvYljERkdWhD5cziYmROZ9ebd329xNSRF9Q57cB786BsIzFmjlOYDYWIkGTx6JzSMClslcd0PNGzFKp4jbaE0z4vczW5fbJ5gGS7bYTVLwjbf5IhLxII8NSTJwjLiXauyVb3YWBYsURcy-e1yqaI5bwa__vhKnAnEv039VFkhFcvuHa2XOSs0P-_OGoyjEC3TTtuHRl3isOm8fDXu1ckKgOJFsdlqDCRHIEtYVVIr1K-vdpp3M55ISaNnZ6a1GA9NU1Q27uJD124b03JVQMmiYZQKt9s8xlWt8dWqtr-WKJb3PsaThqa4ax_P2Tpwbqirvmiv_isC8cGBz0FEh0bFNXqubxS-TRIEvFusprumZQluLPaa1tEpKAYUQolCZtQ0Yf_SFv4yXMzmWG13tOyTqv-8h6h-FknOSeORWeRlnFI5_CeL2QPFICK-SihqL6XVwjlpDu5f0gsZ8uVT5THMugqYrbyf0oPKw4QIkIsRKk6cQY7tzaBb1HcD5xSiZ7yJ7MBg598-BGYZIOWYrihVUOZsMOUy_2NFVRqDzEaYn_2K1LAIBZrgvATUErKYXifY0ew34OicDahyDEfFSPrK3reE3NcTjptqBo1uBHJGnn-6jokRIJEMb7P_wecBA806SCmmg2BlmZ3drikG50P1I2-LnUgMG0jfuJ_4oBO00ivKDjd-3nBusGnxm5_Nn4FkgFlGHte2PVQG-YyaTXEMY6w2NK5ZPFisoGh3NlJZSfQPJNKZS6fOAhRK_Mj6T-1_L09MJBxlh2zWwP6hFem7_xhtOrbq5E9Yvh0orIxejgjOYU1aFrHJwMrtSgdYF1mLMnLhoVX5pXnLALtS2R0TijlsCSikmS79PDhD9NSWrYTlnadyD7TfmHrFGgKwJG3lYR5ixXXr8oPgthJRLgZ3lPLtopcbYFGiPakDpCXPIjiFSLuPote5U2agskteqD1oXzpie17JgRd1EU8IjVuTGJQ7kS3QcInuC5MdD4jW8afQUYFc2mtADph-HYiWY18l_L4-5CWYRkGhDiGPblm6ZfUkL6A1nj2MSs-rieWW1NpMiSf27N3MrfPYiTKAhRAt2MRszyvYa5oPlRP_l2bGi3YbR-grDVJpcuBTbgiEsookRmY_K4-MYl4JwdJVOr265a-uWsGySkH96jBYQK7Wi3zuaqAu5vQkxDagQbJn0W-8RGaarzcUu9wKfGJjxk6gFN5zEhLi3xILdBfY5MtwgtoUg09Rs7TaYniM2_TKzFDRYNEvkMahG4JsPKiM8aRAF5aYF5BreH9Yqba7qYFHF10ASuv8HHVWPvontZN82AtBg-seuvaMd2NtmQHt4BJeFPiF9_FBd7AahLuQomoPsLCXBPNT6XyAFE43ajLFCQCzu8pS3MSdZmE3g6ZzNnZV6IBW6r6yOeTCcZfkl-a3WznHWGkCqfezR_m_9Q15tw0t6OPqeGhRIMGilhSh8DtN-M_ZR1zxVEC2yfd6q-wK4bD0TMFlghEwOhQlo2FtMedWHrSL6e4zLUYkt_dq8xI&cid=CAQSnwEAwksa0SoKaN5yXj1dZQjbPtlhTYQ2b00eoHgMzmmKDnwkI7ZP8Hm9ORkxbm5mS5FPN7349Cb_4VQSv-WaBpeRGVTp_uh-aTuGsEfCHviK_DbRaBVpB-DKN77JH1pIKWTV_J6wInPHRjxA9oXhNhy_rxit5A5vOPsElq52eARL3ueyOOH7lvbuUFdlgWxBf__vRK3pTA0BVyzof3uH9Z4YAQ&dv3_ver=m202509090101&nel=1&rfl=https%3A%2F%2Fklook.pupupdate.com%2F&ds=l&xdt=1&ct=119&iif=1&cor=8843801923944061952&adk=3690638928&idt=25&cac=1&dtd=62

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

a47bb7f59ea39c8c03582e0f2885a7f1e24d8429e2e916c4a797e2ad2dd41b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 44190
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2DEF 1 KB
0 2ms
2ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

age: 42820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Oct 2025 19:25:02 GMT
etag: 9725182468138058862
expires: Fri, 10 Oct 2025 19:25:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adrotator2. Show response
fundingchoicesmessages.google.com/f/AGSKWxWCuzYaeU4PZcLFuLhY-cHKjpOxHKX3xKriI4_3O96QGHdKO9ZQtMyDrYodUdnvuaRHH3EsmtlG70DBwZQDTZuVIRrhctHJf66tB_U1wsU6jEJfVj7vwUKD8AA4P55iXOA6cqHRMT8JBir7Mn-DwyqKuW6SN... 54 B
109 B 50ms
48ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCuzYaeU4PZcLFuLhY-cHKjpOxHKX3xKriI4_3O96QGHdKO9ZQtMyDrYodUdnvuaRHH3EsmtlG70DBwZQDTZuVIRrhctHJf66tB_U1wsU6jEJfVj7vwUKD8AA4P55iXOA6cqHRMT8JBir7Mn-DwyqKuW6SN-7qUEeXCbKtkDZo2khPMjNdTjw6Rvua/_/SWMAdPlayer./adw1./ad_label2_.org/ad//adrotator2.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2LS2qpu-Q0o.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzEkyYv7wEEPbBvQcuitdGHPjLjHg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

4c36b06a89cf4c1c780d6e4b5c6c87f7508ba5cf002c769a486e33acd45b5383

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AUgBvx5M5lsEGlOaD2J4rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw15BiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhbg5Lj9bdJxN4Eb_nAoljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjU0MDAws9A5P4AgMAyeA22g"
content-security-policy: script-src 'report-sample' 'nonce-AUgBvx5M5lsEGlOaD2J4rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
53 KB 60ms
59ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2LS2qpu-Q0o.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzEkyYv7wEEPbBvQcuitdGHPjLjHg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

8cb6ae09514b67be1a20289243c8587c8411009d4ee4a79596a11c9fd9d4e9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: br
etag: 7309697808717534251
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 07:18:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 54336
x-xss-protection: 0
server: cafe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UTBPfgLySj7vWv2g0HA2FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4ua4_GzRcTaBD79OVii5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjU0MDAws9A_P4AgMAu3wqPA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UTBPfgLySj7vWv2g0HA2FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F240
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0

43 B
716 B

42ms
36ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJix78MCEIaqqM4CGM7z08ECMAE&v=APEucNXB8dPbc6dgZ2l6shTOze-L7eQDW3MvBgVcddEBqRZOqbioy-GoVFxz8Uk1m0l985gbwOhnlzfYXgzr398kObnoGNZMZxHVBhvWSquwd7k4eTopCb4
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9vaOW6gHRGGn3RjDo9SY4i49Bb%2FxH2jxbqAxzsDIa62coPVk%2FnBa1cXpdCTOHCS2EXMwaTtfV11o7SdsUFKXerxsMG3jnyYx05ruJVHTlEyzYc4blw%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: image/gif
vary: accept-encoding
priority: u=2,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98c458696990a300-YUL
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1&gdpr=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 324
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F240
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aOizU9HM6xgAIWPHAd9f4wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1

43 B
809 B

40ms
37ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJix78MCEIaqqM4CGM7z08ECMAE&v=APEucNXB8dPbc6dgZ2l6shTOze-L7eQDW3MvBgVcddEBqRZOqbioy-GoVFxz8Uk1m0l985gbwOhnlzfYXgzr398kObnoGNZMZxHVBhvWSquwd7k4eTopCb4
Protocol: H3
Server: 104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=i9lUFwEmjb%2FFjsoue7WNUgMlRcRb7ervhg8WmaTWx3LYKEvypJwCSmi9JEXXVfpMjMAiAXl3toX3PuwWlMyUi7MDEM1Xoqdvw%2BzIiPVsihO1%2FlQU1Q%3D%3D"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: image/gif
vary: accept-encoding
priority: u=2,i
cache-control: no-cache
nel: {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma: no-cache
cf-ray: 98c45869598ea300-YUL
content-length: 43
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIWwv4Zq-wbM2WiCn7FgZ3o&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET

setuid
ib.adnxs.com/ Frame F240
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

0
0

GET getuid
ib.adnxs.com/ Frame F240 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DEF
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_cver=1&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-g...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=125308dae7ef13a3&is_secure=true&networkId=14000&version=1&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_cver=1&google_push=AXcoOmQVQFBX...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAGNT9DAvkNdAI8v44fAQEBAQEBAQCYzf1-IwEBAJjN_X4j&expiration=1760167123&google_cver=1&is_secure=true&google_gid=CAES...

170 B
188 B

45ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAGNT9DAvkNdAI8v44fAQEBAQEBAQCYzf1-IwEBAJjN_X4j&expiration=1760167123&google_cver=1&is_secure=true&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-gl6ckrqlk5fixERkO4xDvpZkThC7jKMWxtdOWWUgV7gETf1Q

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

expires: 0
cache-control: no-cache, private, max-age=0, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAGNT9DAvkNdAI8v44fAQEBAQEBAQCYzf1-IwEBAJjN_X4j&expiration=1760167123&google_cver=1&is_secure=true&google_gid=CAESEDr5pK4-g6k_BrzaLVCQlZs&google_push=AXcoOmQVQFBXMEdb72uFxcQbtDUoKcmzSruBmszXgN9mRYPtqLyMr-gl6ckrqlk5fixERkO4xDvpZkThC7jKMWxtdOWWUgV7gETf1Q
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
pragma: no-cache
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DEF
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_cver=1&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANra...
https://b1sync.outbrain.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANr...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEA35mrWlvvJhT1MVzbx0vxM&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANra...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&google_hm=MDcxOTYwYmItYjkwZi...

170 B
188 B

45ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&google_hm=MDcxOTYwYmItYjkwZi00NTJlLTg1MjctZjhjMzNjYzMyYjUy

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRZfiYtYCnAJAePe4elk9TYNAw8ytE55bgDGq9uIfsrFVpj3OJYXkQZOagoeZO7AZrtA6bz7aii4ANraBIt5KPbO1dwXRjaCQ&google_hm=MDcxOTYwYmItYjkwZi00NTJlLTg1MjctZjhjMzNjYzMyYjUy
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="We do not support P3P header."
content-length: 258
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8

GET UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2DEF 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DEF
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEECGdWQljn6zRNu-4ohtA1A&google_cver=1&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_Bsl...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_BslTtJ6n9F8LGtbmE09FKfBeXMg&google_hm=NDgzNDc0...

170 B
188 B

42ms
42ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_BslTtJ6n9F8LGtbmE09FKfBeXMg&google_hm=NDgzNDc0ODk2Mzk0ODY0ODA0MA%3D%3D&gdpr=0&gdpr_consent=

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:44 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-cache,no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQhPOwwXdOofDepjLhDlbW8EQMmoEcEeVNaP0h7m1Xv7ghlnG03jUA5UzaJOUCFXxmmJb_BslTtJ6n9F8LGtbmE09FKfBeXMg&google_hm=NDgzNDc0ODk2Mzk0ODY0ODA0MA%3D%3D&gdpr=0&gdpr_consent=
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 10 Oct 2025 07:18:44 GMT
pragma: no-cache

GET /
csync.loopme.me/ Frame 2DEF 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DEF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&pixel_match=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dmediamath%26google_hm%3D%5BMM_UUID_B64WS%5D%26google_push%3D%5BGOOGLE_PUSH%5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRRFF7raTmhCWqaDWfY_IvMZWIDnkQTLbt8zkb8pmA7rFpGtL7qDL7-GUQFddL0i9Rvy9UZ3vvMUVvJTFjZ9hDcp2uUYWen8ZI

170 B
188 B

45ms
45ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRRFF7raTmhCWqaDWfY_IvMZWIDnkQTLbt8zkb8pmA7rFpGtL7qDL7-GUQFddL0i9Rvy9UZ3vvMUVvJTFjZ9hDcp2uUYWen8ZI

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:46 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

X-Permitted-Cross-Domain-Policies: all
X-Content-Type-Options: nosniff
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Fri, 10 Oct 2025 07:18:46 GMT
Content-Type: image/gif
Strict-Transport-Security: 31536000
Cache-Control: no-cache,no-store,must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRRFF7raTmhCWqaDWfY_IvMZWIDnkQTLbt8zkb8pmA7rFpGtL7qDL7-GUQFddL0i9Rvy9UZ3vvMUVvJTFjZ9hDcp2uUYWen8ZI
Pragma: no-cache
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
Access-Control-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Server: MT3 2082 0091691 master ord ord-pixel-x5 config_version:"519"

GET

adkuid
dsp.adkernel.com/ Frame 2DEF
Redirect Chain

https://rtb2-useast.voisetech.com/sync?exchange=1215&google_gid=CAESEKkH-elUNx56Nwomo6mW5Nc&google_cver=1&google_push=AXcoOmQubMoTW0fWpd_pft0HE4ZSCb6cbBMUV3KlxFywiMuNJDdZ0Ab8l96M-BihS7WKzmTy97JRLLx...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.voisetech.com%2Fsync%3Fexchange%3D1215%26google_gid%3DCAESEKkH-elUNx56Nwomo6mW5Nc%26google_cver%3D1%26google_push%3DAXcoOmQubMoTW0fWpd_pf...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2DEF 0
59 B 73ms
51ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqldwXGNfT80CkqsFmDHwRUWiZ437ksBGZWBmrR38LhmRRVvJor6FlSIbDjXrIR2SyszKiA_ae

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html
server: HTTP server (unknown)

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8ItCxNdRl2HiArZhgCxrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG4_GzRcTaBjitNCxmVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkamhgYGFnoF5fIEBAJlIKY4"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8ItCxNdRl2HiArZhgCxrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

GET express_html_inpage_rendering_lib_200_281.js
s0.2mdn.net/879366/ Frame BAE0 0
0

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/ Frame BAE0 12 KB
0 29ms
29ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AQhLqJuhjs54ZffL7zyOXrPuJNG_D0Y78WOvQt9ttJazYoHZncpaCQ3IRwWeEHQyOLCPaBFxSoUbozk3tyA84K_mJkOooKkzmuonZHyZoQ6Zmkf8KMAg1eO0JeAjXzjky8sXC5bBQRVVR9vOuV1KLxeGfb4Sd6N2qFkHX8EhoEIjGm3CKAASzAVnXHUe-iqqjrAdMnfiwKp55D4_L54yMpq5gSib-nEgDwwev8oS88HdGFAYxWwgfov1tOVNYCfErxAUCCbxXPadj2oenwwiVZ0imFP_V8qvUKZfKk3EtCTF3j9h9YXvvcDJlUPToYIRz1Xyq0&cry=1&dbm_d=AKAmf-Amkb8CbbeASiAhsG87V_t_UgPO5XSclKsk7r5B6aIv47O4nhNTjl383gTaraBOmB71bzb45mebE902rMhk-aPFLApLdl5DzAx1_3frqd6wN8fNvGtNOI3waxtcXO65rKBdTXcbl8haPJIQquoTq9ie7lwcTlTfNDLik-x4Nu48jNPtqEQHP34RwyvoYvYGEAbQMyEvvYVPHg2c24fk_WxHkjyjOYBefm6z6VvCZETIhYTQJv4MreqLE_YoCD1-hUzXvZcqW-bhi_V60YMV2uVU6vMaePwDkISbrIoTy08v1HXk3sV2LHzOSnkiKoPSX8bO1LBjVjBQVeB7dibtXYTKMyDviQSJRlJBC0FuCGkS8wnMeRPhotTU8CA0KglB_rG_063uoURXud7cWslRxbsRSQOzPVLw6iPkz3pT1QSp6Idlfibh3rFEIuvu17k5ZlPec4Al90kJkRrX0N0M5Qb5eR6vlV3J68AcGyPLJDmuVOCmw7yRBG3RefvmXAjHHyqVXj2kazDosZTUyYM4GFUemATS8W1IWVuWJdQ7EYdrPWjnb5v6xk8coUad-D_1qKJZazvUy5gi1KzG2ZetmwYjGjO9Gm0gvvoxrVHXod6xOZxqt3yn-hXTTWOSTAmQXHTku1vK4dJbNN0Vy5E8WVgKOULYgL4YhD9tbjylTohMUEt6Pl8MMYskPJwCJgfFxh6DjrfOShMimN2nTOIGQFFGK9lyj29RHiafLZI8MaIteS9eU4oBT-DCaXmxgYoVH1uxcaHXHMlovaH03A7pUl62hBaGaRW9sVqIAh6S-OzYdaSxb15OZFgNmfgjrJOTBlnadmsJXHpwa06A_2XDk9qYoswPhS3QUZKXA1aTaGdc9YZfD1GnEEB_t6hxO2LFrPd5KeNvDUWd91PC9BhP_iE0iCih05N7pHq4MUQGtMSsjh3Rq-_mziFrdSgdsTJ1mRvCVmMvMfgeCjcIDk2mm0F6A5sJeD00IP6EvkdG7TJgR5ns5nfyFesR2KSpylGmmWFFlpNwmx5yyZiuRnFoJtsDKHpW-jHcDpJs1K0n-3aKh5MIKtttUqnJ-xtqWktBMIu2CmxF84kQF8vcZEcE2vcXMWInub-aMYC6K1vkDBkXn_BDGCD8Nb5Klo4ZdRMO352W3u6-AASDRNcFGtBTpkoEpIQpj0k9BkU10brdgH0IVmANK7Aq2tB3t5oMEPGtP4PhXD75ngL_psmB7BpeQ-QU0dKnzhpiMh2j6w_dB-xnxNYHkeX7BhY3qnvAqv_JCm2MtjroacHMn3p4j77Uqrhk_f8HqW79K5SQ-eocNm07L8tb2lj4XkbomRuiRadR3FhIAIqstJtOnOX6eTY2rhMXoY9Wtii--xvjHCkhd8YGs9OukJV3HjAvReJmdnl_aaod70GVA1r84r1j2oYC6ZlmSwNRsp45dFT53JGKGt5vIDrJz5_FoeLITLtI_GIThz3j3q_y0rSene9cZ3_IXI8Rpj_5T3xhrWvjI-69zWxKL4r34Y6Ofk3dsuviNw16VBvoEMIipQ6RxRuKdHnRlgOoejQqUTvYq9hgcwdAgINkiJTOhygZy12txka750wP7m4dD_nAB8lBK46yTBE3Y_WCmejo2CPxVPICBLxKNjAw2P_nsaXCUBZBUeq2WnZ8sPetpp5DPDEl2JxE8kImnQaAjnwXFxFl26jN2l_v8oI0Z1zlG2rQoICboXTCG7XjOWBN7bd86fiaOrdHURkiG-g9nYFWzG8SPDPEFllhEoMIgCB1oSxEUyJ1rAP2YyEIJ4ycZ8rrwqDQVH9dhFaf4-D535-HkabqIay4NxTLYhZQEwwMIWwALI7xLgCFm11iYh5GISWrl1dJ5JRbciYiH_QNBGVwwpVkFwM5YvExAB01QZvmR7YglFudDd64KO1NWs8NSFPb558UFzH7Wp5NZhK0Y8WJTGCEULy97rxQfP5_oq9dHrgl35AyWYIRuiE22h8uZ_cViptjm4DjOMLBXveB7_3e4o-vYoZlyQUvNV4I4F20xYMsZIhPCNOCEJ0fn6OZ8QKfoIhIOYZJhwhM_qZSlUxPtKv1c2RQFyKqO_zdiar8rYmeZ4Q3Eem5amqPgigHyHhJIBovJIolE2_shCuNtyN_svYUy1OhmFvCtcGb4LW3-a6dY-fDp4exgH3sCUEkVmJwH-tS2taQTxgCoUnTsJeUthvzIs0PhKQcF4oV73mkmpFGVbiY-mu6Y8jGrlxCHBVZwWpxJNJJKTTfwm3NNgMmV0betFf3xojSSk5TvL7PDnqSzSVlUoXqtVZ2GRc8ZAZchOVeS5lFPpH59PD1hOeVsIlVkkaa9oMYNFafVqlw5OdFktU1SNpULnCsY7ZV7Hsrcq5PV0jduyL36ju2Lh6eqHMQQjqJOdGaBmO2FW4q8rRfPhAnhy0a5416IlQw9HUWAeyxrrvAZIG6jv_srWaxxvxZeCtnkwd_36uSAGkRRtWdAE8v9fQr70Qvxzw5mMbbzMFJKkWey8TnSFL8SJQ52_3snpIDAqmZrM3KBldwLAUIq3B9fgz1xepHRyKzZpD8Ftx1R4ERvNNOZtU-Ptl07Gsjc7L4pSkndFXVgkLJ12s8jw-bFxeAWZVuqS3DmjgUtBwPzlwhoGy7MnRJ1p6A7q-VTI-xubK0-Z-1iVcZBjL8lFxjmxYbZS9IiF1wis4HHdqUqcyn3V7BG0IovyDi-UCSFYPyIGuNWnNah2VvbcTZmh0bBzj5FrB-4PDbPDbkZj4mocxKzMT6WXl60oiJgRi_a7IlYor9o_cIG8qJL7LPZ7b9LwlGR7MOYRAIAUXFJv2YyHKiX0WGI7WiDfzi5TqyXyaqaDGIrnP6JRKE8DSy4TiLIwX8hAA1-XcwALTmQuMXgLYt3fT09AhSa-XdZSTGu5S7hd-Qfc1-tzEfS8mz2Tq-pNc9QVOjk-hW8XxzDLw1o_1IPWBNp7SPo1kPCbNPu9GAaOUGCFIz5LvxKHzTGyB87PPAKHJfpEiiebwSjC7sdahOQtx1AO3hVaKYyY_VMntXzIYE97UuITrixn9ed5MJ-zyyWgfnCRIsbeHFlgdk5ax-fBsHCVk-wmb6uP5G4bqQp-NedL98odXDIBICWxJ5EBBDpssYNsavPYqGLHC_gStRFB-SEPQXH4r-2tFhxpagQtnlpobchi8KiTGxGMnpg7tpgVHEgYRb5MlxHM-z5zgyHCxcqAHAN1rNF4k0qZxdaP-KwtCzrG4h4XnTy3qdiJJSMw6Pcb6KJgej3Z6VUL9DbfnyKD8_m_WlCzn97DBctw8Jn5gvdpm3A8YSV5o87KTUdrkjC3YhvJiXwm3BQVr0wXHux5J13wQqYk5J-zJgoREbl8xOCIigxq-92npkKFzwn1ibG0XZrDGJ0ARrtyvvtYCt5UPMIQLps90DaNNSY89dlgHIBV59U4dgrxNJ-heDbiT2jUN68poMq1YaYb-DOzDY7jk-CgP027hgCVj41JKjRtN1SCd-acqq921hS6Euy2UfRh9cq__bpGZochSQD5TWeDAlCS9a1YBheYj4hJvCpFQp8W-UcG05_LRNV7dtUwCvI6CSSa5AOwPz8x3FOmYq7uONzo0g6kPp5yWmevWf43XHcpOqNfAY1fgbkaPtY9rZPkKjoUMUZn6PkQlvmQZfX9-i-0Jq-50xYYNvOvtaZg51KRxeY_4UvYljERkdWhD5cziYmROZ9ebd329xNSRF9Q57cB786BsIzFmjlOYDYWIkGTx6JzSMClslcd0PNGzFKp4jbaE0z4vczW5fbJ5gGS7bYTVLwjbf5IhLxII8NSTJwjLiXauyVb3YWBYsURcy-e1yqaI5bwa__vhKnAnEv039VFkhFcvuHa2XOSs0P-_OGoyjEC3TTtuHRl3isOm8fDXu1ckKgOJFsdlqDCRHIEtYVVIr1K-vdpp3M55ISaNnZ6a1GA9NU1Q27uJD124b03JVQMmiYZQKt9s8xlWt8dWqtr-WKJb3PsaThqa4ax_P2Tpwbqirvmiv_isC8cGBz0FEh0bFNXqubxS-TRIEvFusprumZQluLPaa1tEpKAYUQolCZtQ0Yf_SFv4yXMzmWG13tOyTqv-8h6h-FknOSeORWeRlnFI5_CeL2QPFICK-SihqL6XVwjlpDu5f0gsZ8uVT5THMugqYrbyf0oPKw4QIkIsRKk6cQY7tzaBb1HcD5xSiZ7yJ7MBg598-BGYZIOWYrihVUOZsMOUy_2NFVRqDzEaYn_2K1LAIBZrgvATUErKYXifY0ew34OicDahyDEfFSPrK3reE3NcTjptqBo1uBHJGnn-6jokRIJEMb7P_wecBA806SCmmg2BlmZ3drikG50P1I2-LnUgMG0jfuJ_4oBO00ivKDjd-3nBusGnxm5_Nn4FkgFlGHte2PVQG-YyaTXEMY6w2NK5ZPFisoGh3NlJZSfQPJNKZS6fOAhRK_Mj6T-1_L09MJBxlh2zWwP6hFem7_xhtOrbq5E9Yvh0orIxejgjOYU1aFrHJwMrtSgdYF1mLMnLhoVX5pXnLALtS2R0TijlsCSikmS79PDhD9NSWrYTlnadyD7TfmHrFGgKwJG3lYR5ixXXr8oPgthJRLgZ3lPLtopcbYFGiPakDpCXPIjiFSLuPote5U2agskteqD1oXzpie17JgRd1EU8IjVuTGJQ7kS3QcInuC5MdD4jW8afQUYFc2mtADph-HYiWY18l_L4-5CWYRkGhDiGPblm6ZfUkL6A1nj2MSs-rieWW1NpMiSf27N3MrfPYiTKAhRAt2MRszyvYa5oPlRP_l2bGi3YbR-grDVJpcuBTbgiEsookRmY_K4-MYl4JwdJVOr265a-uWsGySkH96jBYQK7Wi3zuaqAu5vQkxDagQbJn0W-8RGaarzcUu9wKfGJjxk6gFN5zEhLi3xILdBfY5MtwgtoUg09Rs7TaYniM2_TKzFDRYNEvkMahG4JsPKiM8aRAF5aYF5BreH9Yqba7qYFHF10ASuv8HHVWPvontZN82AtBg-seuvaMd2NtmQHt4BJeFPiF9_FBd7AahLuQomoPsLCXBPNT6XyAFE43ajLFCQCzu8pS3MSdZmE3g6ZzNnZV6IBW6r6yOeTCcZfkl-a3WznHWGkCqfezR_m_9Q15tw0t6OPqeGhRIMGilhSh8DtN-M_ZR1zxVEC2yfd6q-wK4bD0TMFlghEwOhQlo2FtMedWHrSL6e4zLUYkt_dq8xI&cid=CAQSnwEAwksa0SoKaN5yXj1dZQjbPtlhTYQ2b00eoHgMzmmKDnwkI7ZP8Hm9ORkxbm5mS5FPN7349Cb_4VQSv-WaBpeRGVTp_uh-aTuGsEfCHviK_DbRaBVpB-DKN77JH1pIKWTV_J6wInPHRjxA9oXhNhy_rxit5A5vOPsElq52eARL3ueyOOH7lvbuUFdlgWxBf__vRK3pTA0BVyzof3uH9Z4YAQ&dv3_ver=m202509090101&nel=1&rfl=https%3A%2F%2Fklook.pupupdate.com%2F&ds=l&xdt=1&ct=119&iif=1&cor=8843801923944061952&adk=3690638928&idt=25&cac=1&dtd=62

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

5200be3b4b176c7261265cf054274ea69fc60a845b1a7ad6526f39800a42c9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 3556294197315566109
age: 62342
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 13:59:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 09 Oct 2025 13:59:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 4400
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/ Frame BAE0 29 KB
0 27ms
26ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20251009/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

85581df61d5a1dd5bd4262eb26e836283a26bf7e72477538f1ab619ab61ac5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/

Response headers

content-encoding: br
etag: 2256618141468367123
age: 62342
x-content-type-options: nosniff
expires: Thu, 23 Oct 2025 13:59:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 09 Oct 2025 13:59:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 11030
x-xss-protection: 0
server: cafe

GET Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BAE0 0
0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8764 1 KB
0 0ms
0ms Document
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

age: 42820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 812
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Oct 2025 19:25:02 GMT
etag: 9725182468138058862
expires: Fri, 10 Oct 2025 19:25:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4TPmj5BnDZ3wxixzwFRKSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG4_GzRcTaBF29ubWVUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGANvwKnQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4TPmj5BnDZ3wxixzwFRKSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fF3NozxUGl9vMIDo3Mflwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG4_GzRcTaBG-tWb2VUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGAL2dKgQ"
content-security-policy: script-src 'report-sample' 'nonce-fF3NozxUGl9vMIDo3Mflwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxU35YETUtMPbHSm5ZCj5IiE3MwE_kJ8LwQ3wFz50O2Q7DP5YBvDB2kL7QtcatofL5PNLMcSD2sNQ43GOEAjDz6J-2HCWZc3dVrK7Yi8ATB7uV81PDfHyufJ4G5uTTPhK45Q2L-FQw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 60ms
58ms Script
application/javascript 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU35YETUtMPbHSm5ZCj5IiE3MwE_kJ8LwQ3wFz50O2Q7DP5YBvDB2kL7QtcatofL5PNLMcSD2sNQ43GOEAjDz6J-2HCWZc3dVrK7Yi8ATB7uV81PDfHyufJ4G5uTTPhK45Q2L-FQw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYwMDgwNzIzLDM0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9rbG9vay5wdXB1cGRhdGUuY29tLyIsbnVsbCxbWzgsIjJMUzJxcHUtUTBvIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdLFsyOSwiZmFsc2UiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

9c3c0bdf403436a452378feb161304d25c9a5281e18ff488dc5ad8bbc982707a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8g7uPiuHHQkOi05bs-qirQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1pBiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhXg4Lj9bdJxNYMaRhl2MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRqaGBgYWegYm8QUGAPkrNvs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-8g7uPiuHHQkOi05bs-qirQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET setuid
px.ads.linkedin.com/ Frame 8764 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8764
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOHtXfTfg9B34At3mtIJwis&google_cver=1&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsu...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mb3ujnQHQi4vSZTDy-jQxA&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsucOQuwfsamcoZbA

170 B
188 B

45ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mb3ujnQHQi4vSZTDy-jQxA&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsucOQuwfsamcoZbA

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:46 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=mb3ujnQHQi4vSZTDy-jQxA&google_push=AXcoOmSEhyTwWzFHSSDWfU7Tgoopg145pewNCk4-fXvjETe57zqigfYC8pzFqTceDsAauN-f0bOQk_51od1yXfsucOQuwfsamcoZbA
x-host: tde-deliveryengine-production-b8cdf65f5-f7hvx
via: 1.1 google
x-engine-version: 0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
date: Fri, 10 Oct 2025 07:18:46 GMT
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8764
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_cver=1&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p...
https://b1sync.outbrain.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH8sM5TC0BOpDEs3H9nyFTw&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&google_hm=NmYzMmQyMzgtZjljNy00...

170 B
188 B

44ms
44ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&google_hm=NmYzMmQyMzgtZjljNy00NjViLThjNzktN2VlZWI3ZjZmMmRh

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSV73ew4SBQq6pLdiLBORvWTehrlL4YJeFJhHwPckac5X1R9faTJwvGRW6ZichNr2VAfvr9w4YsyyX9p38ghUFzYA3pboU9&google_hm=NmYzMmQyMzgtZjljNy00NjViLThjNzktN2VlZWI3ZjZmMmRh
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="We do not support P3P header."
content-length: 256
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8764
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_cver=1&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB...
https://b1sync.outbrain.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYi...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESENfPqqXYVUa93vBhjdJvB_k&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&google_hm=Njk5N2VhNjItO...

170 B
188 B

46ms
45ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&google_hm=Njk5N2VhNjItODY0NS00ZWEwLWIzODQtNzdkZTBmMTYwYzli

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmT1Cat_deniwLhEVzm_yuZO3_OlnKjnSuR_x0or7Q7P31Xig_APemzUYYHkEvwEqIQdIHYiB0P9Ib_EHmiCgG_cP-xWojoZNuE&google_hm=Njk5N2VhNjItODY0NS00ZWEwLWIzODQtNzdkZTBmMTYwYzli
pragma: no-cache
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: CP="We do not support P3P header."
content-length: 263
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8

GET
H2

200

report
sync.teads.tv/um/ Frame 8764
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDdmWUmFSkXM...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWM5MjMwODYtYjJmZS00NWNiLTk4MDEtM2NhYzU2Nzk4MmYz&google_push=AXcoOmR_5iuSfFFCWyEtGGmmU632EoS7hhR2cHNs3WM6HZQ8lZb734LFX8aQwk3KAeo1M...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
91 B

27ms
26ms

Image
image/gif

151.101.2.132
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol: H2
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: pekko-http/1.1.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

x-user-geo: US-EAST-1
cache-control: max-age=0, no-cache, no-store
x-timer: S1760080725.543950,VS0,VE15
x-check-cacheable: NO
via: 1.1 varnish
accept-ranges: bytes
x-cache: MISS
content-length: 23
date: Fri, 10 Oct 2025 07:18:44 GMT
content-type: image/gif
x-served-by: cache-yul1970037-YUL
server: pekko-http/1.1.0
x-cache-hits: 0
traffic-path: NVADC2, YUL, USA

Redirect headers

cache-control: no-cache, must-revalidate
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
date: Fri, 10 Oct 2025 07:18:44 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8764
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEO8Ix66chT77fDg1-M9OWF4&google_cver=1&google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4...
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4mbwa7RcyI&google_nid=whaleco_services_llc

170 B
188 B

44ms
43ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4mbwa7RcyI&google_nid=whaleco_services_llc

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000
yak-timeinfo: 1760080723747|4
location: https://cm.g.doubleclick.net/pixel?google_push=AXcoOmRpSTMLVgS_8FsIp9VUG3QgHV64tLt7wMYVaU7uORQa0mfL_vmPBTYq9oAkOWAlV2F-BvK8DgWVpJGR5AXBie_Ce4mbwa7RcyI&google_nid=whaleco_services_llc
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
x-gateway-request-id: 1760080723747-00006182247787200000000009432411-20
cip: 37.120.237.158
alt-svc: h3=":443"; ma=604800
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
server: nginx

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8764
Redirect Chain

https://www.temu.com/api/adx/cm/pixel-google?google_gid=CAESEO8Ix66chT77fDg1-M9OWF4&google_cver=1&google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Sr...
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Srb8Y9BbHbpRnOZke4&google_nid=temu_dsp2_

170 B
188 B

45ms
45ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Srb8Y9BbHbpRnOZke4&google_nid=temu_dsp2_

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

strict-transport-security: max-age=31536000
yak-timeinfo: 1760080723743|6
location: https://cm.g.doubleclick.net/pixel?google_push=AXcoOmQ4OYNkgu_YCjAvQdR6Qnluc5Lsot0tT21Og7AmtbEc5BBIGzVudjK80VG7Xvgzc9WkvmlI_Hr165xm2Srb8Y9BbHbpRnOZke4&google_nid=temu_dsp2_
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
x-gateway-request-id: 1760080723743-00002564803810540000000008673021-20
cip: 37.120.237.158
alt-svc: h3=":443"; ma=604800
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
server: nginx

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8764 0
40 B 45ms
41ms Image
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxVjZNdAWZMOIZZg1EUr_kxL1SwFxHvtxbF3R7D4vW_QXbaTTOTclZNEwgr70YkIWdKW36dNa9Sg

Requested by

Host: c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
URL: https://c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://pagead2.googlesyndication.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 10 Oct 2025 07:18:43 GMT
x-xss-protection: 0
content-type: text/html
server: HTTP server (unknown)

POST
H3 204 AGSKWxUGJU7ZoEi5MBb5XGsirJf_RHqny3j3tDIx_uqwepSX0lSscdimn-Up8PyIR9V7fwbzLJU6yhhsL_c_Kda04bCiw0AVIcCawpbshk-_IH8rePWG6CIDrZgjCKNyiOprCp-0JuaIrw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 142.250.80.110
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUGJU7ZoEi5MBb5XGsirJf_RHqny3j3tDIx_uqwepSX0lSscdimn-Up8PyIR9V7fwbzLJU6yhhsL_c_Kda04bCiw0AVIcCawpbshk-_IH8rePWG6CIDrZgjCKNyiOprCp-0JuaIrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zJzJXJYeMot-xVmo14BZtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG4_GzRcTaBGWeXXWNUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGALQ-Ke4"
content-security-policy: script-src 'report-sample' 'nonce-zJzJXJYeMot-xVmo14BZtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUOXnLUh1-o7-w_RMof-dp9vUBKTarIGObbAVDG7aDKPSkL6pUCKpXWyAYp2wkXXEHQmtjW6Dp6kM79sHlJh_7unOwpeJN0l0vIQIJ4oVvZvVjlaiISdcD1fSI5lKQcLcOLK0sC9Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BqrwGIEoxAFb2wDdqq3XvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain
Referer: https://klook.pupupdate.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:43 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uG4_GzRcTaBF7un3WdUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGAMOSKiM"
content-security-policy: script-src 'report-sample' 'nonce-BqrwGIEoxAFb2wDdqq3XvA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://klook.pupupdate.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 44ms
41ms Fetch
text/plain 216.239.36.178
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HET379S9GW&gtm=45je5a80v9222971190z89222901201za200zb9222901201zd9222901201&_p=1760080720359&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&cid=94060458.1760080721&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAAQ&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115834636~115834638~115868795~115868797&sid=1760080721&sct=1&seg=0&dl=https%3A%2F%2Fklook.pupupdate.com%2F&dt=pupupdate-%E0%B8%95%E0%B8%B1%E0%B8%A7%E0%B8%8A%E0%B9%88%E0%B8%A7%E0%B8%A2%E0%B8%84%E0%B9%89%E0%B8%99%E0%B8%AB%E0%B8%B2%E0%B8%84%E0%B8%B9%E0%B8%9B%E0%B8%AD%E0%B8%87%E0%B8%87%E0%B9%88%E0%B8%B2%E0%B8%A2%20%E0%B9%86%20-%20%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%AB%E0%B8%A2%E0%B8%B1%E0%B8%94%E0%B8%81%E0%B8%B1%E0%B8%9A%E0%B9%81%E0%B8%9A%E0%B8%A3%E0%B8%99%E0%B8%94%E0%B9%8C%E0%B8%8A%E0%B8%B1%E0%B9%89%E0%B8%99%E0%B8%99%E0%B8%B3&_s=2&tfd=7323
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HET379S9GW&cx=c&gtm=4e5a80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://klook.pupupdate.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:102:0
report-to: {"group":"ascnsrsggc:102:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:102:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://klook.pupupdate.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:102:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Oct 2025 07:18:46 GMT
content-type: text/plain
server: Golfe2

GET sodar
ep1.adtrafficquality.google/getconfig/ 0
0

GET
H2 200 favicon.ico
klook.pupupdate.com/ 955 B
1 KB 842ms
841ms Other
image/vnd.microsoft.icon 104.18.8.197
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://klook.pupupdate.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.8.197 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a74e2fb9ad31351ab5ef4c88e7bbf806dc13052f2185f470d7d3aebc1a9eb9

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer: https://klook.pupupdate.com/

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5841b856e65df7a26a8f950a5fcd6e20"
cf-ray: 98c4587fe9b6a269-YUL
expires: Fri, 10 Oct 2025 11:18:47 GMT
date: Fri, 10 Oct 2025 07:18:47 GMT
content-type: image/vnd.microsoft.icon
last-modified: Wed, 17 Sep 2025 07:49:22 GMT
vary: Accept-Encoding
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics-ipv6.tiktokw.us
URL: https://analytics-ipv6.tiktokw.us/ipv6/enrich_ipv6

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/load_preloaded_resource_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/abg_lite_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/qs_click_protection_fy2021.js

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQt-mBR7XykpTh4pMTRpG7ckW0LFrkNavKd0Nv6wGOYNpT9MSTsJRQA6IjYfwd7TvTLH0CWIgYJpsPRk9zxJTkryHqydA

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/8600616443092576230/14763004658117789537

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/4242810531678970802/14763004658117789537?w=300&h=300&tw=1&q=75

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/qs_click_protection_fy2021.js

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD6qympALKxZobKz6hSr6Ko-eQrXG7Zi_smhhzXxBKLk7_sMLzNmPIwLWNSOGw75JNkvglcD2wRgsnd2v6mpHXqSChSA

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_tr&google_gid=CAESEJGqCAu1IRTwcOiO3UX5Yv4&google_cver=1&google_push=AXcoOmTSEucHvQuUAsuMMzpqRud9oEBu_4xGVX0fv4L4SpLidOB-sbleDxOEGvfZzcmuRgQYW4Br8mX5Ueg_DYxrQUvk3vorfNmD

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}&gdpr=0

Domain: a2.adform.net
URL: https://a2.adform.net/adfserve/?bn=82220151;1x1inv=1;srctype=3;ord=[timestamp]

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/window_focus_fy2021.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20251009/r20110914/client/qs_click_protection_fy2021.js

Domain: www.google.com
URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqIvayhh2vljPA4kNe0ZmyQQXuXCmx5zKoPd44kEcSXfkeG2mpng5edLxye0xTx1Zz0mHb68MxL0V1CLldmwKh5MGFHQ

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_287.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESECifpXhJvzwfedMjJJGUElo&google_cver=1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}&gdpr=0

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDqF9_bI1XaFKxJ6d2e1SaA&google_cver=1&google_push=AXcoOmRLh5KCdHsa_xds2O61R3r1gCIkfVQLz5Y3bFMAmPTzrqsZAyNZVDElA8ros6lkZoQUQ3ljYx4GXZPUzmv5c_vUpXfambp5Kg

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESELHD54FtSSzmvA8A35QnDDs&google_cver=1&google_push=AXcoOmSZJf0gWk8G_gQHaRLlDgk0J8tHp4e_K7cb3hYPxvPNyqa_TsJot4ivInK66eHYxctLf3YuXtZWa-KLZpkhqvDlcFyHFMBnUA

Domain: dsp.adkernel.com
URL: https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.voisetech.com%2Fsync%3Fexchange%3D1215%26google_gid%3DCAESEKkH-elUNx56Nwomo6mW5Nc%26google_cver%3D1%26google_push%3DAXcoOmQubMoTW0fWpd_pft0HE4ZSCb6cbBMUV3KlxFywiMuNJDdZ0Ab8l96M-BihS7WKzmTy97JRLLxmKVCurRdCdsEGdrWYqY72xcs

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_281.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEE3zV-CNuqReHQi1mTw6sSA&google_cver=1&google_push=AXcoOmT39hTA7-DL3R53g-BBhEcYQMVaQ-14dMLsmEiqBCku7dRU-DwB1e3t3mXcUeJh3NksMhpK0f9Drpb2f8RXVfAVdgqaJkAEXA

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20251009&st=env&sjk=3353611330818587

Verdicts & Comments Add Verdict or Comment

81 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pupupdate.com/	1970-01-21 18:30:40	Name: _ga Value: GA1.1.94060458.1760080721
.tiktok.com/	1970-01-21 18:16:16	Name: _ttp Value: 33rgh9CMrMYV27SDb5dFoaGRIkj
.pupupdate.com/	1970-01-21 18:16:16	Name: _tt_enable_cookie Value: 1
.pupupdate.com/	1970-01-21 18:16:16	Name: _ttp Value: 01K76FRYGAXK8734HE2MMBTT7A_.tt.1
.pupupdate.com/	1970-01-21 18:16:16	Name: ttcsid Value: 1760080722447::iCdmsuD7DHMQ-dVgR_tK.1.1760080722679.0
.pupupdate.com/	1970-01-21 18:16:16	Name: ttcsid_D2M36LRC77U9PLHER7V0 Value: 1760080722446::FivJpnp_ESZ2W4XUJosm.1.1760080722679.0
.doubleclick.net/	1970-01-21 18:30:40	Name: IDE Value: AHWqTUl-QKujF2VJVuRfsho5iw4mRkxVvccBMnrJFTjYs8yt6WINRWjGC09uBzdrBes
.pupupdate.com/	1970-01-21 18:16:16	Name: __gads Value: ID=45e13ab0601c3cc4:T=1760080722:RT=1760080722:S=ALNI_MZE_uueYrVDBm0wM8EzuKmsfz2h5g
.pupupdate.com/	1970-01-21 18:16:16	Name: __gpi Value: UID=000012a26d1d6871:T=1760080722:RT=1760080722:S=ALNI_MZH_24KI7-C4eg8dd-bNnGndrO_NQ
.pupupdate.com/	1970-01-21 13:13:52	Name: __eoi Value: ID=4231b1a6cc877ecf:T=1760080722:RT=1760080722:S=AA-AfjZhwN3fl99SM1uGYBwLigdv
.pupupdate.com/	1970-01-21 18:30:40	Name: _ga_HET379S9GW Value: GS2.1.s1760080721$o1$g0$t1760080723$j58$l0$h0
.doubleclick.net/	1970-01-21 13:13:52	Name: APC Value: AfxxVi5W7x7GIj_yypHomUuaS06liqDti_AtPVnaYnB7VgSBM3cP4w
.doubleclick.net/	1970-01-21 13:13:52	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 17:40:16	Name: CMID Value: aOizU9HM6xgAIWPHAd9f4wAA
.casalemedia.com/	1970-01-21 11:04:16	Name: CMPS Value: 6001
.casalemedia.com/	1970-01-21 11:04:16	Name: CMPRO Value: 6001
.adsrvr.org/	1970-01-21 17:40:16	Name: TDID Value: 463930e9-a297-4aa9-af7e-e710080a234d
.adsrvr.org/	1970-01-21 17:40:16	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI3tu17ej1wz4QBRgFIAEoAjILCKjO75n_9cM-EAU4AQ..
.pupupdate.com/	1970-01-21 17:40:16	Name: FCNEC Value: %5B%5B%22AKsRol9T5Oddt13zHuR7i5hg0mjZ4VIS1h-gWl-4NxnPENdHSo8TtbKFoA246vA0MEmakelI1yRq1ET66b_fl0r2wgMORvY5VUoJ8X2NhxRzaxA8Yp-uPISsWBXeGa7aPs2h9NvWAUNa5jq37p8PuoyuEj3u638qRA%3D%3D%22%5D%5D
.zemanta.com/	1970-01-21 11:04:16	Name: zuid Value: KsHXCjdjJtHV5S8DnkXO
.outbrain.com/	1970-01-21 11:04:16	Name: obuid Value: 6997ea62-8645-4ea0-b384-77de0f160c9b
.dotomi.com/	1970-01-21 08:54:40	Name: DotomiTest Value: 1320408852036785059
.360yield.com/	1970-01-21 11:04:16	Name: tuuid Value: e8f28293-a823-42b1-ac70-9a378bdaa4d8
.360yield.com/	1970-01-21 11:04:16	Name: tuuid_lu Value: 1760080723
.rtbscale.com/	1970-01-21 17:40:16	Name: UID Value: OPU74ff560471914b40a9746f2efebff227
.contextweb.com/	1970-01-21 17:33:04	Name: V Value: PxGn5TJsWwRo
.contextweb.com/	1970-01-21 17:33:04	Name: VP Value: part_PxGn5TJsWwRo
.contextweb.com/	1970-01-21 17:40:16	Name: pb_rtb_ev Value: 3-20ve\|7Bj.0.CAESEArEYWl6f7Owou9UN_j-t0Q
.contextweb.com/	1970-01-21 17:40:16	Name: pb_rtb_ev_part Value: 3-20ve\|7Bj.0.CAESEArEYWl6f7Owou9UN_j-t0Q
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 2b4406af89938cc7
.teads.tv/	1970-01-21 17:38:50	Name: tt_viewer Value: 5c923086-b2fe-45cb-9801-3cac567982f3
.smartadserver.com/	1970-01-21 11:04:16	Name: pid Value: 4834748963948648040
.travelaudience.com/	1970-01-21 18:24:55	Name: _tracker Value: %7B%22UUID%22%3A%22B8CFA1C3-5318-495A-200E-A9F22149A2B7%22%7D
.mathtag.com/	1970-01-21 09:37:52	Name: mt_mop Value: 4:1760080726
.mathtag.com/	1970-01-21 18:20:35	Name: uuid Value: a00568e8-b356-4900-a849-e197f59af5b7

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://klook.pupupdate.com/ Message: Attestation check for Protected Audience on https://securepubads.g.doubleclick.net failed.
other	error	URL: https://klook.pupupdate.com/ Message: Attestation check for Protected Audience on https://securepubads.g.doubleclick.net failed.
other	error	URL: https://klook.pupupdate.com/ Message: Attestation check for Protected Audience on https://securepubads.g.doubleclick.net failed.
other	error	URL: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Message: Attestation check for Shared Storage on https://securepubads.g.doubleclick.net failed.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
ads.travelaudience.com
analytics-ipv6.tiktokw.us
analytics.tiktok.com
asserts.blazedragon.top
b1sync.outbrain.com
b1sync.zemanta.com
bh.contextweb.com
c07dbfa54df98d737193b6cb087b8cd4.safeframe.googlesyndication.com
cm.g.doubleclick.net
creativecdn.com
csync.loopme.me
dclk-match.dotomi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
ep1.adtrafficquality.google
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
klook.pupupdate.com
match.360yield.com
match.adsrvr.org
pagead2.googlesyndication.com
px.ads.linkedin.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
sync.mathtag.com
sync.teads.tv
t.rtbscale.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.temu.com
a2.adform.net
analytics-ipv6.tiktokw.us
creativecdn.com
csync.loopme.me
dsp.adkernel.com
ep1.adtrafficquality.google
fonts.googleapis.com
ib.adnxs.com
image6.pubmatic.com
px.ads.linkedin.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
104.18.13.135
104.18.27.193
104.18.8.197
107.167.123.122
142.250.65.168
142.250.65.226
142.250.65.227
142.250.80.110
142.250.80.34
142.250.81.225
142.251.35.162
142.251.40.162
151.101.2.132
159.127.42.76
20.33.69.37
216.200.232.253
216.239.36.178
23.44.111.32
23.83.76.39
3.33.220.150
35.190.0.66
50.31.142.159
50.31.142.31
52.207.82.34
74.214.194.131
06fb908ae0461cd9105a5f7540fc565bbcdcd71cb6a00fda52ce3a2a9c8d922b
0b6f8c513e9d544ffff70788ed1fbce50ddba16e52c265dc9aca46f325b6974a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd904b7e7200966e3c9d4e7fa4d4dc4362ac19355d7c09dbf0a3a92c2281552
0d514c801a7c7efc24579a5ed8ec5d11299fbe16409158034b54cda27e7d7d5f
202a9972ab2ea6b45e307fd7b7424fac0b51050e4090be94d38a4b42ed55145c
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
273b6586fb85861b4bab48102a5e857ea6e9aaa76449344f0d3ab7b86ad3b7ca
2956bbf86ee485650f0288da7a716b5325ffa3c88ea21509bd79a3f9860eda85
2ca536de02887f28690810e2240c95a7c089a7e1a1387e796bced8d9b5a120ba
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3367e5a79c62de6fc1fc9cf80c4c520cd5b6c80a17d49c4685dc6817cf407d97
36b5d2a97c3907b7059ad6f777dd923b7f772cfcb6f2624966be96dc07fb4d54
4374ecadadac5aee246663119fd08f568a9ec21db90bcee2033f0e7fb6e4c099
43cf5189a28b1f8a8766752aaacf0887dfc1c6dc8ee9ef69a9004f00bf5438f5
46058f5fbbe980f90d8871e5ea4ebe42312314af64d68fdff1ba6df0d6cb6259
4783123a22714db2d0d212ee12d88d42f9a8c4f2bc1e73326f42a274ad9cada0
48429c94cea0f23fe9c00d8a735dbd8e08bfbc51299ece7563887410e6723baf
4c36b06a89cf4c1c780d6e4b5c6c87f7508ba5cf002c769a486e33acd45b5383
4cab7abeb333b9241b71a3b266aa748744e9c164c4a906afa3f96604766a00d7
4cfac5fe1b8e2bae6077af193bda02f59fe7087cd23b653b8966b165ab10d87e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ff365c3381f9585a8210fa6e5cdcb1b40900475b25fc2961412577a316ebeb6
50f5d62c2abb4dbe60290d951106d309828ab799c35a808ad5ba37f8fe242c9d
5126c5a35165e0122f709da0d48861d3769195c49d73ef8c24c0ff887a27746f
5200be3b4b176c7261265cf054274ea69fc60a845b1a7ad6526f39800a42c9c1
526b1c70bab33ebd9f245b5bf5d2b485a3a6df8607f09ebe94704421f20730f9
54d513444b65704c948fffeba8a2c3e43380d133ccb56c6bbd407fe1aead653d
57a150bc30e62c41bd01eed00e8d285864a776ab2fdb6eb67a6b3dc5a5ed9226
5ba156a23660425fe40b9b9cee86b44ed31e730cdf53fd4bba02d7b562359e1e
5ba2e90b9ce058598dc103085037b90b68e092b55872372a59f0f1bc623a9abb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e1940584bd39bb260c2dc49aeaaa2bc607da425703c9b3e644d52a418ae803d
5e2fb13fa7e4158cd2fc32ac83803d4fde7c96572fa8c6bba8b7b7f804201c9a
5e94c49bf40e237af759eadba6dc2dc0a7a3433ce586b20445a0c7bc0d04048e
6220b39721cc217972f14cf71f82dc6a9cb1e052c5c3e1a4174072db425126e1
62ca54b6a7f69631047682afa385412a92a1401d7e2fb32e5e825c2b14524adb
640affb3de912c7db48374dfb69f8aab2924d1f7566e9d3d390045174e29df4d
68e470d4546cc5bd1fe9783c978344f538f865a6617147eaa3891a5350b0feb9
6b8b19382246140523bb937f90233d44774e03f081be112fc89ad1cf6971f88b
6d27d58a1ac40dd971a0bac4aae743d9d5bcd48979fdd2c4d542a6fa634da591
70938d6b035831cb72d1b5d4bdb63e19a732e5fe2205313f6c583e00f4c374f2
70bb73e83ee406be5ea8f01976aa7868e1923af53bb2c8df5eae76583ab4e959
728264aa9f69af8cd94cb65d6b5ad819dab20a61136ebde783888dd26171727c
7768ec8cec31b661e2dcb8ddd420690176014fa28c6ae9c53ab465299fd078fc
793c69dc60074ce8728bcc08ffa52ca6dd20a5189eb96cc6a4a0dcd41b430f2a
796853dfdf309d4168ad969d0b915ef4e10e78dd18ffaf070b198b93df6ff62d
7aac78446a6f25ffc83eb15762defdafb13b86b21fd75da4bc12aff935f16836
7d2475135b324350eeb99a231fc176d78227cd1319fb55768130f4e68b776fc7
85581df61d5a1dd5bd4262eb26e836283a26bf7e72477538f1ab619ab61ac5ab
86c431f097deec83cd5184720786d5e89569867071331ef4e30c116cac915cbf
86f4d40f3a8ccf4fac24040b776e18c2eee67df5c374e24aa029e47b8f6d4bf2
89e19a3c2a4b63baefcadc65f0f61c3b4aac3f30f8ca8eb63829565369b05252
8c04e118bdd5757192be2a1eb360786f9fa1c4b398806430b7f41f203f64d8e6
8cb6ae09514b67be1a20289243c8587c8411009d4ee4a79596a11c9fd9d4e9cd
8efcc83d42be8a685964abf10c364bebdb9a52925883990e35d1dc03525427d3
8fdffa5eb0b48fc1905798aa59fc2f7797ab0b8834a50c379c52a158acc9ab08
90b41f6a8932d1a3eeadcf3b57b5051fb2a39ee38860dd5efdb494cd4024790c
9255c823c60deaafa0b16ecfcdcb827e2454435feee6dede697859996bc9139d
94447f64ef2be26f48b58ebb9a56f3cfe66c3a9bab1379f14c238e062f038b4c
99ec7ccb40cf143f977c893649deece6cc2dcc7c0ff82ebf84b6584090f207ea
9c3c0bdf403436a452378feb161304d25c9a5281e18ff488dc5ad8bbc982707a
a0f4205bce5692989281f776e30ff6ff7cb3a48edab540333793a4ed279c5564
a47bb7f59ea39c8c03582e0f2885a7f1e24d8429e2e916c4a797e2ad2dd41b9b
a5e9c735c27a326a3d4de0313aaf9af6c0ddc31c325c064dd153a0d5efcfbb31
a9244d84b3aff31d49e99a3c13e32fcd6ac4a7647ec877b9132fbae335030554
b04991518562c6e9d9c121b56d8dae3c7bd3ae8a416f4f056830057f545d2c8e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b57d9a36a02d5f00f1cc3962185489f02aced9c839bcca95e48ee1754d4edc0f
bb28c1c9aa28cf860f875bca542d30f80c4bd762744c3ae0cb5c910c57400c10
bd0a52274f3532693940b9d2a37f9c59ab3df4fffc7fa2fee9b302095e768243
bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2
bf328299ca81cb2e2c7b386e67f713a6cc7180ae51307f699d934381766675df
c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61
ca6afe1db2d463a9164f4602d5fed101c522728fd0f46ffe727d41b1dedf3d3c
cd208c4a129484b38cfd5b378bfaf8c103c963a0174383afc47a847a71a5ed41
d1a74e2fb9ad31351ab5ef4c88e7bbf806dc13052f2185f470d7d3aebc1a9eb9
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
dd71ffcbbce50d3a7cd8740629cfc2d9e4c87647f1b714eef47ab296065bb6c7
ddae78037ba523b9d51d2c8bf611cc8e0f0f5dda059df02b4cee724f1a1eacbc
ddf767793253962f56cce514864d81c33f723435b6d886eb7e6d885bd79b72e4
e2d85b321d726855464893a422777fc7273531ed2f10ee10a35b91483d7cce93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7249fd416223f245a5db21c212d9feb16b9de7d24d9f4d28cabb7a62150f2e6
e781f36a395624f6b5427c9afce89722a6b357174b8f59acfb79fa6d4bb0985d
ea826303d0ef602c1140b5c06b790c184a9e22ba26d3cd9030e70b334915b052
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01b82daeb7f9668082e10f62b4bb8efe99d7bdf6e6765083f0fa2858b77d26f
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f561afae72877798a8f7484e37b54f2743f96d8beb311128f036dadfb8c06fb1
f7b6ac4392c7e225a2ea3b4374f2401d66da16e27f178b2df9f2a230f782c1c4
fc0986bb925835c6e30882859a6470b8fae234c2536a7599b7438de42b8cc98a
fcbdf189c6888a88a137e66ed8df7e4efa77c0658bb4e22d29198ca4c34f2926

klook.pupupdate.com Open in urlscan Pro 104.18.8.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

70 %HTTPS

0 %IPv6

33 Domains

38 Subdomains

15 IPs

2 Countries

3756 kBTransfer

7933 kBSize

35 Cookies

9 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

klook.pupupdate.com Open in urlscan Pro
104.18.8.197 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

70 %
HTTPS

0 %
IPv6

33
Domains

38
Subdomains

15
IPs

2
Countries

3756 kB
Transfer

7933 kB
Size

35
Cookies

173 HTTP transactions
0 data transactions